Failed to parse S1AP and RANAP asn.1

[brchiu]

I'd like to report another problem when processing S1AP, RANAP and NBAP asn1 files with newest repository acdca4184712a92b9318f3d0fbf9d70e581361aa.

They are OK to be parsed and C code generated in 94f0b645d401f75b5b1aa8e5440dc2df0f916517

FATAL: Information Object Set S1AP-ELEMENTARY-PROCEDURES contains no objects at line 247
FATAL: Cannot compile "InitiatingMessage" (20:1) at line 224
FATAL: Cannot compile "InitiatingMessage" (20:1) at line 224
Makefile:1140: recipe for target 'regenerate-from-asn1-source' failed

FATAL: Information Object Set RANAP-ELEMENTARY-PROCEDURES contains no objects at line 233
FATAL: Cannot compile "InitiatingMessage" (20:1) at line 204
FATAL: Cannot compile "InitiatingMessage" (20:1) at line 204
Makefile:1312: recipe for target 'regenerate-from-asn1-source' failed
make: *** [regenerate-from-asn1-source] Error 70

If you need these asn.1 files, please let me know.

Thanks for your great effort !

[velichkov]

Hi @mouse07410,

a fix for #252 provided in #260 (BTW, @velichkov what do you think of this fix? It looks fine to me, but I don't have a 32-bit machine to test it).

The per_long_range_rebase function is performing some range checks that this fix does not, so this fix is not complete.

For example if value is less then ct->lower_bound the encoded value would not be correct while in the signed case the per_long_range_rebase will return -1 and encode is going to fail.

[mouse07410]

The per_long_range_rebase() function is performing some range checks that this fix does not, so this fix is not complete.

Would you recommend then copying all (or most) of the checks that per_long_range_rebase() function is doing, to here https://github.com/mouse07410/asn1c/blob/8a29c8e5b09b757e3420473c940f913b9bd90fcc/skeletons/INTEGER.c#L781?

Or would you recommend abandoning (reverting) this patch?

Update Also, could you help me understand what the following code in skeletons/per_support.c is doing:

. . . . .
  if((ub < 0) == (lb < 0)) {
        bounds_range = ub - lb;
. . . . .

Update2 @acetcom could you confirm that the current vlm_master works on your 32-bit machine? (I've added some checks to it.)

@velichkov, I added a few checks, modeling them after per_long_range_rebase(). Does the code now look better? Would you add any more checks?

[mouse07410]

@velichkov I hate to bother you, as you're already helping a lot - but would you mind taking a look at the fix I applied to skeletons/INTEGER.c, and comment on whether the added checks are sufficient in your opinion?

[acetcom]

@mouse07410 and @velichkov

Sorry for late response!

Today(26/March), I've tested asn1c library with NextEPC test framework.

git checkout https://github.com/mouse07410/asn1c
git checkout vlm_master

git checkout https://github.com/velichkov/asn1c
git checkout s1ap

In 32bit machine, both are correctly worked for NextEPC. No Problem!

Thanks a lot!

[velichkov]

Hi @mouse07410,

but would you mind taking a look at the fix I applied to skeletons/INTEGER.c, and comment on whether the added checks are sufficient in your opinion?

I think these checks are sufficient.

[mouse07410]

Thank you!

[acetcom]

Hi @velichkov

Yesterday, I built an LTE network using srsENB and NextEPC. You can find the setup guide in the document.

During the experiment, I've found one problem for decoding E-RAB Setup Response of S1AP message.

I've attached srsenb.tar.gz file.

• srsenb.aper : Binary data file for s1ap-dump
• srsenb.pcapng : Wireshark packet capture. E-RAB Setup Response captured in number 36.
• e_rab_set_response.png : screen shot

I think that id-CriticalityDiagnostics(58) seems to be related to the problem. Basically, I have no idea whether srsENB encoding is correct or not.

The following is a result of execution.

Sukchanui-MacBook-Pro:sample.source.S1AP acetcom$ ./s1ap-dump -iaper -per-nopad ./srsenb.aper 
./srsenb.aper: Decode failed past byte 0: Input processing error

My apologies in advance if the packet is wrong encoded.

Thanks a lot!

[velichkov]

Hi @acetcom,

srsenb.pcapng : Wireshark packet capture. E-RAB Setup Response captured in number 36. e_rab_set_response.png : screen shot Basically, I have no idea whether srsENB encoding is correct or not.

Most probably the srsENB encoding is not correct because wireshark does not decode it as well.

I think that id-CriticalityDiagnostics(58) seems to be related to the problem.

Yes the problem is related with this parameter. To get some more info run s1ap-dump with -dd option

Getting open type CriticalityDiagnostics encoded in 13 bytes (per_opentype.c:438)
Decoding CriticalityDiagnostics as SEQUENCE (APER) (constr_SEQUENCE.c:1509)
  [PER got  1<=104 bits => span 1 +0[1..104]:03 (103) => 0x0] (asn_bit_data.c:139)
  [PER got  5<=103 bits => span 6 +0[6..104]:03 (98) => 0x0] (asn_bit_data.c:139)
Read in presence bitmap for CriticalityDiagnostics of 5 bits (0..) (constr_SEQUENCE.c:1532)
  [PER got  1<= 5 bits => span 1 +0[1..5]:00 (4) => 0x0] (asn_bit_data.c:139)
Member CriticalityDiagnostics->procedureCode is optional, p=0 (1->5) (constr_SEQUENCE.c:1581)
  [PER got  1<= 4 bits => span 2 +0[2..5]:00 (3) => 0x0] (asn_bit_data.c:139)
Member CriticalityDiagnostics->triggeringMessage is optional, p=0 (2->5) (constr_SEQUENCE.c:1581)
  [PER got  1<= 3 bits => span 3 +0[3..5]:00 (2) => 0x0] (asn_bit_data.c:139)
Member CriticalityDiagnostics->procedureCriticality is optional, p=0 (3->5) (constr_SEQUENCE.c:1581)
  [PER got  1<= 2 bits => span 4 +0[4..5]:00 (1) => 0x0] (asn_bit_data.c:139)
Member CriticalityDiagnostics->iEsCriticalityDiagnostics is optional, p=0 (4->5) (constr_SEQUENCE.c:1581)
  [PER got  1<= 1 bits => span 5 +0[5..5]:00 (0) => 0x0] (asn_bit_data.c:139)
Member CriticalityDiagnostics->iE-Extensions is optional, p=0 (5->5) (constr_SEQUENCE.c:1581)
Too large padding 98 in open type (per_opentype.c:461)

[acetcom]

Thank you for your quick reply.

I released NextEPC v0.3.7(Supporting S1AP Release 14 with new S1AP library) yesterday, and I am really glad that I can keep it.

From now on I will also use the -dd option. And let me try to fix this part with the creator of the srsENB.

Sorry for this noise.

[brchiu]

hi, @acetcom, just for your information. Online tool provided by http://asn1-playground.oss.com/ also failed to decode this srsenb.aper.

[abodin]

Dear @brchiu , With regard to the problem in compiling "Information Object Set", the problem seems solved and S1AP, RANAP, X2AP, M3AP, LPPa, PCAP, XwAP are successfully compiled, as you mentioned, after commit 3bbbd04 by @vlm . However, when compiling the GSM_MAP protocol, that issue still rises.

asn1c -fcompound-names -gen-PER GSMMAP.asn MAP-MS-DataTypes.asn MAP-SS-DataTypes.asn MAP-CommonDataTypes.asn MAP-ExtensionDataTypes.asn MAP-SS-Code.asn MAP-BS-Code.asn MAP-TS-Code.asn MAP-ER-DataTypes.asn MAP-OM-DataTypes.asn MAP-CH-DataTypes.asn MAP-DialogueInformation.asn MAP-SM-DataTypes.asn

Do you have any clue that how this can be resolved? Maybe with similar approach which addressed the problem for S1AP.

Thanks

[brchiu]

@abodin , these PRs for information object set are of no help to the problem encountered with GSMMAP.asn, you need to dig into asn1p_y.y to have a solution. Good luck !

[bhati-github]

https://github.com/bhati-github/5GCore_NMP.git
Network Message Protocol This can be used across all possible signaling interfaces and very easy to parse.