laforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-sgsn/+/39243?usp=email )

Change subject: gprs_ms_net_cap_gea_mask(): protect against empty MS Network Capabilities ......................................................................

gprs_ms_net_cap_gea_mask(): protect against empty MS Network Capabilities

When the MS Network Capability is empty, expect to support at least unencrypted communications. This shouldn't be empty at all, as the minimum length of it is 2 when the MS/UE is doing an Attach Request. But when receiving a MS/UE SGSN Context via Gn, the field is optional. The MS/UE shall include it into the Routing Area Request, but not must.

Change-Id: Ieef2e3eeaaadc90c35fff6f20d47bd36aaa4b9e6 --- M src/sgsn/gprs_gmm.c 1 file changed, 4 insertions(+), 0 deletions(-)

Approvals: fixeria: Looks good to me, approved pespin: Looks good to me, but someone else must approve Jenkins Builder: Verified

diff --git a/src/sgsn/gprs_gmm.c b/src/sgsn/gprs_gmm.c index 80c2148..e49e611 100644 --- a/src/sgsn/gprs_gmm.c +++ b/src/sgsn/gprs_gmm.c @@ -1201,6 +1201,10 @@ static uint8_t gprs_ms_net_cap_gea_mask(const uint8_t *ms_net_cap, uint8_t cap_len) { uint8_t mask = (1 << GPRS_ALGO_GEA0); + + if (cap_len == 0) + return mask; + mask |= (0x80 & ms_net_cap[0]) ? (1 << GPRS_ALGO_GEA1) : 0;

if (cap_len < 2)