Go to file

Bostjan Meglic 361c3b7387 [SBI] Fix invalid read beyond allocated memory (#1610 ) Valgrind memcheck tool reports an error, of invalid read beyond the allocated memory. Function "write_cb()" already allocates (realloc) +1 byte and null-terminates the data. But the length "conn->size" does not contain this extra null-terminated byte. When a copy of the received data is made in "check_multi_info()", it does not include the null character, resulting in potentially a non-null terminated string. Later on when parsing the data, "strlen()" will read beyond the allocated memory to search for the null character, resulting in an invalid read. ==1994== Invalid read of size 1 ==1994== at 0x484ED24: strlen (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==1994== by 0x4D3F401: cJSON_ParseWithOpts (cJSON.c:1109) ==1994== by 0x4D3F65C: cJSON_Parse (cJSON.c:1197) ==1994== by 0x4C927DE: parse_json (message.c:913) ==1994== by 0x4C972D8: parse_content (message.c:1790) ==1994== by 0x4C90096: ogs_sbi_parse_response (message.c:589) ==1994== by 0x136431: amf_state_operational (amf-sm.c:248) ... ==1994== Address 0x668371d is 0 bytes after a block of size 253 alloc'd ==1994== at 0x4848899: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==1994== by 0x5107D7F: ??? (in /usr/lib/x86_64-linux-gnu/libtalloc.so.2.3.3) ==1994== by 0x510814B: _talloc_memdup (in /usr/lib/x86_64-linux-gnu/libtalloc.so.2.3.3) ==1994== by 0x4871568: ogs_talloc_memdup (ogs-strings.c:184) ==1994== by 0x4CA7755: check_multi_info (client.c:475) ...		2022-06-15 22:32:23 +09:00
.github	Remove sctp test in MacOSX CI (#1489 )	2022-04-14 10:31:20 +09:00
configs	configs: use proper default IP address for metrics server (#1603 )	2022-06-13 23:13:58 +09:00
debian	Release v2.4.8	2022-06-12 16:29:24 +09:00
docker	[SMF] Optimiza Session Modification Message	2022-05-15 23:35:41 +09:00
docs	Oops! removed one time in the document	2022-06-12 17:18:03 +09:00
lib	[SBI] Fix invalid read beyond allocated memory (#1610 )	2022-06-15 22:32:23 +09:00
misc	Update open5gs-dbctl (#1562 )	2022-05-28 11:10:03 +09:00
src	Update mme-sm.c (#1609 )	2022-06-15 06:13:49 +09:00
subprojects	Initial metrics support based on Prometheus (#1571 )	2022-06-08 05:51:02 +09:00
tests	Added RRCEstablishmentCause to Test-Msg Param	2022-06-12 14:32:53 +09:00
vagrant	Migrating to CentOS Stream 8 in Vagrant (#1450 )	2022-04-01 22:28:32 +09:00
webui	Release v2.4.7	2022-05-21 19:22:11 +09:00
.gitignore	Initial metrics support based on Prometheus (#1571 )	2022-06-08 05:51:02 +09:00
LICENSE	Change LICENSE to GNU AGPL v3.0	2017-12-18 10:35:54 +09:00
README.md	[SMF] Apply 5G Core into GSM (#1498 )	2022-05-15 06:27:54 +09:00
meson.build	Release v2.4.8	2022-06-12 16:29:24 +09:00
meson_options.txt	Initial metrics support based on Prometheus (#1571 )	2022-06-08 05:51:02 +09:00

README.md

Open5GS

If you find Open5GS useful for work, please consider supporting this Open Source project by Becoming a sponsor. To manage the funding transactions transparently, you can donate through OpenCollective.

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Documentation

If you don't understand something about Open5GS, the https://open5gs.org/open5gs/docs/ is a great place to look for answers.

Community

Problem with Open5GS can be filed as issues in this repository.
Other topics related to this project are happening on the discussions.
Voice and text chat are available in Open5GS's Discord workspace. Use this link to get started.

Contributing

If you're contributing through a pull request to Open5GS project on GitHub, please read the Contributor License Agreement in advance.

License

Open5GS Open Source files are made available under the terms of the GNU Affero General Public License (GNU AGPL v3.0).
Commercial licenses are also available from NextEPC, Inc.