From 04280a1cd716e77cd63bd7bd040e9361f9cf919a Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Wed, 31 Jan 2018 15:16:37 +0000 Subject: [PATCH] Fixed possible out-of-bounds read in nas_attach_complete. --- srsepc/src/mme/s1ap_nas_transport.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/srsepc/src/mme/s1ap_nas_transport.cc b/srsepc/src/mme/s1ap_nas_transport.cc index 874f71d72..398d5381d 100644 --- a/srsepc/src/mme/s1ap_nas_transport.cc +++ b/srsepc/src/mme/s1ap_nas_transport.cc @@ -544,7 +544,7 @@ s1ap_nas_transport::handle_nas_attach_complete(srslte::byte_buffer_t *nas_msg, u m_s1ap_log->console("Unpacked Attached Complete Message\n"); m_s1ap_log->console("Unpacked Activavate Default EPS Bearer message. EPS Bearer id %d\n",act_bearer.eps_bearer_id); //ue_ctx->erabs_ctx[act_bearer->eps_bearer_id].enb_fteid; - if(act_bearer.eps_bearer_id < 5 || act_bearer.eps_bearer_id > 16) + if(act_bearer.eps_bearer_id < 5 || act_bearer.eps_bearer_id > 15) { m_s1ap_log->error("EPS Bearer ID out of range\n"); return false;