vrr/open5gs
2
0
Fork 0
mirror of https://github.com/open5gs/open5gs.git synced 2026-05-17 04:00:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
open5gs/lib/core
History
Exact
Sukchan Lee 35ce855e32 core/tlv, smf: Harden TLV parsing and validate Bearer Context in CSR 
Two issues (#4277, #4278) reported crashes caused by malformed or
unexpected inputs.

In the TLV parser, several ogs_assert() checks could be triggered by
malformed TLV blocks, resulting in process termination. These checks
are replaced with proper error handling: the parser now logs the error,
limits hexdump size, frees allocated TLVs, and returns NULL instead of
aborting.

In the SMF S5-C Create Session Request handler, additional validation
is introduced for Bearer Context handling. The implementation now
rejects requests containing multiple Bearer Contexts, missing mandatory
fields (EBI or Bearer QoS), duplicate EBI values, or invalid TEID/IP
information. Several ogs_assert() calls that could be triggered by
malformed messages are also replaced with explicit error handling.

These changes prevent crashes caused by malformed TLV blocks or
unexpected Bearer Context structures and ensure the SMF rejects such
requests gracefully.

Issues: #4277, #4278
2026-03-06 10:05:24 +09:00
..
abts.c [tests] Upgrade tests for multiple NFs 2024-09-03 22:09:56 +09:00
abts.h Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
arc4random.c Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
meson.build Introduced Subscription identifier de-concealing 2022-12-24 20:22:45 +09:00
ogs-abort.c Add exception handling for #568 2020-09-18 19:39:02 -04:00
ogs-abort.h Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
ogs-compat.h Fix DNN Operator-Identifier format and refactor OI parsing for HR roaming interop 2025-12-06 22:23:34 +09:00
ogs-conv.c core/sbi: Prevent DoS in requester-features parsing (uint64 overflow) 2026-02-28 09:48:23 +09:00
ogs-conv.h [DBI] Improve YAML policy config by adding SUPI range filtering 2025-02-05 21:56:15 +09:00
ogs-core.c [PFCP/GTP] SEID/TEID Randomness (#1303) 2023-04-16 12:30:36 +09:00
ogs-core.h Introduced Subscription identifier de-concealing 2022-12-24 20:22:45 +09:00
ogs-env.c Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
ogs-env.h Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
ogs-epoll.c sbi: add HTTP body size limit in nghttp2 server 2026-02-13 11:23:14 +09:00
ogs-errno.c [ALL] Removing trailing whitespace and tab 2022-09-02 23:38:39 +09:00
ogs-errno.h [AMF/MME] Fixed crash when no NG/S1 context(#2012) 2023-01-23 10:37:22 +09:00
ogs-file.c Introduced Subscription identifier de-concealing 2022-12-24 20:22:45 +09:00
ogs-file.h Introduced Subscription identifier de-concealing 2022-12-24 20:22:45 +09:00
ogs-fsm.c Move src/../nf-sm.[ch] to lib/sbi/nf-sm.[ch] 2022-08-12 14:03:53 +09:00
ogs-fsm.h Move src/../nf-sm.[ch] to lib/sbi/nf-sm.[ch] 2022-08-12 14:03:53 +09:00
ogs-getopt.c License update 2020-11-12 20:58:08 -05:00
ogs-getopt.h License update 2020-11-12 20:58:08 -05:00
ogs-hash.c Fixed MacOSX compile error 2023-04-04 21:53:39 +09:00
ogs-hash.h [5GC/EPC] tested with concurrent 500 UEs (#949) 2021-04-29 22:01:34 +09:00
ogs-kqueue.c [ALL] Removing trailing whitespace and tab 2022-09-02 23:38:39 +09:00
ogs-list.h [MME] Hangs on an invalid S1AP message 2024-01-17 20:17:55 +09:00
ogs-log.c [CORE] logger: add option to disable timestamps 2024-04-18 21:08:35 +09:00
ogs-log.h [CORE] logger: add option to disable timestamps 2024-04-18 21:08:35 +09:00
ogs-macros.h [SBI] fix compiler errors when using latest libcurl 2025-11-13 06:40:18 +09:00
ogs-memory.c [LOG] remove ogs_expect_or_return()/return_val() 2023-01-24 00:01:36 +09:00
ogs-memory.h [PFCP/GTP] SEID/TEID Randomness (#1303) 2023-04-16 12:30:36 +09:00
ogs-misc.c License update 2020-11-12 20:58:08 -05:00
ogs-misc.h License update 2020-11-12 20:58:08 -05:00
ogs-notify.c Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
ogs-notify.h Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
ogs-pkbuf.c [PFCP/GTP] SEID/TEID Randomness (#1303) 2023-04-16 12:30:36 +09:00
ogs-pkbuf.h [core] Fix a couple of warnings when using C++ compiler or more strict settings 2024-01-09 17:50:22 +09:00
ogs-poll-private.h Change Number of UEs usage [#533] 2020-08-25 23:05:01 -04:00
ogs-poll.c [LOG] remove ogs_expect_or_return()/return_val() 2023-01-24 00:01:36 +09:00
ogs-poll.h [5GC/EPC] tested with concurrent 500 UEs (#949) 2021-04-29 22:01:34 +09:00
ogs-pool.h [POOL] REMOVE ogs_pool_cycle() (#3196) 2024-06-30 22:03:13 +09:00
ogs-process.c [AMF] Follow-up on #3380 2025-05-31 20:51:41 +09:00
ogs-process.h [AMF] Fix UE context transfer when only NRF is client (#3880) 2025-05-31 20:51:06 +09:00
ogs-queue.c [LOG] remove ogs_expect_or_return()/return_val() 2023-01-24 00:01:36 +09:00
ogs-queue.h License update 2020-11-12 20:58:08 -05:00
ogs-rand.c [ALL] Removing trailing whitespace and tab 2022-09-02 23:38:39 +09:00
ogs-rand.h Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
ogs-rbtree.c Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
ogs-rbtree.h [core] Fix a couple of warnings when using C++ compiler or more strict settings 2024-01-09 17:50:22 +09:00
ogs-select.c Update ogs_pollset library 2020-11-09 22:57:14 -05:00
ogs-signal.c [CORE] Fix busy loop and blocking in curl with EPOLLERR handling in Open5GS 2.7.x (#3807, #2411, #2312) 2025-03-30 21:46:31 +09:00
ogs-signal.h License update 2020-11-12 20:58:08 -05:00
ogs-sockaddr.c [SMF] Refactor core address‐resolution to robustly support both IP literals and hostnames (#4008) 2025-07-21 16:44:45 +09:00
ogs-sockaddr.h [SMF] Refactor core address‐resolution to robustly support both IP literals and hostnames (#4008) 2025-07-21 16:44:45 +09:00
ogs-socket.c [LOG] remove ogs_expect_or_return()/return_val() 2023-01-24 00:01:36 +09:00
ogs-socket.h Improve the socket option configuration (#1404) 2022-03-15 22:03:50 +09:00
ogs-socknode.c [LOG] remove ogs_expect_or_return()/return_val() 2023-01-24 00:01:36 +09:00
ogs-socknode.h Improve the socket option configuration (#1404) 2022-03-15 22:03:50 +09:00
ogs-sockopt.c Change EPERM to OGS_EPERM (#1436,#1404) 2022-03-16 20:32:19 +09:00
ogs-sockopt.h Move src/../nf-sm.[ch] to lib/sbi/nf-sm.[ch] 2022-08-12 14:03:53 +09:00
ogs-sockpair.c Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
ogs-sockpair.h Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
ogs-strings.c Fix DNN Operator-Identifier format and refactor OI parsing for HR roaming interop 2025-12-06 22:23:34 +09:00
ogs-strings.h Fix DNN Operator-Identifier format and refactor OI parsing for HR roaming interop 2025-12-06 22:23:34 +09:00
ogs-tcp.c Improve the socket option configuration (#1404) 2022-03-15 22:03:50 +09:00
ogs-tcp.h Improve the socket option configuration (#1404) 2022-03-15 22:03:50 +09:00
ogs-thread.c [LOG] remove ogs_expect_or_return()/return_val() 2023-01-24 00:01:36 +09:00
ogs-thread.h Rename Project to Open5GS 2019-10-27 17:41:14 +09:00
ogs-time.c Follow-up on #1770 2022-09-25 16:42:46 +09:00
ogs-time.h [NRF] Fix the subscription valdityTime (#3360 #3361 #3363 #3364) 2024-08-04 13:32:53 +09:00
ogs-timer.c core,gtp,pfcp,sgwc: avoid fatal asserts on pool and timer exhaustion 2025-12-30 11:49:40 +09:00
ogs-timer.h [AMF/MME] Remove code that doesn't work (#2013) 2023-07-23 14:54:06 +09:00
ogs-tlv-msg.c core/tlv, smf: Harden TLV parsing and validate Bearer Context in CSR 2026-03-06 10:05:24 +09:00
ogs-tlv-msg.h Changes MAX TLV MORE to 16 2022-06-29 14:35:01 +09:00
ogs-tlv.c core/tlv, smf: Harden TLV parsing and validate Bearer Context in CSR 2026-03-06 10:05:24 +09:00
ogs-tlv.h Introduce Gn interface (GTPv1C) Support to PGW (#1351) 2022-02-18 22:23:45 +09:00
ogs-udp.c Improve the socket option configuration (#1404) 2022-03-15 22:03:50 +09:00
ogs-udp.h Improve the socket option configuration (#1404) 2022-03-15 22:03:50 +09:00
ogs-uuid.c Follow-up on #1770 2022-09-25 16:42:46 +09:00
ogs-uuid.h License update 2020-11-12 20:58:08 -05:00