vrr/open5gs
2
0
Fork 0
mirror of https://github.com/open5gs/open5gs.git synced 2026-04-26 10:30:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
open5gs/lib
History
Exact
Sukchan Lee 5ab76f2bea lib/sbi: Fix unsafe memory handling in access_handler() 
The HTTP upload handling in access_handler() used ogs_malloc() and
ogs_realloc() results directly assigned to request->http.content and
checked with ogs_assert(). On allocation failure this could abort the
process, leading to a potential denial-of-service condition. The pattern
was similar to the issue previously fixed in on_data_chunk_recv()
(CVE-2022-3299).

This change introduces a temporary pointer for memory allocation and
updates request->http.content only after successful allocation. It also
adds overflow-safe length checks before resizing the buffer and removes
assert-based error handling in favor of graceful failure.

This prevents process termination on allocation failure and aligns the
memory handling logic with the hardened implementation used in
nghttp2-based handlers.

Issues: #4387
2026-04-06 17:42:59 +09:00
..
app [MME] Add Emergency Number List to "Attach Accept" NAS message 2025-10-27 21:28:53 +09:00
asn1c [MME] unify TAU procedure handling and BCS check across all S1AP cases(#4112, #4113, #4117) 2025-10-25 21:31:45 +09:00
core core/tlv, smf: Harden TLV parsing and validate Bearer Context in CSR 2026-03-06 10:05:24 +09:00
crypt clang scan-build static analysis findings/resolutions (#3387) 2024-08-16 16:42:12 +09:00
dbi Merge branch 'main' into home-routed 2025-04-06 18:37:36 +09:00
diameter [MME] S6a ULR: Add SMS-Register-Request AVP with SMS in MME Not Preferred 2026-02-25 22:34:31 +09:00
gtp gtp: harden parsers against malformed IE lengths and remove assert-based crashes 2026-03-14 08:44:51 +09:00
ipfw pfcp/ipfw: Improve error handling in PDR creation/update and ipfw rule parsing 2025-11-20 16:39:17 +09:00
metrics [metrics] fix memory leak 2025-11-13 20:02:25 +09:00
nas Follow up on #4102 2025-10-27 21:31:21 +09:00
ngap [MME/AMF] Fixed crash following Handover Request (#3014) 2024-02-29 23:02:38 +09:00
pfcp pfcp: add defensive resets for FAR/URR optional fields in Create handlers 2026-03-10 22:02:58 +09:00
proto proto: Prevent SMF crash on malformed PCO/EPCO during parsing 2026-03-10 22:35:42 +09:00
s1ap [Release-17] Upgrade S1AP/NGAP to v17.3.9 2023-02-21 21:48:06 +09:00
sbi lib/sbi: Fix unsafe memory handling in access_handler() 2026-04-06 17:42:59 +09:00
sctp [PFCP] Refactor PFCP address handling (#3431) 2025-01-11 20:33:02 +09:00
tun [AMF] Follow-up on #3880 2025-06-17 17:34:18 +09:00
meson.build [SEPP] Initial Update for 5G Roaming (#2739) 2023-11-19 19:34:51 +09:00