diff options
author | Harald Welte <laforge@osmocom.org> | 2021-03-04 17:59:35 +0100 |
---|---|---|
committer | Harald Welte <laforge@osmocom.org> | 2021-03-24 00:30:22 +0100 |
commit | a2c5af55470e6744c2ce74ed0de8f183c8554e5a (patch) | |
tree | 716aa9973633fbbf34d5648fedfa03d62a3ca3f1 | |
parent | 46eb7643c9293afbc863de84b1e782c5f8bf859f (diff) |
gprs_ns2_sns: Verify mandatory IE presence in incoming SNS-SIZE
Change-Id: I40571e313c3332d8cead8fb4aa9768d0d083804d
-rw-r--r-- | src/gb/gprs_ns2_sns.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/src/gb/gprs_ns2_sns.c b/src/gb/gprs_ns2_sns.c index f36e8d0b..b5b66770 100644 --- a/src/gb/gprs_ns2_sns.c +++ b/src/gb/gprs_ns2_sns.c @@ -2123,14 +2123,23 @@ static void ns2_sns_st_all_action_sgsn(struct osmo_fsm_inst *fi, uint32_t event, struct ns2_sns_state *gss = (struct ns2_sns_state *) fi->priv; struct tlv_parsed *tp = NULL; uint8_t flag; + uint8_t cause; OSMO_ASSERT(gss->role == GPRS_SNS_ROLE_SGSN); switch (event) { case GPRS_SNS_EV_RX_SIZE: tp = (struct tlv_parsed *) data; - if (!TLVP_PRES_LEN(tp, NS_IE_RESET_FLAG, 1)) { - uint8_t cause = NS_CAUSE_MISSING_ESSENT_IE; + /* check for mandatory / conditional IEs */ + if (!TLVP_PRES_LEN(tp, NS_IE_RESET_FLAG, 1) || + !TLVP_PRES_LEN(tp, NS_IE_MAX_NR_NSVC, 2)) { + cause = NS_CAUSE_MISSING_ESSENT_IE; + ns2_tx_sns_size_ack(gss->sns_nsvc, &cause); + break; + } + if (!TLVP_PRES_LEN(tp, NS_IE_IPv4_EP_NR, 2) && + !TLVP_PRES_LEN(tp, NS_IE_IPv6_EP_NR, 2)) { + cause = NS_CAUSE_MISSING_ESSENT_IE; ns2_tx_sns_size_ack(gss->sns_nsvc, &cause); break; } |