vrr/open5gs
2
0
Fork 0
mirror of https://github.com/open5gs/open5gs.git synced 2026-04-28 03:19:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
mirror of https://github.com/open5gs/open5gs link from https://open5gs.org/ https://open5gs.org
4901 commits 5 branches 75 tags 261 MiB
Find a file
Sukchan Lee 6a29f11115 proto: Prevent SMF crash on malformed PCO/EPCO during parsing 
ogs_pco_parse() previously relied on ogs_assert() to verify the bounds
of Protocol/Container fields while parsing PCO/EPCO data. If the outer
PCO/EPCO length was inconsistent with the internal container encoding
(e.g., truncated Container-ID, Container-Length, or container data),
the assert would trigger and terminate the process.

Because PCO/EPCO is derived from UE-supplied NAS messages (e.g.,
PDU Session Establishment Request), a malformed EPCO IE could trigger
a remote SMF crash, resulting in a denial-of-service condition.

This patch replaces the assert-based bounds checks with explicit
runtime validation and returns an error when malformed or truncated
PCO/EPCO is detected. The SMF can then reject the request cleanly
instead of aborting.

Checks added:
- Validate minimum PCO/EPCO length before accessing header fields
- Verify Container-ID bounds
- Verify Container-Length bounds
- Verify container payload length
- Detect container count overflow beyond
  OGS_MAX_NUM_OF_PROTOCOL_OR_CONTAINER_ID

With these changes, malformed EPCO inputs are safely rejected and the
SMF remains operational.

Issues: #4341
2026-03-10 22:35:42 +09:00
.github Update cifuzz 2025-02-04 21:09:20 +09:00
configs [HR] Implement handling of UE-initiated PDU Session Modification (#2194) 2025-06-30 10:07:06 +09:00
debian Release v2.7.6 2025-07-19 10:32:41 +09:00
docker docker: remove deprecated version from docker-compose.yml 2026-02-08 11:55:34 +09:00
docs Add Baicells Aurora 243 to hardware list 2026-02-01 06:54:46 +09:00
lib proto: Prevent SMF crash on malformed PCO/EPCO during parsing 2026-03-10 22:35:42 +09:00
misc Add roaming type toggle via command line (#4211) 2025-12-23 13:53:53 +09:00
src mme: Avoid abort on malformed Address AVPs in S6a messages 2026-03-10 22:23:06 +09:00
subprojects Tested on FreeBSD-14.1-STABLE (#3350) 2024-08-03 21:45:52 +09:00
tests upf: Implement UE-to-UE hairpin in the GTP-U path 2026-02-26 06:07:35 +09:00
vagrant Tested on FreeBSD-14.1-STABLE (#3350) 2024-08-03 21:45:52 +09:00
webui Update to secure secrets using env 2026-01-17 10:45:03 +09:00
.clang-tidy [MISC] Add support for static code analysis 2022-07-01 21:38:47 +09:00
.dockerignore [build] Use local sources to build applications (#1583) 2022-06-19 18:18:09 +09:00
.editorconfig editorconfig: new file (#2746) 2023-11-27 22:21:35 +09:00
.gitignore .gitignore: Add install/ dir 2023-10-10 08:03:25 +09:00
LICENSE Change LICENSE to GNU AGPL v3.0 2017-12-18 10:35:54 +09:00
meson.build Release v2.7.6 2025-07-19 10:32:41 +09:00
meson_options.txt [Fuzzing] oss-fuzz support for fuzzing (#2283) 2023-05-05 17:20:11 +09:00
README.md nrf: Fix serving PLMN counter reset on NF register 2026-02-04 20:51:29 +09:00

README.md

Open5GS logo

Getting Started

Please follow the documentation at open5gs.org!

Sponsors

If you find Open5GS useful for work, please consider supporting this Open Source project by Becoming a sponsor. To manage the funding transactions transparently, you can donate through OpenCollective.

sponsors

Community

  • Problem with Open5GS can be filed as issues in this repository.
  • Other topics related to this project are happening on the discussions.
  • Voice and text chat are available in Open5GS's Discord workspace. Use this link to get started.

Contributing

If you're contributing through a pull request to Open5GS project on GitHub, please read the Contributor License Agreement in advance.

License

Support

Technical support and customized services for Open5GS are provided by NewPlane at support@newplane.io.