Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GTPv2-C sequence number overflows at the incorrect value #265

Closed
radoslav-georgiev-flolive opened this issue Feb 20, 2024 · 0 comments
Closed

GTPv2-C sequence number overflows at the incorrect value #265

radoslav-georgiev-flolive opened this issue Feb 20, 2024 · 0 comments

Comments

@radoslav-georgiev-flolive
Copy link
Contributor

The sequence number counter should wrap around to zero on reaching 0x800000 instead of 0x1000000. The explanation why this value should be used can be found in 3GPP TS 29.274, section 7.6 ("Reliable Delivery of Signalling Messages"), where it is mentioned that sequence numbers with their most significant bit set to 1 should be used only for Command messages and for requests which were triggered by Command messages, as well as for Triggered Reply messages, and not for requests which were not triggered by a Command message (i.e. Initial Request messages). It is therefore assumed that if the sequence number counter is initialized with zero, it is supposed to be used when sending Initial Request messages only. That's why its value becoming 0x800000 (and being incremented further) would in practice change the type of the message and the way it's supposed to be handled, which is incorrect behavior.
radoslav-georgiev-flolive added a commit to radoslav-georgiev-flolive/go-gtp that referenced this issue Feb 20, 2024
@radoslav-georgiev-flolive
[gtpv2] Fix the overflow value for the sequence number (wmnsk#265)
982289c 
Make the sequence number counter wrap around to
zero on reaching `0x800000` instead of
`0x1000000`.  The explanation why this value
should be used can be found in 3GPP TS 29.274,
section 7.6 ("Reliable Delivery of Signalling
Messages"), where it is mentioned that sequence
numbers with their most significant bit set to 1
should be used only for Command messages and for
requests which were triggered by Command messages,
as well as for Triggered Reply messages, and *not*
for requests which were not triggered by a Command
message (i.e. Initial Request messages).  It is
therefore assumed that if the sequence number
counter is initialized with zero, it is supposed
to be used when sending Initial Request messages
only.  That's why its value becoming `0x800000`
(and being incremented further) would in practice
change the type of the message and the way it's
supposed to be handled, which is incorrect
behavior.
wmnsk added a commit that referenced this issue Feb 20, 2024
@wmnsk
Merge pull request #266 from radoslav-georgiev-flolive/fix-gtpv2c-seq…
9063cea 
…uence-number-overflow-value

[gtpv2] Fix the overflow value for the sequence number (#265)
@wmnsk wmnsk closed this as completed Feb 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wmnsk @radoslav-georgiev-flolive