gprs_ns2_sns: Verify mandatory IE presence in incoming SNS-SIZE Change-Id: I40571e313c3332d8cead8fb4aa9768d0d083804d

commit: a2c5af55470e6744c2ce74ed0de8f183c8554e5a [log] [tgz]
author: Harald Welte <laforge@osmocom.org> Thu Mar 04 17:59:35 2021 +0100
committer: Harald Welte <laforge@osmocom.org> Wed Mar 24 00:30:22 2021 +0100
tree: 716aa9973633fbbf34d5648fedfa03d62a3ca3f1
parent: 46eb7643c9293afbc863de84b1e782c5f8bf859f [diff]
diff --git a/src/gb/gprs_ns2_sns.c b/src/gb/gprs_ns2_sns.c
index f36e8d0..b5b6677 100644
--- a/src/gb/gprs_ns2_sns.c
+++ b/src/gb/gprs_ns2_sns.c

@@ -2123,14 +2123,23 @@
 	struct ns2_sns_state *gss = (struct ns2_sns_state *) fi->priv;
 	struct tlv_parsed *tp = NULL;
 	uint8_t flag;
+	uint8_t cause;
 
 	OSMO_ASSERT(gss->role == GPRS_SNS_ROLE_SGSN);
 
 	switch (event) {
 	case GPRS_SNS_EV_RX_SIZE:
 		tp = (struct tlv_parsed *) data;
-		if (!TLVP_PRES_LEN(tp, NS_IE_RESET_FLAG, 1)) {
-			uint8_t cause = NS_CAUSE_MISSING_ESSENT_IE;
+		/* check for mandatory / conditional IEs */
+		if (!TLVP_PRES_LEN(tp, NS_IE_RESET_FLAG, 1) ||
+		    !TLVP_PRES_LEN(tp, NS_IE_MAX_NR_NSVC, 2)) {
+			cause = NS_CAUSE_MISSING_ESSENT_IE;
+			ns2_tx_sns_size_ack(gss->sns_nsvc, &cause);
+			break;
+		}
+		if (!TLVP_PRES_LEN(tp, NS_IE_IPv4_EP_NR, 2) &&
+		    !TLVP_PRES_LEN(tp, NS_IE_IPv6_EP_NR, 2)) {
+			cause = NS_CAUSE_MISSING_ESSENT_IE;
 			ns2_tx_sns_size_ack(gss->sns_nsvc, &cause);
 			break;
 		}
commit	a2c5af55470e6744c2ce74ed0de8f183c8554e5a	[log] [tgz]
author	Harald Welte <laforge@osmocom.org>	Thu Mar 04 17:59:35 2021 +0100
committer	Harald Welte <laforge@osmocom.org>	Wed Mar 24 00:30:22 2021 +0100
tree	716aa9973633fbbf34d5648fedfa03d62a3ca3f1
parent	46eb7643c9293afbc863de84b1e782c5f8bf859f [diff]