Osmocom Open Build Service

We truncated the diff of some files because they were too big. If you want to see the full diff for every file, click here.

Changes of Revision 559

commit_531e301f4de5ecc294223393fc19d2a995b92379.txt Deleted

commit_92515a9721b1fe60e347ecc153ead44d335d3dd3.txt Added

open5gs_2.7.2.4565.531e.dsc -> open5gs_2.7.2.4566.9251.dsc Changed

@@ -2,7 +2,7 @@
 Source: open5gs
 Binary: open5gs-common, open5gs-mme, open5gs-sgwc, open5gs-smf, open5gs-amf, open5gs-sgwu, open5gs-upf, open5gs-hss, open5gs-pcrf, open5gs-nrf, open5gs-scp, open5gs-sepp, open5gs-ausf, open5gs-udm, open5gs-pcf, open5gs-nssf, open5gs-bsf, open5gs-udr, open5gs, open5gs-dbg
 Architecture: any
-Version: 2.7.2.4565.531e
+Version: 2.7.2.4566.9251
 Maintainer: Harald Welte <laforge@gnumonks.org>
 Uploaders: Sukchan Lee <acetcom@gmail.com>
 Homepage: https://open5gs.org
@@ -32,8 +32,8 @@
  open5gs-udr deb net optional arch=any
  open5gs-upf deb net optional arch=any
 Checksums-Sha1:
- 9efebd4f13cc239facf5e22fd45ea9df3d749e27 14513204 open5gs_2.7.2.4565.531e.tar.xz
+ c47a73ae6b42f7919124e5f82fc11e07e5fde6b3 14512112 open5gs_2.7.2.4566.9251.tar.xz
 Checksums-Sha256:
- c425f50181f6cef56bdf6ef94c2a2d27367deae31aaea6a1f72ce4df747d2060 14513204 open5gs_2.7.2.4565.531e.tar.xz
+ 203614e20d765526ee2b15e3bd5d6c52ced5b55a7d50336b6cbbf0e8c078a9f9 14512112 open5gs_2.7.2.4566.9251.tar.xz
 Files:
- e669277a5edd34ebb44c1040027395de 14513204 open5gs_2.7.2.4565.531e.tar.xz
+ 986b58927931359888f7600ead476ecf 14512112 open5gs_2.7.2.4566.9251.tar.xz

open5gs_2.7.2.4565.531e.tar.xz/.tarball-version -> open5gs_2.7.2.4566.9251.tar.xz/.tarball-version Changed

open5gs_2.7.2.4565.531e.tar.xz/debian/changelog -> open5gs_2.7.2.4566.9251.tar.xz/debian/changelog Changed

open5gs_2.7.2.4565.531e.tar.xz/lib/nas/5gs/ies.c -> open5gs_2.7.2.4566.9251.tar.xz/lib/nas/5gs/ies.c Changed

@@ -28,7 +28,7 @@
 /*******************************************************************************
  * This file had been created by nas-message.py script v0.2.0
  * Please do not modify this file but regenerate it via script.
- * Created on: 2024-01-21 18:47:47.812038 by acetcom
+ * Created on: 2024-12-11 21:13:08.097860 by acetcom
  * from 24501-h90.docx
  ******************************************************************************/
 
@@ -48,7 +48,14 @@
 int ogs_nas_5gs_decode_additional_information(ogs_nas_additional_information_t *additional_information, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_additional_information_t *source = (ogs_nas_additional_information_t *)pkbuf->data;
+    ogs_nas_additional_information_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_additional_information_t *)pkbuf->data;
 
     additional_information->length = source->length;
     size = additional_information->length + sizeof(additional_information->length);
@@ -87,7 +94,14 @@
 int ogs_nas_5gs_decode_service_level_aa_container(ogs_nas_service_level_aa_container_t *service_level_aa_container, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_service_level_aa_container_t *source = (ogs_nas_service_level_aa_container_t *)pkbuf->data;
+    ogs_nas_service_level_aa_container_t *source = NULL;
+
+    if (pkbuf->len < 2) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_service_level_aa_container_t *)pkbuf->data;
 
     service_level_aa_container->length = be16toh(source->length);
     size = service_level_aa_container->length + sizeof(service_level_aa_container->length);
@@ -167,7 +181,14 @@
 int ogs_nas_5gs_decode_dnn(ogs_nas_dnn_t *dnn, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_dnn_t *source = (ogs_nas_dnn_t *)pkbuf->data;
+    ogs_nas_dnn_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_dnn_t *)pkbuf->data;
 
     dnn->length = source->length;
     size = dnn->length + sizeof(dnn->length);
@@ -219,7 +240,14 @@
 int ogs_nas_5gs_decode_eap_message(ogs_nas_eap_message_t *eap_message, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_eap_message_t *source = (ogs_nas_eap_message_t *)pkbuf->data;
+    ogs_nas_eap_message_t *source = NULL;
+
+    if (pkbuf->len < 2) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_eap_message_t *)pkbuf->data;
 
     eap_message->length = be16toh(source->length);
     size = eap_message->length + sizeof(eap_message->length);
@@ -299,7 +327,14 @@
 int ogs_nas_5gs_decode_gprs_timer_2(ogs_nas_gprs_timer_2_t *gprs_timer_2, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_gprs_timer_2_t *source = (ogs_nas_gprs_timer_2_t *)pkbuf->data;
+    ogs_nas_gprs_timer_2_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_gprs_timer_2_t *)pkbuf->data;
 
     gprs_timer_2->length = source->length;
     size = gprs_timer_2->length + sizeof(gprs_timer_2->length);
@@ -338,7 +373,14 @@
 int ogs_nas_5gs_decode_gprs_timer_3(ogs_nas_gprs_timer_3_t *gprs_timer_3, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_gprs_timer_3_t *source = (ogs_nas_gprs_timer_3_t *)pkbuf->data;
+    ogs_nas_gprs_timer_3_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_gprs_timer_3_t *)pkbuf->data;
 
     gprs_timer_3->length = source->length;
     size = gprs_timer_3->length + sizeof(gprs_timer_3->length);
@@ -377,7 +419,14 @@
 int ogs_nas_5gs_decode_s_nssai(ogs_nas_s_nssai_t *s_nssai, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_s_nssai_t *source = (ogs_nas_s_nssai_t *)pkbuf->data;
+    ogs_nas_s_nssai_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_s_nssai_t *)pkbuf->data;
 
     s_nssai->length = source->length;
     size = s_nssai->length + sizeof(s_nssai->length);
@@ -416,7 +465,14 @@
 int ogs_nas_5gs_decode_5gmm_capability(ogs_nas_5gmm_capability_t *gmm_capability, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_5gmm_capability_t *source = (ogs_nas_5gmm_capability_t *)pkbuf->data;
+    ogs_nas_5gmm_capability_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_5gmm_capability_t *)pkbuf->data;
 
     gmm_capability->length = source->length;
     size = gmm_capability->length + sizeof(gmm_capability->length);
@@ -455,7 +511,14 @@
 int ogs_nas_5gs_decode_abba(ogs_nas_abba_t *abba, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_abba_t *source = (ogs_nas_abba_t *)pkbuf->data;
+    ogs_nas_abba_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_abba_t *)pkbuf->data;
 
     abba->length = source->length;
     size = abba->length + sizeof(abba->length);
@@ -494,7 +557,14 @@
 int ogs_nas_5gs_decode_additional_5g_security_information(ogs_nas_additional_5g_security_information_t *additional_security_information, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_additional_5g_security_information_t *source = (ogs_nas_additional_5g_security_information_t *)pkbuf->data;
+    ogs_nas_additional_5g_security_information_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_additional_5g_security_information_t *)pkbuf->data;
 
     additional_security_information->length = source->length;
     size = additional_security_information->length + sizeof(additional_security_information->length);
@@ -533,7 +603,14 @@
 int ogs_nas_5gs_decode_additional_information_requested(ogs_nas_additional_information_requested_t *additional_information_requested, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_additional_information_requested_t *source = (ogs_nas_additional_information_requested_t *)pkbuf->data;
+    ogs_nas_additional_information_requested_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_additional_information_requested_t *)pkbuf->data;
 
     additional_information_requested->length = source->length;
     size = additional_information_requested->length + sizeof(additional_information_requested->length);
@@ -572,7 +649,14 @@
 int ogs_nas_5gs_decode_allowed_pdu_session_status(ogs_nas_allowed_pdu_session_status_t *allowed_pdu_session_status, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_allowed_pdu_session_status_t *source = (ogs_nas_allowed_pdu_session_status_t *)pkbuf->data;
+    ogs_nas_allowed_pdu_session_status_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_allowed_pdu_session_status_t *)pkbuf->data;
 
     allowed_pdu_session_status->length = source->length;

open5gs_2.7.2.4565.531e.tar.xz/lib/nas/5gs/support/nas-message.py -> open5gs_2.7.2.4566.9251.tar.xz/lib/nas/5gs/support/nas-message.py Changed

@@ -447,7 +447,12 @@
         f.write("int ogs_nas_5gs_decode_%s(ogs_nas_%s_t *%s, ogs_pkbuf_t *pkbuf)\n" % (v_lower(k), v_lower(k), get_value(k)))
         f.write("{\n")
         f.write("    int size = 0;\n")
-        f.write("    ogs_nas_%s_t *source = (ogs_nas_%s_t *)pkbuf->data;\n\n" % (v_lower(k), v_lower(k)))
+        f.write("    ogs_nas_%s_t *source = NULL;\n\n" % v_lower(k))
+        f.write("    if (pkbuf->len < 2) {\n")
+        f.write("       ogs_error(\"Not enough pkbuf len:%d\", pkbuf->len);\n")
+        f.write("       return -1;\n")
+        f.write("    }\n\n")
+        f.write("    source = (ogs_nas_%s_t *)pkbuf->data;\n\n" % v_lower(k))
         f.write("    %s->length = be16toh(source->length);\n" % get_value(k))
         f.write("    size = %s->length + sizeof(%s->length);\n\n" % (get_value(k), get_value(k)))
         f.write("    if (ogs_pkbuf_pull(pkbuf, size) == NULL) {\n")
@@ -480,7 +485,12 @@
         f.write("int ogs_nas_5gs_decode_%s(ogs_nas_%s_t *%s, ogs_pkbuf_t *pkbuf)\n" % (v_lower(k), v_lower(k), get_value(k)))
         f.write("{\n")
         f.write("    int size = 0;\n")
-        f.write("    ogs_nas_%s_t *source = (ogs_nas_%s_t *)pkbuf->data;\n\n" % (v_lower(k), v_lower(k)))
+        f.write("    ogs_nas_%s_t *source = NULL;\n\n" % v_lower(k))
+        f.write("    if (pkbuf->len < 1) {\n")
+        f.write("       ogs_error(\"Not enough pkbuf len:%d\", pkbuf->len);\n")
+        f.write("       return -1;\n")
+        f.write("    }\n\n")
+        f.write("    source = (ogs_nas_%s_t *)pkbuf->data;\n\n" % v_lower(k))
         f.write("    %s->length = source->length;\n" % get_value(k))
         f.write("    size = %s->length + sizeof(%s->length);\n\n" % (get_value(k), get_value(k)))
         f.write("    if (ogs_pkbuf_pull(pkbuf, size) == NULL) {\n")

open5gs_2.7.2.4565.531e.tar.xz/lib/nas/eps/ies.c -> open5gs_2.7.2.4566.9251.tar.xz/lib/nas/eps/ies.c Changed

@@ -28,7 +28,7 @@
 /*******************************************************************************
  * This file had been created by nas-message.py script v0.1.0
  * Please do not modify this file but regenerate it via script.
- * Created on: 2024-01-21 18:50:03.402793 by acetcom
+ * Created on: 2024-12-11 21:08:02.462921 by acetcom
  * from 24301-h90.docx
  ******************************************************************************/
 
@@ -48,7 +48,14 @@
 int ogs_nas_eps_decode_additional_information(ogs_nas_additional_information_t *additional_information, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_additional_information_t *source = (ogs_nas_additional_information_t *)pkbuf->data;
+    ogs_nas_additional_information_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_additional_information_t *)pkbuf->data;
 
     additional_information->length = source->length;
     size = additional_information->length + sizeof(additional_information->length);
@@ -119,7 +126,14 @@
 int ogs_nas_eps_decode_eps_bearer_context_status(ogs_nas_eps_bearer_context_status_t *eps_bearer_context_status, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_eps_bearer_context_status_t *source = (ogs_nas_eps_bearer_context_status_t *)pkbuf->data;
+    ogs_nas_eps_bearer_context_status_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_eps_bearer_context_status_t *)pkbuf->data;
 
     eps_bearer_context_status->length = source->length;
     size = eps_bearer_context_status->length + sizeof(eps_bearer_context_status->length);
@@ -158,7 +172,14 @@
 int ogs_nas_eps_decode_supported_codec_list(ogs_nas_supported_codec_list_t *supported_codec_list, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_supported_codec_list_t *source = (ogs_nas_supported_codec_list_t *)pkbuf->data;
+    ogs_nas_supported_codec_list_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_supported_codec_list_t *)pkbuf->data;
 
     supported_codec_list->length = source->length;
     size = supported_codec_list->length + sizeof(supported_codec_list->length);
@@ -235,7 +256,14 @@
 int ogs_nas_eps_decode_mobile_identity(ogs_nas_mobile_identity_t *mobile_identity, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_mobile_identity_t *source = (ogs_nas_mobile_identity_t *)pkbuf->data;
+    ogs_nas_mobile_identity_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_mobile_identity_t *)pkbuf->data;
 
     mobile_identity->length = source->length;
     size = mobile_identity->length + sizeof(mobile_identity->length);
@@ -283,7 +311,14 @@
 int ogs_nas_eps_decode_mobile_station_classmark_2(ogs_nas_mobile_station_classmark_2_t *mobile_station_classmark_2, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_mobile_station_classmark_2_t *source = (ogs_nas_mobile_station_classmark_2_t *)pkbuf->data;
+    ogs_nas_mobile_station_classmark_2_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_mobile_station_classmark_2_t *)pkbuf->data;
 
     mobile_station_classmark_2->length = source->length;
     size = mobile_station_classmark_2->length + sizeof(mobile_station_classmark_2->length);
@@ -322,7 +357,14 @@
 int ogs_nas_eps_decode_mobile_station_classmark_3(ogs_nas_mobile_station_classmark_3_t *mobile_station_classmark_3, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_mobile_station_classmark_3_t *source = (ogs_nas_mobile_station_classmark_3_t *)pkbuf->data;
+    ogs_nas_mobile_station_classmark_3_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_mobile_station_classmark_3_t *)pkbuf->data;
 
     mobile_station_classmark_3->length = source->length;
     size = mobile_station_classmark_3->length + sizeof(mobile_station_classmark_3->length);
@@ -361,7 +403,14 @@
 int ogs_nas_eps_decode_plmn_list(ogs_nas_plmn_list_t *plmn_list, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_plmn_list_t *source = (ogs_nas_plmn_list_t *)pkbuf->data;
+    ogs_nas_plmn_list_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_plmn_list_t *)pkbuf->data;
 
     plmn_list->length = source->length;
     size = plmn_list->length + sizeof(plmn_list->length);
@@ -464,7 +513,14 @@
 int ogs_nas_eps_decode_authentication_failure_parameter(ogs_nas_authentication_failure_parameter_t *authentication_failure_parameter, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_authentication_failure_parameter_t *source = (ogs_nas_authentication_failure_parameter_t *)pkbuf->data;
+    ogs_nas_authentication_failure_parameter_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_authentication_failure_parameter_t *)pkbuf->data;
 
     authentication_failure_parameter->length = source->length;
     size = authentication_failure_parameter->length + sizeof(authentication_failure_parameter->length);
@@ -571,7 +627,14 @@
 int ogs_nas_eps_decode_eps_mobile_identity(ogs_nas_eps_mobile_identity_t *eps_mobile_identity, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_eps_mobile_identity_t *source = (ogs_nas_eps_mobile_identity_t *)pkbuf->data;
+    ogs_nas_eps_mobile_identity_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_eps_mobile_identity_t *)pkbuf->data;
 
     eps_mobile_identity->length = source->length;
     size = eps_mobile_identity->length + sizeof(eps_mobile_identity->length);
@@ -621,7 +684,14 @@
 int ogs_nas_eps_decode_eps_network_feature_support(ogs_nas_eps_network_feature_support_t *eps_network_feature_support, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_eps_network_feature_support_t *source = (ogs_nas_eps_network_feature_support_t *)pkbuf->data;
+    ogs_nas_eps_network_feature_support_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_eps_network_feature_support_t *)pkbuf->data;
 
     eps_network_feature_support->length = source->length;
     size = eps_network_feature_support->length + sizeof(eps_network_feature_support->length);
@@ -728,7 +798,14 @@
 int ogs_nas_eps_decode_esm_message_container(ogs_nas_esm_message_container_t *esm_message_container, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_esm_message_container_t *source = (ogs_nas_esm_message_container_t *)pkbuf->data;
+    ogs_nas_esm_message_container_t *source = NULL;
+
+    if (pkbuf->len < 2) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_esm_message_container_t *)pkbuf->data;
 
     esm_message_container->length = be16toh(source->length);
     size = esm_message_container->length + sizeof(esm_message_container->length);
@@ -808,7 +885,14 @@
 int ogs_nas_eps_decode_gprs_timer_2(ogs_nas_gprs_timer_2_t *gprs_timer_2, ogs_pkbuf_t *pkbuf)
 {
     int size = 0;
-    ogs_nas_gprs_timer_2_t *source = (ogs_nas_gprs_timer_2_t *)pkbuf->data;
+    ogs_nas_gprs_timer_2_t *source = NULL;
+
+    if (pkbuf->len < 1) {
+       ogs_error("Not enough pkbuf len:%d", pkbuf->len);
+       return -1;
+    }
+
+    source = (ogs_nas_gprs_timer_2_t *)pkbuf->data;
 
     gprs_timer_2->length = source->length;

open5gs_2.7.2.4565.531e.tar.xz/lib/nas/eps/support/nas-message.py -> open5gs_2.7.2.4566.9251.tar.xz/lib/nas/eps/support/nas-message.py Changed

@@ -461,7 +461,12 @@
         f.write("int ogs_nas_eps_decode_%s(ogs_nas_%s_t *%s, ogs_pkbuf_t *pkbuf)\n" % (v_lower(k), v_lower(k), v_lower(k)))
         f.write("{\n")
         f.write("    int size = 0;\n")
-        f.write("    ogs_nas_%s_t *source = (ogs_nas_%s_t *)pkbuf->data;\n\n" % (v_lower(k), v_lower(k)))
+        f.write("    ogs_nas_%s_t *source = NULL;\n\n" % v_lower(k))
+        f.write("    if (pkbuf->len < 2) {\n")
+        f.write("       ogs_error(\"Not enough pkbuf len:%d\", pkbuf->len);\n")
+        f.write("       return -1;\n")
+        f.write("    }\n\n")
+        f.write("    source = (ogs_nas_%s_t *)pkbuf->data;\n\n" % v_lower(k))
         f.write("    %s->length = be16toh(source->length);\n" % v_lower(k))
         f.write("    size = %s->length + sizeof(%s->length);\n\n" % (v_lower(k), v_lower(k)))
         f.write("    if (ogs_pkbuf_pull(pkbuf, size) == NULL) {\n")
@@ -494,7 +499,12 @@
         f.write("int ogs_nas_eps_decode_%s(ogs_nas_%s_t *%s, ogs_pkbuf_t *pkbuf)\n" % (v_lower(k), v_lower(k), v_lower(k)))
         f.write("{\n")
         f.write("    int size = 0;\n")
-        f.write("    ogs_nas_%s_t *source = (ogs_nas_%s_t *)pkbuf->data;\n\n" % (v_lower(k), v_lower(k)))
+        f.write("    ogs_nas_%s_t *source = NULL;\n\n" % v_lower(k))
+        f.write("    if (pkbuf->len < 1) {\n")
+        f.write("       ogs_error(\"Not enough pkbuf len:%d\", pkbuf->len);\n")
+        f.write("       return -1;\n")
+        f.write("    }\n\n")
+        f.write("    source = (ogs_nas_%s_t *)pkbuf->data;\n\n" % v_lower(k))
         f.write("    %s->length = source->length;\n" % v_lower(k))
         f.write("    size = %s->length + sizeof(%s->length);\n\n" % (v_lower(k), v_lower(k)))
         f.write("    if (ogs_pkbuf_pull(pkbuf, size) == NULL) {\n")