From 8f46b07b22bce29cdca7408d5056944bb5e8b13d Mon Sep 17 00:00:00 2001
From: Laurent THOMAS <laurent.thomas@open-cells.com>
Date: Wed, 4 Sep 2024 18:20:49 +0200
Subject: [PATCH] Lacking RRC check: avoid SEGV if the received packet is not
 what we believe

---
 openair2/RRC/NR_UE/rrc_UE.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/openair2/RRC/NR_UE/rrc_UE.c b/openair2/RRC/NR_UE/rrc_UE.c
index fdff0bc4214..ed8c47ae5f0 100644
--- a/openair2/RRC/NR_UE/rrc_UE.c
+++ b/openair2/RRC/NR_UE/rrc_UE.c
@@ -551,14 +551,16 @@ static void nr_rrc_ue_decode_NR_BCCH_BCH_Message(NR_UE_RRC_INST_t *rrc,
   }
 
   int get_sib = 0;
-  if (get_softmodem_params()->sa &&
-      bcch_message->message.choice.mib->cellBarred == NR_MIB__cellBarred_notBarred &&
-      rrc->nrRrcState != RRC_STATE_DETACH_NR) {
+  if (get_softmodem_params()->sa && bcch_message->message.present == NR_BCCH_BCH_MessageType_PR_mib
+      && bcch_message->message.choice.mib->cellBarred == NR_MIB__cellBarred_notBarred && rrc->nrRrcState != RRC_STATE_DETACH_NR) {
     NR_UE_RRC_SI_INFO *SI_info = &rrc->perNB[gNB_index].SInfo;
     // to schedule MAC to get SI if required
     get_sib = check_si_status(SI_info);
   }
-  nr_rrc_mac_config_req_mib(rrc->ue_id, 0, bcch_message->message.choice.mib, get_sib);
+  if (bcch_message->message.present == NR_BCCH_BCH_MessageType_PR_mib)
+    nr_rrc_mac_config_req_mib(rrc->ue_id, 0, bcch_message->message.choice.mib, get_sib);
+  else
+    LOG_E(NR_RRC, "RRC-received BCCH message is not a MIB\n");
   ASN_STRUCT_FREE(asn_DEF_NR_BCCH_BCH_Message, bcch_message);
   return;
 }
-- 
GitLab