<p>fixeria <strong>submitted</strong> this change.</p><p><a href="https://gerrit.osmocom.org/c/osmo-pcu/+/17209">View Change</a></p><div style="white-space:pre-wrap">Approvals:
Jenkins Builder: Verified
laforge: Looks good to me, but someone else must approve
pespin: Looks good to me, approved
</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">tests/rlcmac: fix malformed MS RA capability in testRAcap()<br><br>Long story short: as it turns out the test vector '12a5146200'O<br>has been generated by TITAN, and it's malformed. The length<br>indicator it contains must be at least 29 bits, not 21. This<br>field is calculated by TITAN automatically, so I guess there<br>is a bug somewhere in its RAW encoder implementation.<br><br>It's funny that Wireshark decodes the old malformed vector without<br>any problems if it's encapsulated into the BSSGP DL-UNITDATA. The<br>reason for that is because BSSGP dissector does not actually use<br>the CSN.1 codec and relies on its own hand-written parser [1],<br>which does not respect the length constraints.<br><br>Furthermore, table 10.5.146/3GPP TS 24.008, describing the format<br>of MS Radio Access Capability IE, has the following comment:<br><br> < Multislot capability struct > ::=<br> { 0 | 1 < HSCSD multislot class : bit (5) > }<br> ...<br> -- error: struct too short, assume features do not exist<br><br>so ideally our CSN.1 decoder should be more tolerant to the old<br>malformed vector, but unfortunately error handling is not implemented.<br><br>[1] See de_gmm_ms_radio_acc_cap() in epan/dissectors/packet-gsm_a_gm.c.<br><br>Change-Id: I5f810397b8d09c18e069168023429f6a4d899c86<br>---<br>M tests/rlcmac/RLCMACTest.cpp<br>M tests/rlcmac/RLCMACTest.err<br>M tests/rlcmac/RLCMACTest.ok<br>3 files changed, 22 insertions(+), 13 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/tests/rlcmac/RLCMACTest.cpp b/tests/rlcmac/RLCMACTest.cpp</span><br><span>index a8d6217..de63fe6 100644</span><br><span>--- a/tests/rlcmac/RLCMACTest.cpp</span><br><span>+++ b/tests/rlcmac/RLCMACTest.cpp</span><br><span>@@ -224,7 +224,7 @@</span><br><span> /*</span><br><span> MS RA capability 1</span><br><span> 0001 .... = Access Technology Type: GSM E --note that GSM E covers GSM P (1)</span><br><span style="color: hsl(0, 100%, 40%);">- .... 0010 101. .... = Length in bits: 0x15 (21)</span><br><span style="color: hsl(120, 100%, 40%);">+ .... 0011 101. .... = Length in bits: 0x1d (29)</span><br><span> ...0 01.. RF Power Capability, GMSK Power Class: Not specified (1)</span><br><span> A5 Bits: Same values apply for parameters as in the immediately preceding Access capabilities field within this IE (0)</span><br><span> .... ...1 = Controlled early Classmark Sending: Implemented</span><br><span>@@ -235,22 +235,27 @@</span><br><span> .... ..00 011. .... = GPRS multislot class: Max Rx-Slot/TDMA:2 Max Tx-Slot/TDMA:2 Max-Sum-Slot/TDMA:3 Tta:3 Ttb:2 Tra:3 Trb:1 Type:1 (3)</span><br><span> ...0 .... = GPRS Extended Dynamic Allocation Capability: Not Implemented</span><br><span> */</span><br><span style="color: hsl(0, 100%, 40%);">- bitvec_unhex(vector, "12a5146200");</span><br><span style="color: hsl(120, 100%, 40%);">+ bitvec_unhex(vector, "13a5146200");</span><br><span> </span><br><span> rc = decode_gsm_ra_cap(vector, &data);</span><br><span style="color: hsl(0, 100%, 40%);">- printf("decode_gsm_ra_cap fails? %s\n", rc !=0 ? "yes" : "no");</span><br><span style="color: hsl(0, 100%, 40%);">-#if 0</span><br><span style="color: hsl(0, 100%, 40%);">- /* FIXME: OS#1525, OS#3499: csn1 fails to parse this MS RA Cap IE value */</span><br><span style="color: hsl(0, 100%, 40%);">- assert (rc == 0);</span><br><span style="color: hsl(120, 100%, 40%);">+ OSMO_ASSERT(rc == 0);</span><br><span> </span><br><span> /* Make sure there's 1 value (currently fails due to failed decoding) */</span><br><span style="color: hsl(0, 100%, 40%);">- osmo_assert(cap->Count_MS_RA_capability_value == 1);</span><br><span style="color: hsl(120, 100%, 40%);">+ OSMO_ASSERT(data.Count_MS_RA_capability_value == 1);</span><br><span> </span><br><span style="color: hsl(0, 100%, 40%);">- /* Make sure MS multislot class is parsed correctly (currently fails due</span><br><span style="color: hsl(0, 100%, 40%);">- to failed decoding and count being 0) */</span><br><span style="color: hsl(0, 100%, 40%);">- uint8_t ms_class = Decoding::get_ms_class_by_capability(&data);</span><br><span style="color: hsl(0, 100%, 40%);">- assert(ms_class == 3);</span><br><span style="color: hsl(0, 100%, 40%);">-#endif</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Make sure GPRS / EGPRS multislot class is parsed correctly */</span><br><span style="color: hsl(120, 100%, 40%);">+ printf("GPRS multislot class = %u\n", Decoding::get_ms_class_by_capability(&data));</span><br><span style="color: hsl(120, 100%, 40%);">+ printf("EGPRS multislot class = %u\n", Decoding::get_egprs_ms_class_by_capability(&data));</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Mangle the length indicator (set it to 21) */</span><br><span style="color: hsl(120, 100%, 40%);">+ unsigned int writeIndex = 4;</span><br><span style="color: hsl(120, 100%, 40%);">+ rc = bitvec_write_field(vector, &writeIndex, 21, 7);</span><br><span style="color: hsl(120, 100%, 40%);">+ OSMO_ASSERT(rc == 0);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Make sure decoding attempt fails */</span><br><span style="color: hsl(120, 100%, 40%);">+ printf("Test decoding of a malformed vector (short length indicator)\n");</span><br><span style="color: hsl(120, 100%, 40%);">+ rc = decode_gsm_ra_cap(vector, &data);</span><br><span style="color: hsl(120, 100%, 40%);">+ printf("decode_gsm_ra_cap() returns %d\n", rc);</span><br><span> }</span><br><span> </span><br><span> int main(int argc, char *argv[])</span><br><span>diff --git a/tests/rlcmac/RLCMACTest.err b/tests/rlcmac/RLCMACTest.err</span><br><span>index 2d7de59..52a3cc3 100644</span><br><span>--- a/tests/rlcmac/RLCMACTest.err</span><br><span>+++ b/tests/rlcmac/RLCMACTest.err</span><br><span>@@ -29,4 +29,5 @@</span><br><span> DCSN1 INFO csnStreamDecoder (type=2): PayloadType = 1 | spare = 0 | R = 0 | MESSAGE_TYPE = 2 | DOWNLINK_TFI = 20 | : Ack_Nack_Description | FINAL_ACK_INDICATION = 1 | STARTING_SEQUENCE_NUMBER = 1 | RECEIVED_BLOCK_BITMAP[0] = 0 | RECEIVED_BLOCK_BITMAP[1] = 0 | RECEIVED_BLOCK_BITMAP[2] = 0 | RECEIVED_BLOCK_BITMAP[3] = 0 | RECEIVED_BLOCK_BITMAP[4] = 0 | RECEIVED_BLOCK_BITMAP[5] = 0 | RECEIVED_BLOCK_BITMAP[6] = 0 | RECEIVED_BLOCK_BITMAP[7] = 1 | : End Ack_Nack_Description | Exist_Channel_Request_Description = 1 | : Channel_Request_Description | PEAK_THROUGHPUT_CLASS = 0 | RADIO_PRIORITY = 0 | RLC_MODE = 0 | LLC_PDU_TYPE = 1 | RLC_OCTET_COUNT = 18 | : End Channel_Request_Description | : Channel_Quality_Report | C_VALUE = 40 | RXQUAL = 1 | SIGN_VAR = 0 | Slot[0].Exist = 0 | Slot[1].Exist = 0 | Slot[2].Exist = 0 | Slot[3].Exist = 0 | Slot[4].Exist = 0 | Slot[5].Exist = 0 | Slot[6].Exist = 0 | Slot[7].Exist = 0 | : End Channel_Quality_Report | Exist_AdditionsR99 = 1 | : AdditionsR99 | Exist_PFI = 0 | : End AdditionsR99 | Padding = 3|43|43|43|43|43|</span><br><span> DCSN1 INFO csnStreamEncoder (type=2): PayloadType = 1 | spare = 0 | R = 0 | MESSAGE_TYPE = 2 | DOWNLINK_TFI = 20 | : Ack_Nack_Description | FINAL_ACK_INDICATION = 1 | STARTING_SEQUENCE_NUMBER = 1 | RECEIVED_BLOCK_BITMAP[0] = 0 | RECEIVED_BLOCK_BITMAP[1] = 0 | RECEIVED_BLOCK_BITMAP[2] = 0 | RECEIVED_BLOCK_BITMAP[3] = 0 | RECEIVED_BLOCK_BITMAP[4] = 0 | RECEIVED_BLOCK_BITMAP[5] = 0 | RECEIVED_BLOCK_BITMAP[6] = 0 | RECEIVED_BLOCK_BITMAP[7] = 1 | : End Ack_Nack_Description | Exist_Channel_Request_Description = 1 | : Channel_Request_Description | PEAK_THROUGHPUT_CLASS = 0 | RADIO_PRIORITY = 0 | RLC_MODE = 0 | LLC_PDU_TYPE = 1 | RLC_OCTET_COUNT = 18 | : End Channel_Request_Description | : Channel_Quality_Report | C_VALUE = 40 | RXQUAL = 1 | SIGN_VAR = 0 | Slot[0].Exist = 0 | Slot[1].Exist = 0 | Slot[2].Exist = 0 | Slot[3].Exist = 0 | Slot[4].Exist = 0 | Slot[5].Exist = 0 | Slot[6].Exist = 0 | Slot[7].Exist = 0 | : End Channel_Quality_Report | Exist_AdditionsR99 = 1 | : AdditionsR99 | Exist_PFI = 0 | : End AdditionsR99 | Padding = 3|43|43|43|43|43|</span><br><span> DCSN1 INFO csnStreamDecoder (type=8): PayloadType = 1 | spare = 0 | R = 0 | MESSAGE_TYPE = 8 | DOWNLINK_TFI = 0 | MS_OUT_OF_MEMORY = 0 | Exist_EGPRS_ChannelQualityReport = 1 | : EGPRS_ChannelQualityReport | : EGPRS_BEP_LinkQualityMeasurements | Exist_MEAN_CV_BEP_GMSK = 0 | Exist_MEAN_CV_BEP_8PSK = 1 | MEAN_BEP_8PSK = 31 | CV_BEP_8PSK = 7 | : End EGPRS_BEP_LinkQualityMeasurements | C_VALUE = 58 | : EGPRS_TimeslotLinkQualityMeasurements | Exist_BEP_MEASUREMENTS = 0 | Exist_INTERFERENCE_MEASUREMENTS = 0 | : End EGPRS_TimeslotLinkQualityMeasurements | : End EGPRS_ChannelQualityReport | Exist_ChannelRequestDescription = 1 | : ChannelRequestDescription | PEAK_THROUGHPUT_CLASS = 6 | RADIO_PRIORITY = 0 | RLC_MODE = 0 | LLC_PDU_TYPE = 1 | RLC_OCTET_COUNT = 62 | : End ChannelRequestDescription | Exist_PFI = 0 | Exist_ExtensionBits = 0 | : EGPRS_AckNack | Desc = 0 | : Desc | FINAL_ACK_INDICATION = 0 | BEGINNING_OF_WINDOW = 1 | END_OF_WINDOW = 1 | STARTING_SEQUENCE_NUMBER = 1187 | Exist_CRBB = 0 | URBB = 127 | URBB = 255 | URBB = 255 | URBB = 238 | URBB = 0 | URBB = 0 | URBB = 0 | URBB = 0 | URBB = 0 | URBB = 0 | URBB = 0 | URBB = 0 | URBB = 0 | : End Desc | : End EGPRS_AckNack | Padding = </span><br><span style="color: hsl(120, 100%, 40%);">+DCSN1 INFO csnStreamDecoder (RAcap): MS_RA_capability_value { | Choice MS_RA_capability_value_Choice = 1 | u.Content length = 29 | offset = 4 | RF_Power_Capability = 1 | Exist_A5_bits = 0 | ES_IND = 1 | PS = 0 | VGCS = 0 | VBS = 0 | Exist_Multislot_capability = 1 | : Multislot_capability | Exist_HSCSD_multislot_class = 0 | Exist_GPRS_multislot_class = 1 | GPRS_multislot_class = 3 | GPRS_Extended_Dynamic_Allocation_Capability = 0 | Exist_SM = 0 | Exist_ECSD_multislot_class = 0 | Exist_EGPRS_multislot_class = 1 | EGPRS_multislot_class = 0 | EGPRS_Extended_Dynamic_Allocation_Capability = 0 | Exist_DTM_GPRS_multislot_class = 0 | : End Multislot_capability | Exist_Eight_PSK_Power_Capability = 0 | COMPACT_Interference_Measurement_Capability = 0 | Revision_Level_Indicator = NULL | UMTS_FDD_Radio_Access_Technology_Capability = NULL | UMTS_384_TDD_Radio_Access_Technology_Capability = NULL | CDMA2000_Radio_Access_Technology_Capability = NULL | UMTS_128_TDD_Radio_Access_Technology_Capability = NULL | GERAN_Feature_Package_1 = NULL | Modulation_based_multislot_class_support = NULL | GMSK_MultislotPowerProfile = NULL | EightPSK_MultislotProfile = NULL | MultipleTBF_Capability = NULL | DownlinkAdvancedReceiverPerformance = NULL | ExtendedRLC_MAC_ControlMessageSegmentionsCapability = NULL | DTM_EnhancementsCapability = NULL | PS_HandoverCapability = NULL | MS_RA_capability_value } | </span><br><span> DCSN1 INFO csnStreamDecoder (RAcap): MS_RA_capability_value { | Choice MS_RA_capability_value_Choice = 1 | u.Content length = 21 | offset = 4 | RF_Power_Capability = 1 | Exist_A5_bits = 0 | ES_IND = 1 | PS = 0 | VGCS = 0 | VBS = 0 | Exist_Multislot_capability = 1 | : Multislot_capability | Exist_HSCSD_multislot_class = 0 | Exist_GPRS_multislot_class = 1 | GPRS_multislot_class = 3 | GPRS_Extended_Dynamic_Allocation_Capability = 0 | Exist_SM = 0 | Exist_ECSD_multislot_class = 0 | Exist_EGPRS_multislot_class = 1 | DCSN1 ERROR csnStreamDecoder: error NEED_MORE BITS TO UNPACK (-5) at EGPRS_multislot_class (idx 31): End Multislot_capability | </span><br><span>diff --git a/tests/rlcmac/RLCMACTest.ok b/tests/rlcmac/RLCMACTest.ok</span><br><span>index 2d27ca4..96c1bfb 100644</span><br><span>--- a/tests/rlcmac/RLCMACTest.ok</span><br><span>+++ b/tests/rlcmac/RLCMACTest.ok</span><br><span>@@ -124,4 +124,7 @@</span><br><span> vector1 == vector2 : TRUE</span><br><span> *** testCsnLeftAlignedVarBmpBounds ***</span><br><span> *** testRAcap ***</span><br><span style="color: hsl(0, 100%, 40%);">-decode_gsm_ra_cap fails? yes</span><br><span style="color: hsl(120, 100%, 40%);">+GPRS multislot class = 3</span><br><span style="color: hsl(120, 100%, 40%);">+EGPRS multislot class = 0</span><br><span style="color: hsl(120, 100%, 40%);">+Test decoding of a malformed vector (short length indicator)</span><br><span style="color: hsl(120, 100%, 40%);">+decode_gsm_ra_cap() returns -5</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.osmocom.org/c/osmo-pcu/+/17209">change 17209</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.osmocom.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.osmocom.org/c/osmo-pcu/+/17209"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: osmo-pcu </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-Change-Id: I5f810397b8d09c18e069168023429f6a4d899c86 </div>
<div style="display:none"> Gerrit-Change-Number: 17209 </div>
<div style="display:none"> Gerrit-PatchSet: 2 </div>
<div style="display:none"> Gerrit-Owner: fixeria <axilirator@gmail.com> </div>
<div style="display:none"> Gerrit-Reviewer: Jenkins Builder </div>
<div style="display:none"> Gerrit-Reviewer: fixeria <axilirator@gmail.com> </div>
<div style="display:none"> Gerrit-Reviewer: laforge <laforge@osmocom.org> </div>
<div style="display:none"> Gerrit-Reviewer: pespin <pespin@sysmocom.de> </div>
<div style="display:none"> Gerrit-MessageType: merged </div>