Osmocom Open Build Service

open5gs_2.7.0.95.199f4.202403052026.dsc -> open5gs_2.7.0.96.32271.202403062026.dsc Changed

@@ -2,7 +2,7 @@
 Source: open5gs
 Binary: open5gs-common, open5gs-mme, open5gs-sgwc, open5gs-smf, open5gs-amf, open5gs-sgwu, open5gs-upf, open5gs-hss, open5gs-pcrf, open5gs-nrf, open5gs-scp, open5gs-sepp, open5gs-ausf, open5gs-udm, open5gs-pcf, open5gs-nssf, open5gs-bsf, open5gs-udr, open5gs, open5gs-dbg
 Architecture: any
-Version: 2.7.0.95.199f4.202403052026
+Version: 2.7.0.96.32271.202403062026
 Maintainer: Harald Welte <laforge@gnumonks.org>
 Uploaders: Sukchan Lee <acetcom@gmail.com>
 Homepage: https://open5gs.org
@@ -32,8 +32,8 @@
  open5gs-udr deb net optional arch=any
  open5gs-upf deb net optional arch=any
 Checksums-Sha1:
- 501f71b675dbeaec6306b50bf2c993eb2ae2866c 14477536 open5gs_2.7.0.95.199f4.202403052026.tar.xz
+ ac9e7217b5335bbbab781c5c6f85fa7e0e855329 14476752 open5gs_2.7.0.96.32271.202403062026.tar.xz
 Checksums-Sha256:
- fd31045e7ba3881ce02f68496f86e4c6c07a124c6d4dec26240ac09257f7acbe 14477536 open5gs_2.7.0.95.199f4.202403052026.tar.xz
+ 8950d18dedc4813c3c53c204f9d2f27a64efbc2ea8255f23e31fb635bb988932 14476752 open5gs_2.7.0.96.32271.202403062026.tar.xz
 Files:
- 1eb8f602144bb13ed6c678177ae677fd 14477536 open5gs_2.7.0.95.199f4.202403052026.tar.xz
+ d437e0dccd5e265e418a34c9745c9524 14476752 open5gs_2.7.0.96.32271.202403062026.tar.xz

open5gs_2.7.0.95.199f4.202403052026.tar.xz/.tarball-version -> open5gs_2.7.0.96.32271.202403062026.tar.xz/.tarball-version Changed

open5gs_2.7.0.95.199f4.202403052026.tar.xz/debian/changelog -> open5gs_2.7.0.96.32271.202403062026.tar.xz/debian/changelog Changed

open5gs_2.7.0.95.199f4.202403052026.tar.xz/lib/nas/5gs/conv.c -> open5gs_2.7.0.96.32271.202403062026.tar.xz/lib/nas/5gs/conv.c Changed

@@ -110,6 +110,7 @@
                 ogs_plmn_id_mcc(&plmn_id), ogs_plmn_id_mnc(&plmn_id));
         if (!suci) {
             ogs_error("ogs_mstrcatf() failed");
+            ogs_free(suci);
             return NULL;
         }
     } else {
@@ -117,6 +118,7 @@
                 ogs_plmn_id_mcc(&plmn_id), ogs_plmn_id_mnc(&plmn_id));
         if (!suci) {
             ogs_error("ogs_mstrcatf() failed");
+            ogs_free(suci);
             return NULL;
         }
     }
@@ -152,9 +154,14 @@
     scheme_output =
         (uint8_t *)mobile_identity->buffer +
         OGS_NAS_5GS_MOBILE_IDENTITY_SUCI_MIN_SIZE;
+    if (mobile_identity->length < OGS_NAS_5GS_MOBILE_IDENTITY_SUCI_MIN_SIZE) {
+        ogs_error("The length of Mobile Identity(%d) is less then the min(%d)",
+            mobile_identity->length, OGS_NAS_5GS_MOBILE_IDENTITY_SUCI_MIN_SIZE);
+        ogs_free(suci);
+        return NULL;
+    }
     scheme_output_size =
         mobile_identity->length - OGS_NAS_5GS_MOBILE_IDENTITY_SUCI_MIN_SIZE;
-    ogs_assert(scheme_output_size);
     scheme_output_string_or_bcd = ogs_calloc(1, scheme_output_size*2+1);
     ogs_assert(scheme_output_string_or_bcd);

open5gs_2.7.0.95.199f4.202403052026.tar.xz/src/amf/gmm-handler.c -> open5gs_2.7.0.96.32271.202403062026.tar.xz/src/amf/gmm-handler.c Changed

@@ -130,6 +130,12 @@
         return OGS_5GMM_CAUSE_SEMANTICALLY_INCORRECT_MESSAGE;
     }
 
+    if (mobile_identity->length < OGS_NAS_5GS_MOBILE_IDENTITY_SUCI_MIN_SIZE) {
+        ogs_error("The length of Mobile Identity(%d) is less then the min(%d)",
+            mobile_identity->length, OGS_NAS_5GS_MOBILE_IDENTITY_SUCI_MIN_SIZE);
+        return OGS_5GMM_CAUSE_SEMANTICALLY_INCORRECT_MESSAGE;
+    }
+
     mobile_identity_header =
             (ogs_nas_5gs_mobile_identity_header_t *)mobile_identity->buffer;
 
@@ -886,6 +892,12 @@
         return OGS_5GMM_CAUSE_SEMANTICALLY_INCORRECT_MESSAGE;
     }
 
+    if (mobile_identity->length < OGS_NAS_5GS_MOBILE_IDENTITY_SUCI_MIN_SIZE) {
+        ogs_error("The length of Mobile Identity(%d) is less then the min(%d)",
+            mobile_identity->length, OGS_NAS_5GS_MOBILE_IDENTITY_SUCI_MIN_SIZE);
+        return OGS_5GMM_CAUSE_SEMANTICALLY_INCORRECT_MESSAGE;
+    }
+
     mobile_identity_header =
             (ogs_nas_5gs_mobile_identity_header_t *)mobile_identity->buffer;

open5gs_2.7.0.95.199f4.202403052026.tar.xz/src/amf/gmm-sm.c -> open5gs_2.7.0.96.32271.202403062026.tar.xz/src/amf/gmm-sm.c Changed

open5gs_2.7.0.95.199f4.202403052026.tar.xz/tests/common/ngap-build.c -> open5gs_2.7.0.96.32271.202403062026.tar.xz/tests/common/ngap-build.c Changed

open5gs_2.7.0.95.199f4.202403052026.tar.xz/tests/common/ngap-build.h -> open5gs_2.7.0.96.32271.202403062026.tar.xz/tests/common/ngap-build.h Changed

open5gs_2.7.0.95.199f4.202403052026.tar.xz/tests/registration/crash-test.c -> open5gs_2.7.0.96.32271.202403062026.tar.xz/tests/registration/crash-test.c Changed

@@ -1401,6 +1401,39 @@
     test_ue_remove(test_ue);
 }
 
+static void test5_func(abts_case *tc, void *data)
+{
+    int rv;
+    ogs_socknode_t *ngap;
+    ogs_pkbuf_t *sendbuf;
+    ogs_pkbuf_t *recvbuf;
+    ogs_ngap_message_t message;
+
+    ngap = testngap_client(AF_INET);
+    ABTS_PTR_NOTNULL(tc, ngap);
+
+    sendbuf = testngap_build_ng_setup_request(0x4000, 22);
+    ABTS_PTR_NOTNULL(tc, sendbuf);
+    rv = testgnb_ngap_send(ngap, sendbuf);
+    ABTS_INT_EQUAL(tc, OGS_OK, rv);
+
+    recvbuf = testgnb_ngap_read(ngap);
+    ABTS_PTR_NOTNULL(tc, recvbuf);
+    ogs_pkbuf_free(recvbuf);
+
+    sendbuf = test_ngap_build_malformed_initial_ue_message(0);
+    ABTS_PTR_NOTNULL(tc, sendbuf);
+
+    rv = testgnb_ngap_send(ngap, sendbuf);
+    ABTS_INT_EQUAL(tc, OGS_OK, rv);
+
+    recvbuf = testgnb_ngap_read(ngap);
+    ABTS_PTR_NOTNULL(tc, recvbuf);
+    ogs_pkbuf_free(recvbuf);
+
+    testgnb_ngap_close(ngap);
+}
+
 abts_suite *test_crash(abts_suite *suite)
 {
     suite = ADD_SUITE(suite)
@@ -1409,6 +1442,7 @@
     abts_run_test(suite, test2_func, NULL);
     abts_run_test(suite, test3_func, NULL);
     abts_run_test(suite, test4_issues2842_func, NULL);
+    abts_run_test(suite, test5_func, NULL);
 
     return suite;
 }

Changes of Revision 624