Decoding NAS msg may lead to access oob memory
For example in https://gitlab.eurecom.fr/oai/cn5g/oai-cn5g-common-src/-/blame/develop/nas/5gmm-msgs/RegistrationRequest.cpp#L953
You want to access next IE after decoding one IE but may be there could be no more IE and you could access memory outside the allocated buffer, then you can get a segv or a wrong IE identifier.
Edited by gauthier