[PATCH] osmo-ggsn[master]: ggsn: Avoid crash on wrong EUA type

Sat, 14 Oct 2017 07:39:33 -0700 

Review at  https://gerrit.osmocom.org/4266

ggsn: Avoid crash on wrong EUA type

If the EUA in the Create PDP Context Request was not supported by
the given APN (e.g. IPv6 request for a v4-only APN), we crashed.

Avoid this and add proper handling of this error case.

Change-Id: I8d1f7ec727c5d2d4427232015f81ed57d3440dff
---
M ggsn/ggsn.c
1 file changed, 28 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/osmo-ggsn refs/changes/66/4266/1

diff --git a/ggsn/ggsn.c b/ggsn/ggsn.c
index 67d040f..29d8473 100644
--- a/ggsn/ggsn.c
+++ b/ggsn/ggsn.c
@@ -432,6 +432,20 @@
        msgb_free(msg);
 }
 
+static bool apn_supports_ipv4(const struct apn_ctx *apn)
+{
+       if (apn->v4.cfg.static_prefix.addr.len  || 
apn->v4.cfg.dynamic_prefix.addr.len)
+               return true;
+       return false;
+}
+
+static bool apn_supports_ipv6(const struct apn_ctx *apn)
+{
+       if (apn->v6.cfg.static_prefix.addr.len  || 
apn->v6.cfg.dynamic_prefix.addr.len)
+               return true;
+       return false;
+}
+
 int create_context_ind(struct pdp_t *pdp)
 {
        static char name_buf[256];
@@ -483,6 +497,10 @@
        }
 
        if (addr.len == sizeof(struct in_addr)) {
+               /* does this APN actually have an IPv4 pool? */
+               if (!apn_supports_ipv4(apn))
+                       goto err_wrong_af;
+
                rc = ippool_newip(apn->v4.pool, &member, &addr, 0);
                if (rc < 0)
                        goto err_pool_full;
@@ -496,6 +514,11 @@
                }
        } else if (addr.len == sizeof(struct in6_addr)) {
                struct in46_addr tmp;
+
+               /* does this APN actually have an IPv6 pool? */
+               if (!apn_supports_ipv6(apn))
+                       goto err_wrong_af;
+
                rc = ippool_newip(apn->v6.pool, &member, &addr, 0);
                if (rc < 0)
                        goto err_pool_full;
@@ -534,6 +557,11 @@
        LOGPPDP(LOGL_ERROR, pdp, "Cannot allocate IP address from pool 
(full!)\n");
        gtp_create_context_resp(gsn, pdp, -rc);
        return 0;       /* Already in use, or no more available */
+
+err_wrong_af:
+       LOGPPDP(LOGL_ERROR, pdp, "APN doesn't support requested EUA / AF 
type\n");
+       gtp_create_context_resp(gsn, pdp, GTPCAUSE_UNKNOWN_PDP);
+       return 0;
 }
 
 /* Internet-originated IP packet, needs to be sent via GTP towards MS */

-- 
To view, visit https://gerrit.osmocom.org/4266
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I8d1f7ec727c5d2d4427232015f81ed57d3440dff
Gerrit-PatchSet: 1
Gerrit-Project: osmo-ggsn
Gerrit-Branch: master
Gerrit-Owner: Harald Welte <[email protected]>

Reply via email to