[MEM] valgrind memcheck findings (#3349)

The proposal out of the valgrind memcheck procedure are a couple of small patches to open5gs within the patches subdirectory.
2025-10-23 07:41:57 +00:00 · 2024-08-02 17:27:03 +09:00
parent 9828509668
commit c5025ec64c
3 changed files with 38 additions and 11 deletions
--- a/lib/crypt/zuc.c
+++ b/lib/crypt/zuc.c
@@ -327,11 +327,17 @@ void zuc_eea3(u8* CK, u32 COUNT, u32 BEARER, u32 DIRECTION,
 		C[i] = M[i] ^ ((z[i/4] >> (3-i%4)*8) & 0xff);
    }

+    /*
+     * Issues #3349
+     * Valgrind memcheck: Invalid read & write: Add {}.
+     */
+
 	/* zero last bits of data in case its length is not  word-aligned (32 bits)
 	   this is an addition to the C reference code, which did not handle it */
-	if (lastbits)
+	if (lastbits) {
        i--;
 		C[i] &= 0x100 - (1<<lastbits);
+    }

 	ogs_free(z);
 }
--- a/tests/common/context.c
+++ b/tests/common/context.c
@@ -1021,6 +1021,7 @@ static void test_ue_set_mobile_identity(test_ue_t *test_ue,
    mobile_identity->length =
        OGS_NAS_5GS_MOBILE_IDENTITY_SUCI_MIN_SIZE + scheme_output_size;
    mobile_identity->buffer = ogs_calloc(1, mobile_identity->length);
+
    ogs_assert(mobile_identity->buffer);
    memcpy(mobile_identity->buffer,
            mobile_identity_suci, OGS_NAS_5GS_MOBILE_IDENTITY_SUCI_MIN_SIZE);
@@ -1047,9 +1048,12 @@ static void test_ue_set_mobile_identity(test_ue_t *test_ue,

 static void test_ue_set_mobile_identity_imsi(test_ue_t *test_ue)
 {
+    int imsi_len = 0;
    ogs_assert(test_ue);
    ogs_assert(test_ue->imsi);

+    imsi_len = strlen(test_ue->imsi);
+
    test_ue->mobile_identity_imsi.odd_even = OGS_NAS_MOBILE_IDENTITY_ODD;
    test_ue->mobile_identity_imsi.type = OGS_NAS_MOBILE_IDENTITY_IMSI;
    test_ue->mobile_identity_imsi.digit1 = test_ue->imsi[0] - '0';
@@ -1060,12 +1064,31 @@ static void test_ue_set_mobile_identity_imsi(test_ue_t *test_ue)
    test_ue->mobile_identity_imsi.digit6 = test_ue->imsi[5] - '0';
    test_ue->mobile_identity_imsi.digit7 = test_ue->imsi[6] - '0';
    test_ue->mobile_identity_imsi.digit8 = test_ue->imsi[7] - '0';
+
+    /*
+     * Issue #3349
+     *
+     * Valgrind memcheck: Function test_ue_set_mobile_identity_imsi() uses
+     * a max 15 digit IMSI. The configuration file slice.yaml.in uses
+     * a 3 digit MCC & 2 digit MNC. The memcheck tool reports an issue
+     * for an invalid memory read when a <15 digit IMSI is used
+     * in test_ue_set_mobile_identity_imsi(). 1 way to fix the issue is
+     * to use a full 10 digit MSIN here (was using 8 digits).
+     */
+
+    if (imsi_len > 8)
        test_ue->mobile_identity_imsi.digit9 = test_ue->imsi[8] - '0';
+    if (imsi_len > 9)
        test_ue->mobile_identity_imsi.digit10 = test_ue->imsi[9] - '0';
+    if (imsi_len > 10)
        test_ue->mobile_identity_imsi.digit11 = test_ue->imsi[10] - '0';
+    if (imsi_len > 11)
        test_ue->mobile_identity_imsi.digit12 = test_ue->imsi[11] - '0';
+    if (imsi_len > 12)
        test_ue->mobile_identity_imsi.digit13 = test_ue->imsi[12] - '0';
+    if (imsi_len > 13)
        test_ue->mobile_identity_imsi.digit14 = test_ue->imsi[13] - '0';
+    if (imsi_len > 14)
        test_ue->mobile_identity_imsi.digit15 = test_ue->imsi[14] - '0';
 }

--- a/tests/volte/diameter-rx-path.c
+++ b/tests/volte/diameter-rx-path.c
@@ -2122,8 +2122,6 @@ int test_rx_init(void)
    int ret;
    struct disp_when data;

-    test_cx_init();
-
    /* Install objects definitions for this application */
    ret = ogs_diam_rx_init();
    ogs_assert(ret == 0);