NAS replay protection bug fix

src/ue/nas/mm/messaging.cpp

@@ -363,13 +363,18 @@ bool NasMm::checkForReplay(const nas::SecuredMmMessage &msg)
 {
     int n = static_cast<int>(msg.sequenceNumber);
 
-    for (int seq : m_lastNasSequenceNums)
+    if (m_usim->m_currentNsCtx)
+    {
+        auto &lastNasSequenceNums = m_usim->m_currentNsCtx->lastNasSequenceNums;
+
+        for (int seq : lastNasSequenceNums)
             if (seq == n)
                 return false;
 
-    m_lastNasSequenceNums.push_back(n);
-    while (m_lastNasSequenceNums.size() > 16)
-        m_lastNasSequenceNums.pop_front();
+        lastNasSequenceNums.push_back(n);
+        while (lastNasSequenceNums.size() > 16)
+            lastNasSequenceNums.pop_front();
+    }
 
     return true;
 }

src/ue/nas/mm/mm.hpp

@@ -65,8 +65,6 @@ class NasMm
     int64_t m_lastTimePlmnSearchFailureLogged{};
     // Last time MM state changed
     int64_t m_lastTimeMmStateChange{};
-    // Received NAS sequence numbers for replay protection
-    std::deque<int> m_lastNasSequenceNums{};
 
     friend class UeCmdHandler;
     friend class NasSm;

src/ue/types.hpp

@@ -423,6 +423,8 @@ struct NasSecurityContext
     nas::ETypeOfIntegrityProtectionAlgorithm integrity{};
     nas::ETypeOfCipheringAlgorithm ciphering{};
 
+    std::deque<int> lastNasSequenceNums{};
+
     void updateDownlinkCount(const NasCount &validatedCount)
     {
         downlinkCount.overflow = validatedCount.overflow;
@@ -476,6 +478,7 @@ struct NasSecurityContext
         ctx.keys = keys.deepCopy();
         ctx.integrity = integrity;
         ctx.ciphering = ciphering;
+        ctx.lastNasSequenceNums = lastNasSequenceNums;
         return ctx;
     }
 };