Changes of Revision 317
open5gs_2.6.3.1.2a8a0.202305050026.dsc -> open5gs_2.6.3.4.4265.202305060026.dsc
Changed
x
1
2
Source: open5gs3
Binary: open5gs-common, open5gs-mme, open5gs-sgwc, open5gs-smf, open5gs-amf, open5gs-sgwu, open5gs-upf, open5gs-hss, open5gs-pcrf, open5gs-nrf, open5gs-scp, open5gs-ausf, open5gs-udm, open5gs-pcf, open5gs-nssf, open5gs-bsf, open5gs-udr, open5gs, open5gs-dbg4
Architecture: any5
-Version: 2.6.3.1.2a8a0.2023050500266
+Version: 2.6.3.4.4265.2023050600267
Maintainer: Harald Welte <laforge@gnumonks.org>8
Uploaders: Sukchan Lee <acetcom@gmail.com>9
Homepage: https://open5gs.org10
11
open5gs-udr deb net optional arch=any12
open5gs-upf deb net optional arch=any13
Checksums-Sha1:14
- 5de9bf58267826c0c8e61752c2f8362ca873adde 14116036 open5gs_2.6.3.1.2a8a0.202305050026.tar.xz15
+ f2ec326806aa76f52aefc5c88d73c84e9f901b76 14117612 open5gs_2.6.3.4.4265.202305060026.tar.xz16
Checksums-Sha256:17
- d48d7eda52d27cafb28c9b6c167bb04464596e2ebdcaaabda895a461d51482fe 14116036 open5gs_2.6.3.1.2a8a0.202305050026.tar.xz18
+ 85e35b215e2e3eb56ba2544a65678d8c0d297520892e3e94a70aac90500c480e 14117612 open5gs_2.6.3.4.4265.202305060026.tar.xz19
Files:20
- 9265443d1150ac92cb46264cc16efd3d 14116036 open5gs_2.6.3.1.2a8a0.202305050026.tar.xz21
+ 22591641af636f67d97b4420b5bc115e 14117612 open5gs_2.6.3.4.4265.202305060026.tar.xz22
open5gs_2.6.3.1.2a8a0.202305050026.tar.xz/.tarball-version -> open5gs_2.6.3.4.4265.202305060026.tar.xz/.tarball-version
Changed
4
1
2
-2.6.3.1-2a8a0.2023050500263
+2.6.3.4-4265.2023050600264
open5gs_2.6.3.1.2a8a0.202305050026.tar.xz/configs/open5gs/mme.yaml.in -> open5gs_2.6.3.4.4265.202305060026.tar.xz/configs/open5gs/mme.yaml.in
Changed
26
1
2
# - addr: 127.0.0.43
# - addr: 127.0.0.54
# apn: volte5
+#6
+# o SMF selection by eNodeB TAC7
+# (either single TAC or multiple TACs, DECIMAL representation)8
+#9
+# gtpc:10
+# - addr: 127.0.0.411
+# tac: 2600012
+# - addr: 127.0.2.413
+# tac: 25000, 27000, 2800014
+#15
+# o SMF selection by e_cell_id(28bit)16
+# (either single or multiple e_cell_id, HEX representation)17
+#18
+# gtpc:19
+# - addr: 127.0.0.420
+# e_cell_id: abcde0121
+# - addr: 127.0.2.422
+# e_cell_id: 12345, a9413, 9876523
smf:24
gtpc:25
- addr:26
open5gs_2.6.3.1.2a8a0.202305050026.tar.xz/debian/changelog -> open5gs_2.6.3.4.4265.202305060026.tar.xz/debian/changelog
Changed
12
1
2
-open5gs (2.6.3.1.2a8a0.202305050026) unstable; urgency=medium3
+open5gs (2.6.3.4.4265.202305060026) unstable; urgency=medium4
5
* Automatically generated changelog entry for building the Osmocom nightly feed6
7
- -- Osmocom OBS scripts <info@osmocom.org> Fri, 05 May 2023 00:27:48 +00008
+ -- Osmocom OBS scripts <info@osmocom.org> Sat, 06 May 2023 00:27:41 +00009
10
open5gs (2.6.3) unstable; urgency=medium11
12
open5gs_2.6.3.1.2a8a0.202305050026.tar.xz/meson.build -> open5gs_2.6.3.4.4265.202305060026.tar.xz/meson.build
Changed
13
1
2
subdir('tests')3
endif4
5
+# Check if the 'fuzzing' option is defined6
+if get_option('fuzzing')7
+ subdir('tests/fuzzing')8
+endif9
+10
message('\n'.join(11
'',12
' prefix: ' + prefix,13
open5gs_2.6.3.4.4265.202305060026.tar.xz/meson_options.txt
Added
4
1
2
+option('fuzzing', type: 'boolean', value: false, description: 'Enable fuzzing tests')3
+option('lib_fuzzing_engine', type : 'string', value : '', description : 'Path to the libFuzzer engine library')4
open5gs_2.6.3.1.2a8a0.202305050026.tar.xz/src/mme/mme-context.c -> open5gs_2.6.3.4.4265.202305060026.tar.xz/src/mme/mme-context.c
Changed
190
1
2
int family = AF_UNSPEC;3
int i, num = 0;4
const char *hostnameOGS_MAX_NUM_OF_HOSTNAME;5
- const char *apn = NULL;6
uint16_t port = ogs_gtp_self()->gtpc_port;7
+ const char *apnOGS_MAX_NUM_OF_APN = {NULL,};8
+ uint8_t num_of_apn = 0;9
+ uint16_t tacOGS_MAX_NUM_OF_TAI = {0,};10
+ uint8_t num_of_tac = 0;11
+ uint32_t e_cell_idOGS_MAX_NUM_OF_CELL_ID = {0,};12
+ uint8_t num_of_e_cell_id = 0;13
14
if (ogs_yaml_iter_type(>pc_array) ==15
YAML_MAPPING_NODE) {16
17
const char *v = ogs_yaml_iter_value(>pc_iter);18
if (v) port = atoi(v);19
} else if (!strcmp(gtpc_key, "apn")) {20
- apn = ogs_yaml_iter_value(>pc_iter);21
+ ogs_yaml_iter_t apn_iter;22
+ ogs_yaml_iter_recurse(>pc_iter, &apn_iter);23
+ ogs_assert(ogs_yaml_iter_type(&apn_iter) !=24
+ YAML_MAPPING_NODE);25
+26
+ do {27
+ const char *v = NULL;28
+29
+ ogs_assert(num_of_apn <30
+ OGS_MAX_NUM_OF_APN);31
+ if (ogs_yaml_iter_type(&apn_iter) ==32
+ YAML_SEQUENCE_NODE) {33
+ if (!ogs_yaml_iter_next(&apn_iter))34
+ break;35
+ }36
+37
+ v = ogs_yaml_iter_value(&apn_iter);38
+ if (v) {39
+ apnnum_of_apn = v;40
+ num_of_apn++;41
+ }42
+ } while (43
+ ogs_yaml_iter_type(&apn_iter) ==44
+ YAML_SEQUENCE_NODE);45
+ } else if (!strcmp(gtpc_key, "tac")) {46
+ ogs_yaml_iter_t tac_iter;47
+ ogs_yaml_iter_recurse(>pc_iter, &tac_iter);48
+ ogs_assert(ogs_yaml_iter_type(&tac_iter) !=49
+ YAML_MAPPING_NODE);50
+51
+ do {52
+ const char *v = NULL;53
+54
+ ogs_assert(num_of_tac <55
+ OGS_MAX_NUM_OF_TAI);56
+ if (ogs_yaml_iter_type(&tac_iter) ==57
+ YAML_SEQUENCE_NODE) {58
+ if (!ogs_yaml_iter_next(&tac_iter))59
+ break;60
+ }61
+62
+ v = ogs_yaml_iter_value(&tac_iter);63
+ if (v) {64
+ tacnum_of_tac = atoi(v);65
+ num_of_tac++;66
+ }67
+ } while (68
+ ogs_yaml_iter_type(&tac_iter) ==69
+ YAML_SEQUENCE_NODE);70
+ } else if (!strcmp(gtpc_key, "e_cell_id")) {71
+ ogs_yaml_iter_t e_cell_id_iter;72
+ ogs_yaml_iter_recurse(>pc_iter,73
+ &e_cell_id_iter);74
+ ogs_assert(ogs_yaml_iter_type(&e_cell_id_iter)75
+ != YAML_MAPPING_NODE);76
+77
+ do {78
+ const char *v = NULL;79
+80
+ ogs_assert(num_of_e_cell_id <81
+ OGS_MAX_NUM_OF_CELL_ID);82
+ if (ogs_yaml_iter_type(&e_cell_id_iter) ==83
+ YAML_SEQUENCE_NODE) {84
+ if (!ogs_yaml_iter_next(85
+ &e_cell_id_iter))86
+ break;87
+ }88
+ v = ogs_yaml_iter_value(&e_cell_id_iter);89
+ if (v) {90
+ e_cell_idnum_of_e_cell_id91
+ = ogs_uint64_from_string((char*)v);92
+ num_of_e_cell_id++;93
+ }94
+ } while (95
+ ogs_yaml_iter_type(&e_cell_id_iter) ==96
+ YAML_SEQUENCE_NODE);97
} else98
ogs_warn("unknown key `%s`", gtpc_key);99
}100
101
pgw = mme_pgw_add(addr);102
ogs_assert(pgw);103
104
- pgw->apn = apn;105
+ pgw->num_of_apn = num_of_apn;106
+ if (num_of_apn != 0)107
+ memcpy(pgw->apn, apn, sizeof(pgw->apn));108
+109
+ pgw->num_of_tac = num_of_tac;110
+ if (num_of_tac != 0)111
+ memcpy(pgw->tac, tac, sizeof(pgw->tac));112
+113
+ pgw->num_of_e_cell_id = num_of_e_cell_id;114
+ if (num_of_e_cell_id != 0)115
+ memcpy(pgw->e_cell_id, e_cell_id,116
+ sizeof(pgw->e_cell_id));117
118
} while (ogs_yaml_iter_type(>pc_array) ==119
YAML_SEQUENCE_NODE);120
121
mme_pgw_remove(pgw);122
}123
124
-ogs_sockaddr_t *mme_pgw_addr_find_by_apn(125
- ogs_list_t *list, int family, char *apn)126
+static bool compare_apn_enb_info(127
+ mme_pgw_t *pgw, mme_sess_t *sess)128
+{129
+ mme_ue_t *mme_ue = NULL;130
+ int i;131
+132
+ ogs_assert(pgw);133
+ ogs_assert(sess);134
+ ogs_assert(sess->session);135
+ ogs_assert(sess->session->name);136
+ mme_ue = sess->mme_ue;137
+ ogs_assert(mme_ue);138
+139
+ for (i = 0; i < pgw->num_of_apn; i++)140
+ if (!ogs_strcasecmp(pgw->apni, sess->session->name)) return true;141
+142
+ for (i = 0; i < pgw->num_of_e_cell_id; i++)143
+ if (pgw->e_cell_idi == mme_ue->e_cgi.cell_id) return true;144
+145
+ for (i = 0; i < pgw->num_of_tac; i++)146
+ if (pgw->taci == mme_ue->tai.tac) return true;147
+148
+ return false;149
+}150
+151
+ogs_sockaddr_t *mme_pgw_addr_find_by_apn_enb(152
+ ogs_list_t *list, int family, mme_sess_t *sess)153
{154
mme_pgw_t *pgw = NULL;155
ogs_assert(list);156
157
158
while (addr) {159
if (addr->ogs_sa_family == family &&160
- (!apn || (pgw->apn && !ogs_strcasecmp(apn, pgw->apn)))) {161
+ (!sess || compare_apn_enb_info(pgw, sess))) {162
return addr;163
}164
addr = addr->next;165
166
pti = message->esm.h.procedure_transaction_identity;167
ebi = message->esm.h.eps_bearer_identity;168
169
- ogs_debug("mme_bearer_find_or_add_by_message() PTI:%d, EBI:%d",170
- pti, ebi);171
+ ogs_debug("mme_bearer_find_or_add_by_message() : "172
+ "ESM message type:%d, PTI:%d, EBI:%d",173
+ message->esm.h.message_type, pti, ebi);174
175
if (ebi != OGS_NAS_EPS_BEARER_IDENTITY_UNASSIGNED) {176
bearer = mme_bearer_find_by_ue_ebi(mme_ue, ebi);177
178
}179
180
bearer = mme_default_bearer_in_sess(sess);181
- ogs_assert(bearer);182
+ if (!bearer) {183
+ ogs_error("No Bearer(%d) : ESM message type:%d, PTI:%d, EBI:%d",184
+ mme_sess_count(mme_ue), message->esm.h.message_type, pti, ebi);185
+ ogs_assert_if_reached();186
+ }187
188
return bearer;189
}190
open5gs_2.6.3.1.2a8a0.202305050026.tar.xz/src/mme/mme-context.h -> open5gs_2.6.3.4.4265.202305060026.tar.xz/src/mme/mme-context.h
Changed
48
1
2
ogs_lnode_t lnode;3
4
ogs_sockaddr_t *sa_list;5
- const char *apn;6
+7
+ const char *apnOGS_MAX_NUM_OF_APN;8
+ uint8_t num_of_apn;9
+ uint16_t tacOGS_MAX_NUM_OF_TAI;10
+ uint8_t num_of_tac;11
+ uint32_t e_cell_idOGS_MAX_NUM_OF_CELL_ID;12
+ uint8_t num_of_e_cell_id;13
} mme_pgw_t;14
15
#define MME_SGSAP_IS_CONNECTED(__mME) \16
17
((__mME)->sgw_ue)->sgw_s11_teid = 0; \18
} while(0)19
20
+#define MME_SESS_CLEAR(__sESS) \21
+ do { \22
+ mme_ue_t *mme_ue = NULL; \23
+ ogs_assert(__sESS); \24
+ mme_ue = __sESS->mme_ue; \25
+ ogs_assert(mme_ue); \26
+ ogs_info("Removed Session: UE IMSI:%s APN:%s", \27
+ mme_ue->imsi_bcd, \28
+ sess->session ? sess->session->name : "Unknown"); \29
+ if (mme_sess_count(mme_ue) == 1) /* Last Session */ \30
+ CLEAR_SESSION_CONTEXT(mme_ue); \31
+ mme_sess_remove(sess); \32
+ } while(0)33
+34
#define ACTIVE_EPS_BEARERS_IS_AVAIABLE(__mME) \35
(mme_ue_have_active_eps_bearers(__mME))36
#define MME_SESSION_RELEASE_PENDING(__mME) \37
38
mme_pgw_t *mme_pgw_add(ogs_sockaddr_t *addr);39
void mme_pgw_remove(mme_pgw_t *pgw);40
void mme_pgw_remove_all(void);41
-ogs_sockaddr_t *mme_pgw_addr_find_by_apn(42
- ogs_list_t *list, int family, char *apn);43
+ogs_sockaddr_t *mme_pgw_addr_find_by_apn_enb(44
+ ogs_list_t *list, int family, mme_sess_t *sess);45
46
mme_vlr_t *mme_vlr_add(ogs_sockaddr_t *sa_list, ogs_sockopt_t *option);47
void mme_vlr_remove(mme_vlr_t *vlr);48
open5gs_2.6.3.1.2a8a0.202305050026.tar.xz/src/mme/mme-gtp-path.c -> open5gs_2.6.3.4.4265.202305060026.tar.xz/src/mme/mme-gtp-path.c
Changed
22
1
2
3
OGS_SETUP_GTPC_SERVER;4
5
- mme_self()->pgw_addr = mme_pgw_addr_find_by_apn(6
+ mme_self()->pgw_addr = mme_pgw_addr_find_by_apn_enb(7
&mme_self()->pgw_list, AF_INET, NULL);8
- mme_self()->pgw_addr6 = mme_pgw_addr_find_by_apn(9
+ mme_self()->pgw_addr6 = mme_pgw_addr_find_by_apn_enb(10
&mme_self()->pgw_list, AF_INET6, NULL);11
ogs_assert(mme_self()->pgw_addr || mme_self()->pgw_addr6);12
13
14
if (MME_HAVE_SGW_S1U_PATH(sess)) {15
mme_gtp_send_delete_session_request(sgw_ue, sess, action);16
} else {17
- mme_sess_remove(sess);18
+ MME_SESS_CLEAR(sess);19
}20
}21
}22
open5gs_2.6.3.1.2a8a0.202305050026.tar.xz/src/mme/mme-s11-build.c -> open5gs_2.6.3.4.4265.202305060026.tar.xz/src/mme/mme-s11-build.c
Changed
16
1
2
ogs_sockaddr_t *pgw_addr = NULL;3
ogs_sockaddr_t *pgw_addr6 = NULL;4
5
- pgw_addr = mme_pgw_addr_find_by_apn(6
- &mme_self()->pgw_list, AF_INET, session->name);7
- pgw_addr6 = mme_pgw_addr_find_by_apn(8
- &mme_self()->pgw_list, AF_INET6, session->name);9
+ pgw_addr = mme_pgw_addr_find_by_apn_enb(10
+ &mme_self()->pgw_list, AF_INET, sess);11
+ pgw_addr6 = mme_pgw_addr_find_by_apn_enb(12
+ &mme_self()->pgw_list, AF_INET6, sess);13
if (!pgw_addr && !pgw_addr6) {14
pgw_addr = mme_self()->pgw_addr;15
pgw_addr6 = mme_self()->pgw_addr6;16
open5gs_2.6.3.1.2a8a0.202305050026.tar.xz/src/mme/mme-s11-handler.c -> open5gs_2.6.3.4.4265.202305060026.tar.xz/src/mme/mme-s11-handler.c
Changed
13
1
2
ogs_assert_if_reached();3
}4
5
- if (mme_sess_count(mme_ue) == 1) /* Last Session */6
- CLEAR_SESSION_CONTEXT(mme_ue);7
-8
- mme_sess_remove(sess);9
+ MME_SESS_CLEAR(sess);10
}11
12
void mme_s11_handle_create_bearer_request(13
open5gs_2.6.3.1.2a8a0.202305050026.tar.xz/src/mme/mme-sm.c -> open5gs_2.6.3.4.4265.202305060026.tar.xz/src/mme/mme-sm.c
Changed
28
1
2
if (default_bearer->ebi == bearer->ebi) {3
/* if the bearer is a default bearer,4
* remove all session context linked the default bearer */5
- mme_sess_remove(sess);6
+ MME_SESS_CLEAR(sess);7
} else {8
/* if the bearer is not a default bearer,9
* just remove the bearer context */10
11
12
} else if (OGS_FSM_CHECK(&bearer->sm, esm_state_pdn_did_disconnect)) {13
ogs_assert(default_bearer->ebi == bearer->ebi);14
- mme_sess_remove(sess);15
+ MME_SESS_CLEAR(sess);16
17
} else if (OGS_FSM_CHECK(&bearer->sm, esm_state_exception)) {18
19
20
*21
* Just we'll remove MME session context.22
*/23
- mme_sess_remove(sess);24
+ MME_SESS_CLEAR(sess);25
}26
27
ogs_pkbuf_free(pkbuf);28
open5gs_2.6.3.4.4265.202305060026.tar.xz/tests/fuzzing
Added
2
1
+(directory)2
open5gs_2.6.3.4.4265.202305060026.tar.xz/tests/fuzzing/fuzzing.h
Added
36
1
2
+/*3
+ * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com>4
+ *5
+ * This file is part of Open5GS.6
+ *7
+ * This program is free software: you can redistribute it and/or modify8
+ * it under the terms of the GNU Affero General Public License as published by9
+ * the Free Software Foundation, either version 3 of the License, or10
+ * (at your option) any later version.11
+ *12
+ * This program is distributed in the hope that it will be useful,13
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of14
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the15
+ * GNU General Public License for more details.16
+ *17
+ * You should have received a copy of the GNU General Public License18
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.19
+ */20
+#include "ogs-core.h"21
+#include "core/abts.h"22
+23
+static int initialized = 0;24
+25
+void initialize(void) {26
+27
+ ogs_pkbuf_config_t config;28
+29
+ ogs_core_initialize();30
+31
+ ogs_pkbuf_default_init(&config);32
+ ogs_pkbuf_default_create(&config);33
+34
+ initialized = 1;35
+}36
open5gs_2.6.3.4.4265.202305060026.tar.xz/tests/fuzzing/gtp-message-fuzz.c
Added
60
1
2
+/*3
+ * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com>4
+ *5
+ * This file is part of Open5GS.6
+ *7
+ * This program is free software: you can redistribute it and/or modify8
+ * it under the terms of the GNU Affero General Public License as published by9
+ * the Free Software Foundation, either version 3 of the License, or10
+ * (at your option) any later version.11
+ *12
+ * This program is distributed in the hope that it will be useful,13
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of14
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the15
+ * GNU General Public License for more details.16
+ *17
+ * You should have received a copy of the GNU General Public License18
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.19
+ */20
+21
+#include <stdio.h>22
+#include <stdint.h>23
+24
+#include "fuzzing.h"25
+#include "ogs-gtp.h"26
+27
+#define kMinInputLength 528
+#define kMaxInputLength 102429
+30
+extern int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) 31
+{ /* open5gs/tests/unit/gtp-message-test.c */32
+33
+ if (Size < kMinInputLength || Size > kMaxInputLength) {34
+ return 1;35
+ }36
+37
+ if (!initialized) {38
+ initialize();39
+ ogs_log_install_domain(&__ogs_gtp_domain, "gtp", OGS_LOG_NONE);40
+ ogs_log_install_domain(&__ogs_tlv_domain, "tlv", OGS_LOG_NONE);41
+ }42
+43
+ int result;44
+ ogs_pkbuf_t *pkbuf;45
+ ogs_gtp2_create_session_request_t req;46
+47
+ pkbuf = ogs_pkbuf_alloc(NULL, OGS_MAX_SDU_LEN);48
+ if (pkbuf == NULL) {49
+ return 1;50
+ }51
+52
+ ogs_pkbuf_put_data(pkbuf, Data, Size);53
+54
+ ogs_tlv_parse_msg(&req, &ogs_gtp2_tlv_desc_create_session_request, pkbuf, OGS_TLV_MODE_T1_L2_I1);55
+56
+ ogs_pkbuf_free(pkbuf);57
+58
+ return 0;59
+}60
open5gs_2.6.3.4.4265.202305060026.tar.xz/tests/fuzzing/gtp_message_fuzz_seed_corpus.zip
Added
open5gs_2.6.3.4.4265.202305060026.tar.xz/tests/fuzzing/meson.build
Added
43
1
2
+# Copyright (C) 2019 by Sukchan Lee <acetcom@gmail.com>3
+4
+# This file is part of Open5GS.5
+6
+# This program is free software: you can redistribute it and/or modify7
+# it under the terms of the GNU Affero General Public License as published by8
+# the Free Software Foundation, either version 3 of the License, or9
+# (at your option) any later version.10
+#11
+# This program is distributed in the hope that it will be useful,12
+# but WITHOUT ANY WARRANTY; without even the implied warranty of13
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the14
+# GNU General Public License for more details.15
+#16
+# You should have received a copy of the GNU General Public License17
+# along with this program. If not, see <https://www.gnu.org/licenses/>.18
+19
+20
+# Get the lib_fuzzing_engine build option.21
+lib_fuzzing_engine = get_option('lib_fuzzing_engine')22
+23
+# All fuzzer sources.24
+gtp_message_source = files('gtp-message-fuzz.c')25
+nas_message_source = files('nas-message-fuzz.c')26
+27
+# Build all executable 28
+executable(29
+ 'gtp_message_fuzz',30
+ sources : gtp_message_source,31
+ c_args : testunit_core_cc_flags, sbi_cc_flags,32
+ dependencies : libgtp_dep,33
+ link_args: lib_fuzzing_engine34
+)35
+36
+executable(37
+ 'nas_message_fuzz',38
+ sources : nas_message_source,39
+ c_args : testunit_core_cc_flags, sbi_cc_flags,40
+ dependencies : libnas_eps_dep,41
+ link_args: lib_fuzzing_engine42
+)43
open5gs_2.6.3.4.4265.202305060026.tar.xz/tests/fuzzing/nas-message-fuzz.c
Added
59
1
2
+/*3
+ * Copyright (C) 2019-2023 by Sukchan Lee <acetcom@gmail.com>4
+ *5
+ * This file is part of Open5GS.6
+ *7
+ * This program is free software: you can redistribute it and/or modify8
+ * it under the terms of the GNU Affero General Public License as published by9
+ * the Free Software Foundation, either version 3 of the License, or10
+ * (at your option) any later version.11
+ *12
+ * This program is distributed in the hope that it will be useful,13
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of14
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the15
+ * GNU General Public License for more details.16
+ *17
+ * You should have received a copy of the GNU General Public License18
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.19
+ */20
+21
+#include <stdio.h>22
+#include <stdint.h>23
+24
+#include "fuzzing.h"25
+#include "ogs-nas-eps.h"26
+27
+#define kMinInputLength 528
+#define kMaxInputLength 102429
+30
+extern int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) 31
+{ /* open5gs/tests/unit/nas-message-test.c */32
+33
+ if (Size < kMinInputLength || Size > kMaxInputLength) {34
+ return 1;35
+ }36
+37
+ if (!initialized) {38
+ initialize();39
+ ogs_log_install_domain(&__ogs_nas_domain, "nas", OGS_LOG_NONE);40
+ }41
+42
+ int result;43
+ ogs_pkbuf_t *pkbuf;44
+ ogs_nas_eps_message_t message;45
+46
+ pkbuf = ogs_pkbuf_alloc(NULL, OGS_MAX_SDU_LEN);47
+ if (pkbuf == NULL) {48
+ return 1;49
+ }50
+51
+ ogs_pkbuf_put_data(pkbuf, Data, Size);52
+53
+ result = ogs_nas_emm_decode(&message, pkbuf);54
+55
+ ogs_pkbuf_free(pkbuf);56
+57
+ return result;58
+}59
open5gs_2.6.3.4.4265.202305060026.tar.xz/tests/fuzzing/nas_message_fuzz_seed_corpus.zip
Added