From ab1c3493c614cf0f3c6482f577656257dd38496f Mon Sep 17 00:00:00 2001 From: Sukchan Lee Date: Sat, 25 Nov 2023 22:03:28 +0900 Subject: [PATCH] [NRF] Fixed crash due to invalid PATCH body (#2735) --- lib/sbi/message.c | 20 +++++++++++++++++++- src/amf/namf-handler.c | 4 ++++ src/ausf/nudm-handler.c | 2 ++ src/nrf/nnrf-handler.c | 5 +++++ src/udm/nudr-handler.c | 5 +++++ 5 files changed, 35 insertions(+), 1 deletion(-) diff --git a/lib/sbi/message.c b/lib/sbi/message.c index be9c2aed3..f7c99a4b3 100644 --- a/lib/sbi/message.c +++ b/lib/sbi/message.c @@ -1393,6 +1393,11 @@ static int parse_json(ogs_sbi_message_t *message, } patch_item = OpenAPI_patch_item_parseFromJSON(patchJSON); + if (!patch_item) { + rv = OGS_ERROR; + ogs_error("No PatchItem"); + goto cleanup; + } OpenAPI_list_add(message->PatchItemList, patch_item); } } @@ -1698,6 +1703,11 @@ static int parse_json(ogs_sbi_message_t *message, } smsub_item = OpenAPI_session_management_subscription_data_parseFromJSON(smsubJSON); + if (!smsub_item) { + rv = OGS_ERROR; + ogs_error("No smsub_item"); + goto cleanup; + } OpenAPI_list_add(message->SessionManagementSubscriptionDataList, smsub_item); } } @@ -1860,6 +1870,11 @@ static int parse_json(ogs_sbi_message_t *message, } smsub_item = OpenAPI_session_management_subscription_data_parseFromJSON(smsubJSON); + if (!smsub_item) { + rv = OGS_ERROR; + ogs_error("No smsub_item"); + goto cleanup; + } OpenAPI_list_add(message->SessionManagementSubscriptionDataList, smsub_item); } } @@ -3287,7 +3302,10 @@ int ogs_sbi_discovery_option_parse_plmn_list( } PlmnId = OpenAPI_plmn_id_parseFromJSON(PlmnIdJSON); - ogs_assert(PlmnId); + if (!PlmnId) { + ogs_error("No PlmnId"); + goto cleanup; + } OpenAPI_list_add(PlmnList, PlmnId); } diff --git a/src/amf/namf-handler.c b/src/amf/namf-handler.c index 355e96410..b87cc8c86 100644 --- a/src/amf/namf-handler.c +++ b/src/amf/namf-handler.c @@ -726,6 +726,10 @@ static int update_rat_res_add_one(cJSON *restriction, } restr = (void *) OpenAPI_rat_type_FromString(cJSON_GetStringValue(restriction)); + if (!restr) { + ogs_error("No restr"); + return OGS_ERROR; + } if (index == restrictions->count) { OpenAPI_list_add(restrictions, restr); diff --git a/src/ausf/nudm-handler.c b/src/ausf/nudm-handler.c index ac3a74505..8872b6026 100644 --- a/src/ausf/nudm-handler.c +++ b/src/ausf/nudm-handler.c @@ -202,8 +202,10 @@ bool ausf_nudm_ueau_handle_get(ausf_ue_t *ausf_ue, LinksValueScheme = OpenAPI_map_create( (char *)links_member_name(UeAuthenticationCtx.auth_type), &LinksValueSchemeValue); + ogs_assert(LinksValueScheme); UeAuthenticationCtx._links = OpenAPI_list_create(); + ogs_assert(UeAuthenticationCtx._links); OpenAPI_list_add(UeAuthenticationCtx._links, LinksValueScheme); memset(&sendmsg, 0, sizeof(sendmsg)); diff --git a/src/nrf/nnrf-handler.c b/src/nrf/nnrf-handler.c index f99bf5a51..80d40bcb9 100644 --- a/src/nrf/nnrf-handler.c +++ b/src/nrf/nnrf-handler.c @@ -893,6 +893,11 @@ bool nrf_nnrf_handle_nf_discover( discovery_option->requester_features, OGS_SBI_NNRF_DISC_SERVICE_MAP) ? true : false); + if (!NFProfile) { + ogs_error("No NFProfile"); + continue; + } + OpenAPI_list_add(SearchResult->nf_instances, NFProfile); i++; diff --git a/src/udm/nudr-handler.c b/src/udm/nudr-handler.c index e20dbdf73..e11b9326e 100644 --- a/src/udm/nudr-handler.c +++ b/src/udm/nudr-handler.c @@ -696,6 +696,11 @@ bool udm_nudr_dr_handle_subscription_provisioned( OpenAPI_session_management_subscription_data_t *item = NULL; item = OpenAPI_session_management_subscription_data_copy(item, node->data); + if (!item) { + ogs_error("OpenAPI_session_management_subscription_data_copy() " + "failed"); + continue; + } OpenAPI_list_add(sendmsg.SessionManagementSubscriptionDataList, item); }