asn1, rrc: fix crash on s1 handover: allocate memory for source_other_cfg_r9 before unpacking data into it

srsran / srsRAN_4G

Open source SDR 4G software suite from Software Radio Systems (SRS) https://docs.srsran.com/projects/4g

https://www.srsran.com

GNU Affero General Public License v3.0

3.48k stars 1.15k forks source link

asn1, rrc: fix crash on s1 handover: allocate memory for source_other_cfg_r9 before unpacking data into it #1221

Open murzic4 opened 1 year ago

murzic4 commented 1 year ago

srseNB crashes when tries to unpack SEQUENCE AS-Config (RRC HandoverPreparationInformation message) with sourceOtherConfig-r9 field. It happens because RRC decoder tries to unpack sourceOtherConfig-r9 SEQUENCE to source_other_cfg_r9 which contains no preallocated memory.

CLAassistant commented 2 months ago

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}