जमा करें #808445: Open5gs PCF v2.7.7 Denial of Serviceजानकारी

शीर्षक	Open5gs PCF v2.7.7 Denial of Service
विवरण	### Open5GS Release, Revision, or Tag v2.7.7 ### Steps to reproduce ### Description This merged report covers the two confirmed `Npcf_PolicyAuthorization` reachability variants that hit the same crash site: ```c from_str = strstr(&rx_flow->description[strlen("permit in")], "from"); ogs_assert(from_str); ``` at `../lib/proto/types.c:938`. The shared payload shape is the same in both cases: ```text fDescs = ["permit in"] ``` Confirmed reachability variants: 1. `POST /npcf-policyauthorization/v1/app-sessions` 2. `PATCH /npcf-policyauthorization/v1/app-sessions/{appSessionId}` The immediate callers differ, but the crash site and malformed flow-description root cause are identical. ### Root cause - Shared crash site: `../lib/proto/types.c:938` - Root cause family: parser/business-logic mismatch - Create-path caller: `ogs_pcc_rule_install_flow_from_media()` - Update-path caller: `ogs_pcc_rule_num_of_flow_equal_to_media()` - Controlling field: `ascReqData.medComponents[].medSubComps[].fDescs[*]` ### Logs ```shell ### Create Reproduction Create an app session with: {"ascReqData":{"medComponents":{"1":{"medSubComps":{"1":{"fDescs":["permit in"]}}}}}} Observed in the confirmed run: 04/11 17:57:24.739: [core] FATAL: flow_rx_to_gx: Assertion `from_str' failed. (../lib/proto/types.c:938) ### Update Reproduction Patch an existing app session with the same malformed flow description: {"ascReqData":{"medComponents":{"1":{"medSubComps":{"1":{"fDescs":["permit in"]}}}}}} Observed in the confirmed run: 04/11 17:58:54.874: [core] FATAL: flow_rx_to_gx: Assertion `from_str' failed. (../lib/proto/types.c:938) ``` ### Expected behaviour PCF should reject malformed `permit in` AF flow descriptions with a normal client error on both create and update routes. ### Observed Behaviour Both create and update reachability variants hit the same `flow_rx_to_gx()` assertion and restart the PCF process. ### eNodeB/gNodeB Not required. ### UE Models and versions Not required.
स्रोत	⚠️ https://github.com/open5gs/open5gs/issues/4441
उपयोगकर्ता	LinZiyu (UID 94035)
सबमिशन	20/04/2026 08:38 PM (2 महीनों पहले)
संयम	09/05/2026 09:35 AM (19 days later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	362443 [Open5GS तक 2.7.7 /lib/proto/types.c ogs_pcc_rule_install_flow_from_media सेवा अस्वीकार]
अंक	20

◂ पिछला सिंहावलोकन अगला ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!