forked from acouzens/open5gs
361c3b7387
Valgrind memcheck tool reports an error, of invalid read beyond the allocated memory. Function "write_cb()" already allocates (realloc) +1 byte and null-terminates the data. But the length "conn->size" does not contain this extra null-terminated byte. When a copy of the received data is made in "check_multi_info()", it does not include the null character, resulting in potentially a non-null terminated string. Later on when parsing the data, "strlen()" will read beyond the allocated memory to search for the null character, resulting in an invalid read. ==1994== Invalid read of size 1 ==1994== at 0x484ED24: strlen (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==1994== by 0x4D3F401: cJSON_ParseWithOpts (cJSON.c:1109) ==1994== by 0x4D3F65C: cJSON_Parse (cJSON.c:1197) ==1994== by 0x4C927DE: parse_json (message.c:913) ==1994== by 0x4C972D8: parse_content (message.c:1790) ==1994== by 0x4C90096: ogs_sbi_parse_response (message.c:589) ==1994== by 0x136431: amf_state_operational (amf-sm.c:248) ... ==1994== Address 0x668371d is 0 bytes after a block of size 253 alloc'd ==1994== at 0x4848899: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==1994== by 0x5107D7F: ??? (in /usr/lib/x86_64-linux-gnu/libtalloc.so.2.3.3) ==1994== by 0x510814B: _talloc_memdup (in /usr/lib/x86_64-linux-gnu/libtalloc.so.2.3.3) ==1994== by 0x4871568: ogs_talloc_memdup (ogs-strings.c:184) ==1994== by 0x4CA7755: check_multi_info (client.c:475) ... |
||
---|---|---|
.github | ||
configs | ||
debian | ||
docker | ||
docs | ||
lib | ||
misc | ||
src | ||
subprojects | ||
tests | ||
vagrant | ||
webui | ||
.gitignore | ||
LICENSE | ||
README.md | ||
meson.build | ||
meson_options.txt |
README.md
Open5GS
If you find Open5GS useful for work, please consider supporting this Open Source project by Becoming a sponsor. To manage the funding transactions transparently, you can donate through OpenCollective.
Platinum Sponsors
Gold Sponsors
Silver Sponsors
Documentation
If you don't understand something about Open5GS, the https://open5gs.org/open5gs/docs/ is a great place to look for answers.
Community
- Problem with Open5GS can be filed as issues in this repository.
- Other topics related to this project are happening on the discussions.
- Voice and text chat are available in Open5GS's Discord workspace. Use this link to get started.
Contributing
If you're contributing through a pull request to Open5GS project on GitHub, please read the Contributor License Agreement in advance.
License
- Open5GS Open Source files are made available under the terms of the GNU Affero General Public License (GNU AGPL v3.0).
- Commercial licenses are also available from NextEPC, Inc.