From a40adf78c3ff27fa40f6e9b7218b2691fc7c8a7a Mon Sep 17 00:00:00 2001
From: Neels Hofmeyr <neels@hofmeyr.de>
Date: Tue, 2 Jun 2020 22:02:01 +0200
Subject: vlr_subscr_rx_id_resp(): dont assert on received MI type

The Mobile Identity type is received on the wire, we asserting on its type
constitutes a DoS vector.

Change-Id: I2b2e25ef8e878e91a165018ba49f1609cfb5cbd0
---
 src/libvlr/vlr.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/libvlr/vlr.c b/src/libvlr/vlr.c
index 887ceb810..019e6577e 100644
--- a/src/libvlr/vlr.c
+++ b/src/libvlr/vlr.c
@@ -1146,6 +1146,8 @@ int vlr_subscr_rx_id_resp(struct vlr_subscr *vsub,
 	case GSM_MI_TYPE_IMEISV:
 		vlr_subscr_set_imeisv(vsub, mi_string);
 		break;
+	default:
+		return -EINVAL;
 	}
 
 	if (vsub->auth_fsm) {
@@ -1170,8 +1172,7 @@ int vlr_subscr_rx_id_resp(struct vlr_subscr *vsub,
 			event = VLR_ULA_E_ID_IMEISV;
 			break;
 		default:
-			OSMO_ASSERT(0);
-			break;
+			return -EINVAL;
 		}
 		osmo_fsm_inst_dispatch(vsub->lu_fsm, event, mi_string);
 	}
-- 
cgit v1.2.3