vrr/open5gs
2
0
Fork 0
mirror of https://github.com/open5gs/open5gs.git synced 2026-04-28 03:19:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
mirror of https://github.com/open5gs/open5gs link from https://open5gs.org/ https://open5gs.org
4895 commits 5 branches 75 tags 261 MiB
Find a file
Sukchan Lee 769b6d24ac sbi: prevent AMF abort on malformed multipart SBI requests 
The AMF could abort when processing malformed or oversized multipart
SBI requests due to an assertion triggered in the multipart parser
callback.

When the parser encountered an overflow condition while assembling
multipart part data, `on_part_data()` executed `ogs_assert_if_reached()`,
causing the AMF process to terminate. This allowed malformed HTTP/2
multipart requests to trigger a denial-of-service condition.

This patch replaces the assertion-based failure with graceful error
handling:

- Introduce `multipart_part_data_t` and explicit parser state tracking.
- Add `parse_error` flag to propagate parsing failures.
- Validate the result of `multipart_parser_execute()`.
- Reject malformed multipart payloads instead of aborting.
- Replace fatal assertions with error handling and proper cleanup.
- Add centralized cleanup via `multipart_parser_data_free()`.

As a result, malformed or oversized multipart bodies are now rejected
with an error, while the AMF process remains operational.

Issues: #4290
2026-03-08 19:59:17 +09:00
.github Update cifuzz 2025-02-04 21:09:20 +09:00
configs [HR] Implement handling of UE-initiated PDU Session Modification (#2194) 2025-06-30 10:07:06 +09:00
debian Release v2.7.6 2025-07-19 10:32:41 +09:00
docker docker: remove deprecated version from docker-compose.yml 2026-02-08 11:55:34 +09:00
docs Add Baicells Aurora 243 to hardware list 2026-02-01 06:54:46 +09:00
lib sbi: prevent AMF abort on malformed multipart SBI requests 2026-03-08 19:59:17 +09:00
misc Add roaming type toggle via command line (#4211) 2025-12-23 13:53:53 +09:00
src core/tlv, smf: Harden TLV parsing and validate Bearer Context in CSR 2026-03-06 10:05:24 +09:00
subprojects Tested on FreeBSD-14.1-STABLE (#3350) 2024-08-03 21:45:52 +09:00
tests upf: Implement UE-to-UE hairpin in the GTP-U path 2026-02-26 06:07:35 +09:00
vagrant Tested on FreeBSD-14.1-STABLE (#3350) 2024-08-03 21:45:52 +09:00
webui Update to secure secrets using env 2026-01-17 10:45:03 +09:00
.clang-tidy [MISC] Add support for static code analysis 2022-07-01 21:38:47 +09:00
.dockerignore [build] Use local sources to build applications (#1583) 2022-06-19 18:18:09 +09:00
.editorconfig editorconfig: new file (#2746) 2023-11-27 22:21:35 +09:00
.gitignore .gitignore: Add install/ dir 2023-10-10 08:03:25 +09:00
LICENSE Change LICENSE to GNU AGPL v3.0 2017-12-18 10:35:54 +09:00
meson.build Release v2.7.6 2025-07-19 10:32:41 +09:00
meson_options.txt [Fuzzing] oss-fuzz support for fuzzing (#2283) 2023-05-05 17:20:11 +09:00
README.md nrf: Fix serving PLMN counter reset on NF register 2026-02-04 20:51:29 +09:00

README.md

Open5GS logo

Getting Started

Please follow the documentation at open5gs.org!

Sponsors

If you find Open5GS useful for work, please consider supporting this Open Source project by Becoming a sponsor. To manage the funding transactions transparently, you can donate through OpenCollective.

sponsors

Community

  • Problem with Open5GS can be filed as issues in this repository.
  • Other topics related to this project are happening on the discussions.
  • Voice and text chat are available in Open5GS's Discord workspace. Use this link to get started.

Contributing

If you're contributing through a pull request to Open5GS project on GitHub, please read the Contributor License Agreement in advance.

License

Support

Technical support and customized services for Open5GS are provided by NewPlane at support@newplane.io.