From ee7821eb61f6b3befb0164e734b311601365d33b Mon Sep 17 00:00:00 2001
From: Tien-Thinh Nguyen <Tien-Thinh.Nguyen@eurecom.fr>
Date: Wed, 18 Aug 2021 12:30:11 +0200
Subject: [PATCH] Fix issue for PDU Sesison ID in Handover Request

---
 src/amf-app/amf_n2.cpp                        | 38 +++++++++++--------
 .../ngapIEs/PDUSessionResourceListHORqd.cpp   |  6 ++-
 src/ngap/ngapMsgs/HandoverRequiredMsg.cpp     |  9 +++--
 3 files changed, 32 insertions(+), 21 deletions(-)

diff --git a/src/amf-app/amf_n2.cpp b/src/amf-app/amf_n2.cpp
index 4c155af1..5dcbbb29 100644
--- a/src/amf-app/amf_n2.cpp
+++ b/src/amf-app/amf_n2.cpp
@@ -1233,6 +1233,8 @@ bool amf_n2::handle_itti_message(itti_handover_required& itti_msg) {
   handover_request->setUESecurityCapabilities(
       0xe000, 0xe000, 0xe000, 0xe000);  // TODO: remove hardcoded values
 
+  handover_request->setSourceToTarget_TransparentContainer(sourceTotarget);
+
   // Allowed NSSAI
   std::vector<S_NSSAI> Allowed_Nssai;
   for (int i = 0; i < amf_cfg.plmn_list.size(); i++) {
@@ -1244,7 +1246,9 @@ bool amf_n2::handle_itti_message(itti_handover_required& itti_msg) {
       Allowed_Nssai.push_back(s_nssai);
     }
   }
+  handover_request->setAllowedNSSAI(Allowed_Nssai);
 
+  // GUAMI, PLMN
   Guami_t guami              = {};
   guami.mcc                  = amf_cfg.guami.mcc;
   guami.mnc                  = amf_cfg.guami.mnc;
@@ -1260,10 +1264,18 @@ bool amf_n2::handle_itti_message(itti_handover_required& itti_msg) {
   m_aMFSetID->setAMFSetID(guami.AmfSetID);
   m_aMFPointer->setAMFPointer(guami.AmfPointer);
 
+  handover_request->setMobilityRestrictionList(m_plmnId);
+  handover_request->setGUAMI(m_plmnId, m_aMFRegionID, m_aMFSetID, m_aMFPointer);
+
+  // Security context
   std::shared_ptr<nas_context> nc =
       amf_n1_inst->amf_ue_id_2_nas_context(amf_ue_ngap_id);
   nas_secu_ctx* secu = nc.get()->security_ctx;
-  uint8_t* kamf      = nc.get()->kamf[secu->vector_pointer];
+  if (!secu) {
+    Logger::amf_n1().error("No Security Context found");
+    return false;
+  }
+  uint8_t* kamf = nc.get()->kamf[secu->vector_pointer];
   uint8_t kgnb[32];
   uint32_t ulcount = secu->ul_count.seq_num | (secu->ul_count.overflow << 8);
   Logger::amf_n1().debug("Uplink count (%d)", secu->ul_count.seq_num);
@@ -1289,9 +1301,6 @@ bool amf_n2::handle_itti_message(itti_handover_required& itti_msg) {
         "Decoding PDU Session Resource List IE error or IE missing");
   }
 
-  std::vector<PDUSessionResourceSetupRequestItem_t> list;
-  PDUSessionResourceSetupRequestItem_t item = {};
-
   std::map<uint8_t, boost::shared_future<std::string>> curl_responses;
 
   for (auto pdu_session_resource : pdu_session_resource_list) {
@@ -1327,7 +1336,7 @@ bool amf_n2::handle_itti_message(itti_handover_required& itti_msg) {
           "task TASK_AMF_N11");
       itti_nsmf_pdusession_update_sm_context* itti_msg =
           new itti_nsmf_pdusession_update_sm_context(TASK_NGAP, TASK_AMF_N11);
-      itti_msg->pdu_session_id = item.pduSessionId;
+      itti_msg->pdu_session_id = pdu_session_resource.pduSessionId;
       itti_msg->n2sm           = blk2bstr(
           pdu_session_resource.HandoverRequiredTransfer.buf,
           pdu_session_resource.HandoverRequiredTransfer.size);
@@ -1350,6 +1359,8 @@ bool amf_n2::handle_itti_message(itti_handover_required& itti_msg) {
 
   // TODO: Handover Response supervision
   // Wait until receiving all responses from SMFs before sending Handover
+  std::vector<PDUSessionResourceSetupRequestItem_t> list;
+
   bool result = true;
   while (!curl_responses.empty()) {
     boost::future_status status;
@@ -1370,12 +1381,13 @@ bool amf_n2::handle_itti_message(itti_handover_required& itti_msg) {
         std::shared_ptr<pdu_session_context> psc = {};
         if (amf_app_inst->find_pdu_session_context(
                 supi, curl_responses.begin()->first, psc)) {
-          item.pduSessionId      = psc.get()->pdu_session_id;
-          item.s_nssai.sst       = psc.get()->snssai.sST;
-          item.s_nssai.sd        = psc.get()->snssai.sD;
-          item.pduSessionNAS_PDU = nullptr;
-          unsigned int data_len  = n2_sm.length();
-          unsigned char* data    = (unsigned char*) malloc(data_len + 1);
+          PDUSessionResourceSetupRequestItem_t item = {};
+          item.pduSessionId                         = psc.get()->pdu_session_id;
+          item.s_nssai.sst                          = psc.get()->snssai.sST;
+          item.s_nssai.sd                           = psc.get()->snssai.sD;
+          item.pduSessionNAS_PDU                    = nullptr;
+          unsigned int data_len                     = n2_sm.length();
+          unsigned char* data = (unsigned char*) malloc(data_len + 1);
           memset(data, 0, data_len + 1);
           memcpy((void*) data, (void*) n2_sm.c_str(), data_len);
           item.pduSessionResourceSetupRequestTransfer.buf  = data;
@@ -1397,10 +1409,6 @@ bool amf_n2::handle_itti_message(itti_handover_required& itti_msg) {
 
   // Request to Target RAN
   handover_request->setPduSessionResourceSetupList(list);
-  handover_request->setAllowedNSSAI(Allowed_Nssai);
-  handover_request->setSourceToTarget_TransparentContainer(sourceTotarget);
-  handover_request->setMobilityRestrictionList(m_plmnId);
-  handover_request->setGUAMI(m_plmnId, m_aMFRegionID, m_aMFSetID, m_aMFPointer);
 
   uint8_t buffer[BUFFER_SIZE_2048];
   int encoded_size = handover_request->encode2buffer(buffer, BUFFER_SIZE_2048);
diff --git a/src/ngap/ngapIEs/PDUSessionResourceListHORqd.cpp b/src/ngap/ngapIEs/PDUSessionResourceListHORqd.cpp
index 91515c6c..024f5d03 100644
--- a/src/ngap/ngapIEs/PDUSessionResourceListHORqd.cpp
+++ b/src/ngap/ngapIEs/PDUSessionResourceListHORqd.cpp
@@ -67,8 +67,10 @@ bool PDUSessionResourceListHORqd::decodefromPDUSessionResourceListHORqd(
 }
 void PDUSessionResourceListHORqd::getPDUSessionResourceListHORqd(
     PDUSessionResourceItemHORqd*& m_pduSessionResourceItemHORqd, int& num) {
-  m_pduSessionResourceItemHORqd = pduSessionResourceItemHORqd;
-  num                           = numofpduSessionResourceItemHORqd;
+  if (pduSessionResourceItemHORqd) {
+    m_pduSessionResourceItemHORqd = pduSessionResourceItemHORqd;
+    num                           = numofpduSessionResourceItemHORqd;
+  }
 }
 
 }  // namespace ngap
diff --git a/src/ngap/ngapMsgs/HandoverRequiredMsg.cpp b/src/ngap/ngapMsgs/HandoverRequiredMsg.cpp
index d91a63d4..bd4ec127 100644
--- a/src/ngap/ngapMsgs/HandoverRequiredMsg.cpp
+++ b/src/ngap/ngapMsgs/HandoverRequiredMsg.cpp
@@ -131,15 +131,16 @@ bool HandoverRequiredMsg::getPDUSessionResourceList(
     std::vector<PDUSessionResourceItem_t>& list) {
   if (!PDUSessionResourceList) return false;
 
-  PDUSessionResourceItemHORqd* m_pduSessionResourceItemHORqd;
-  int num = 0;
+  PDUSessionResourceItemHORqd* m_pduSessionResourceItemHORqd = nullptr;
+  int num                                                    = 0;
   PDUSessionResourceList->getPDUSessionResourceListHORqd(
       m_pduSessionResourceItemHORqd, num);
+  if (!m_pduSessionResourceItemHORqd) return false;
 
   for (int i = 0; i < num; i++) {
-    PDUSessionResourceItem_t response;
+    PDUSessionResourceItem_t response = {};
 
-    PDUSessionID* m_pDUSessionID;
+    PDUSessionID* m_pDUSessionID = nullptr;
     m_pduSessionResourceItemHORqd[i].getPDUSessionResourceItemHORqd(
         m_pDUSessionID, response.HandoverRequiredTransfer);
     m_pDUSessionID->getPDUSessionID(response.pduSessionId);
-- 
2.26.2