From 02b715513ddf86d55e0747f7ee8e8aac301679f6 Mon Sep 17 00:00:00 2001
From: Lionel Gauthier <lionel.gauthier@eurecom.fr>
Date: Thu, 30 Apr 2015 09:19:45 +0000
Subject: [PATCH] Sebastian Held
 patches15/0014-memory-corruption-uninitialized-variable.patch

git-svn-id: http://svn.eurecom.fr/openair4G/trunk@7316 818b1a75-f10b-46b9-bf7c-635c3b92a50f
---
 openair2/RRC/LITE/L2_interface.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/openair2/RRC/LITE/L2_interface.c b/openair2/RRC/LITE/L2_interface.c
index 97ed050c2ff..b96142cdea5 100644
--- a/openair2/RRC/LITE/L2_interface.c
+++ b/openair2/RRC/LITE/L2_interface.c
@@ -457,6 +457,8 @@ mac_rrc_lite_data_ind(
       if (sdu_lenP > msg_sdu_size) {
         LOG_E(RRC, "SDU larger than CCCH SDU buffer size (%d, %d)", sdu_lenP, msg_sdu_size);
         sdu_size = msg_sdu_size;
+      } else {
+        sdu_size = sdu_lenP;
       }
 
       message_p = itti_alloc_new_message (TASK_MAC_ENB, RRC_MAC_CCCH_DATA_IND);
@@ -464,7 +466,7 @@ mac_rrc_lite_data_ind(
       RRC_MAC_CCCH_DATA_IND (message_p).rnti  = rntiP;
       RRC_MAC_CCCH_DATA_IND (message_p).sdu_size = sdu_size;
       memset (RRC_MAC_CCCH_DATA_IND (message_p).sdu, 0, sizeof(RRC_MAC_CCCH_DATA_IND (message_p).sdu));
-      memcpy (RRC_MAC_CCCH_DATA_IND (message_p).sdu, sduP, sdu_lenP);
+      memcpy (RRC_MAC_CCCH_DATA_IND (message_p).sdu, sduP, sdu_size);
       itti_send_msg_to_task (TASK_RRC_ENB, ctxt.instance, message_p);
     }
 #else
-- 
GitLab