diff --git a/src/amf/context.h b/src/amf/context.h index ff4527333..e0a574ac2 100644 --- a/src/amf/context.h +++ b/src/amf/context.h @@ -178,6 +178,7 @@ struct ran_ue_s { /* UE identity */ #define INVALID_UE_NGAP_ID 0xffffffffffffffffULL /* Initial value of ran_ue_ngap_id */ uint64_t ran_ue_ngap_id; /* RAN-UE-NGAP-ID received from RAN */ +#define MAX_AMF_UE_NGAP_ID 0xffffffffffULL uint64_t amf_ue_ngap_id; /* AMF-UE-NGAP-ID received from AMF */ uint16_t gnb_ostream_id; /* SCTP output stream id for eNB */ diff --git a/src/amf/ngap-handler.c b/src/amf/ngap-handler.c index 348eda919..546a829c1 100644 --- a/src/amf/ngap-handler.c +++ b/src/amf/ngap-handler.c @@ -709,6 +709,16 @@ void ngap_handle_uplink_nas_transport( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -872,6 +882,16 @@ void ngap_handle_ue_radio_capability_info_indication( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -977,6 +997,16 @@ void ngap_handle_initial_context_setup_response( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -1256,6 +1286,16 @@ void ngap_handle_initial_context_setup_failure( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -1384,6 +1424,11 @@ void ngap_handle_ue_context_modification_response( ogs_warn("Invalid AMF_UE_NGAP_ID"); } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_warn("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) " + "[0x%llx]", (long long)amf_ue_ngap_id); + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) ogs_warn("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -1451,6 +1496,11 @@ void ngap_handle_ue_context_modification_failure( ogs_warn("Invalid AMF_UE_NGAP_ID"); } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_warn("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) " + "[0x%llx]", (long long)amf_ue_ngap_id); + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) ogs_warn("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -1552,6 +1602,16 @@ void ngap_handle_ue_context_release_request( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { ogs_warn("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -1729,6 +1789,16 @@ void ngap_handle_ue_context_release_complete( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -1956,6 +2026,16 @@ void ngap_handle_pdu_session_resource_setup_response( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -2278,6 +2358,16 @@ void ngap_handle_pdu_session_resource_modify_response( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -2465,6 +2555,16 @@ void ngap_handle_pdu_session_resource_release_response( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -2817,6 +2917,16 @@ void ngap_handle_path_switch_request( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -3194,6 +3304,16 @@ void ngap_handle_handover_required( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + source_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!source_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -3575,6 +3695,16 @@ void ngap_handle_handover_request_ack( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + target_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!target_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -3793,6 +3923,16 @@ void ngap_handle_handover_failure( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, NULL, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + target_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!target_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -3918,6 +4058,16 @@ void ngap_handle_handover_cancel( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + source_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!source_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -4070,6 +4220,16 @@ void ngap_handle_uplink_ran_status_transfer( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + source_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!source_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -4193,6 +4353,16 @@ void ngap_handle_handover_notification( return; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) [0x%llx]", + (long long)amf_ue_ngap_id); + r = ngap_send_error_indication(gnb, (uint64_t *)RAN_UE_NGAP_ID, NULL, + NGAP_Cause_PR_protocol, NGAP_CauseProtocol_semantic_error); + ogs_expect(r == OGS_OK); + ogs_assert(r != OGS_ERROR); + return; + } + target_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!target_ue) { ogs_error("No RAN UE Context : AMF_UE_NGAP_ID[%lld]", @@ -4739,6 +4909,12 @@ void ngap_handle_ng_reset( continue; } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_error("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) " + "[0x%llx]", (long long)amf_ue_ngap_id); + continue; + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) { @@ -4875,6 +5051,11 @@ void ngap_handle_error_indication(amf_gnb_t *gnb, ogs_ngap_message_t *message) ogs_warn("Invalid AMF_UE_NGAP_ID"); } + if (amf_ue_ngap_id > MAX_AMF_UE_NGAP_ID) { + ogs_warn("Overflow AMF_UE_NGAP_ID(2^40-1, 0xffffffffff) " + "[0x%llx]", (long long)amf_ue_ngap_id); + } + ran_ue = ran_ue_find_by_amf_ue_ngap_id(amf_ue_ngap_id); if (!ran_ue) ogs_warn("No RAN UE Context : AMF_UE_NGAP_ID[%lld]",