1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include "S1AP_PDU_Descriptions.hh"
extern "C" {
#include <fftranscode/transcode.h>
}
namespace S1AP__Types {
TTCN_Module S1AP__EncDec("S1AP_EncDec", __DATE__, __TIME__);
OCTETSTRING enc__S1AP__PDU(const S1AP__PDU__Descriptions::S1AP__PDU &pdu)
{
static unsigned long count = 0;
uint8_t *aper_buf;
int aper_buf_len;
TTCN_Buffer TTCN_buf;
TTCN_buf.clear();
/* Encode from abstract data type into BER/DER */
pdu.encode(S1AP__PDU__Descriptions::S1AP__PDU_descr_, TTCN_buf,
TTCN_EncDec::CT_BER, BER_ENCODE_DER);
aper_buf_len = fftranscode_ber2aper(FFTRANSC_T_S1AP, &aper_buf, TTCN_buf.get_data(), TTCN_buf.get_len());
if (aper_buf_len < 0) {
TTCN_error("fftranscode failed.");
}
/* Observed srsEPC segfaults with:
* idx=1 && mask=0x1d
* idx=5 && mask=any */
if (count++ % 2 == 0) {
int idx = rand() % aper_buf_len;
uint8_t mask = (uint8_t) rand();
/* TUWAT! Mangle a random byte. */
printf("=== TUWAT: mangling octet %d with mask 0x%02x\n", idx, mask);
aper_buf[idx] ^= mask;
}
/* make octetstring from output buffer */
OCTETSTRING ret_val(aper_buf_len, aper_buf);
/* release dynamically-allocated output buffer */
fftranscode_free(aper_buf);
return ret_val;
}
S1AP__PDU__Descriptions::S1AP__PDU dec__S1AP__PDU(const OCTETSTRING &stream)
{
uint8_t *ber_buf;
int ber_buf_len;
/* First, decode APER + re-encode as BER */
ber_buf_len = fftranscode_aper2ber(FFTRANSC_T_S1AP, &ber_buf, (const unsigned char *)stream, stream.lengthof());
if (ber_buf_len < 0) {
TTCN_error("fftranscode failed.");
}
/* Then, re-encode from BER to TITAN representation */
S1AP__PDU__Descriptions::S1AP__PDU ret_dcc;
TTCN_Buffer TTCN_buf;
TTCN_buf.clear();
TTCN_buf.put_s(ber_buf_len, ber_buf);
ret_dcc.decode(S1AP__PDU__Descriptions::S1AP__PDU_descr_, TTCN_buf,
TTCN_EncDec::CT_BER, BER_ACCEPT_ALL);
fftranscode_free(ber_buf);
return ret_dcc;
}
}
static __attribute__((constructor)) void on_dso_load(void)
{
/* Use a static seed for reproduceable results */
srand(10000);
}
|
