Code Review / ric-plt / submgr.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 0bb599b) | patch
Fix CVE-2024-34036 76/15476/2
authormdimado <mdimad005@gmail.com>
Wed, 11 Feb 2026 19:13:34 +0000 (00:43 +0530)
committermdimado <mdimad005@gmail.com>
Thu, 12 Feb 2026 05:39:10 +0000 (11:09 +0530)
commitd42f563c8cc9f5d2884ed38e4215587793f1a824
treee4899dfe9be61b390b5064fe0422dbf2db2ac996tree | snapshot
parent0bb599bc0fc0bef72770ac08b2d710cb5b0ed5a2commit | diff
Fix CVE-2024-34036

1. CVE-2024-34036: Implemented a per-xApp, per-route token-bucket
   rate limiting system in ratelimiter.go and integrated it into
   control.go using a RateLimiterWrapper around REST and subscription
   handlers to prevent request flooding and subscription-based
   denial-of-service against submgr.

Change-Id: I543b47940598d32c4afb3c5e73819ac65cc62015
Signed-off-by: Mohammed Imaduddin <mdimad005@gmail.com>
48 files changed:
go.mod diff | blob | history
go.sum diff | blob | history
pkg/control/control.go diff | blob | history
pkg/control/ratelimiter.go [new file with mode: 0644] blob
pkg/rtmgr_client/debug/debug_client.go [new file with mode: 0644] blob
pkg/rtmgr_client/debug/get_debuginfo_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/debug/get_debuginfo_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/add_rmr_route_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/add_rmr_route_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/associate_ran_to_e2t_handle_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/associate_ran_to_e2t_handle_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/create_new_e2t_handle_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/create_new_e2t_handle_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/del_rmr_route_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/del_rmr_route_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/delete_e2t_handle_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/delete_e2t_handle_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/delete_xapp_subscription_handle_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/delete_xapp_subscription_handle_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/dissociate_ran_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/dissociate_ran_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/get_handles_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/get_handles_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/handle_client.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/provide_xapp_handle_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/provide_xapp_handle_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/provide_xapp_subscription_handle_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/provide_xapp_subscription_handle_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/update_xapp_subscription_handle_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/handle/update_xapp_subscription_handle_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/health/get_health_parameters.go [new file with mode: 0644] blob
pkg/rtmgr_client/health/get_health_responses.go [new file with mode: 0644] blob
pkg/rtmgr_client/health/health_client.go [new file with mode: 0644] blob
pkg/rtmgr_client/routing_manager_client.go [new file with mode: 0644] blob
pkg/rtmgr_models/add_rmr_route.go [new file with mode: 0644] blob
pkg/rtmgr_models/debuginfo.go [new file with mode: 0644] blob
pkg/rtmgr_models/e2t_data.go [new file with mode: 0644] blob
pkg/rtmgr_models/e2t_delete_data.go [new file with mode: 0644] blob
pkg/rtmgr_models/endpoint.go [new file with mode: 0644] blob
pkg/rtmgr_models/health_status.go [new file with mode: 0644] blob
pkg/rtmgr_models/ran_e2t_element.go [new file with mode: 0644] blob
pkg/rtmgr_models/ran_e2t_map.go [new file with mode: 0644] blob
pkg/rtmgr_models/ran_namelist.go [new file with mode: 0644] blob
pkg/rtmgr_models/routelist.go [new file with mode: 0644] blob
pkg/rtmgr_models/xapp_callback_data.go [new file with mode: 0644] blob
pkg/rtmgr_models/xapp_element.go [new file with mode: 0644] blob
pkg/rtmgr_models/xapp_list.go [new file with mode: 0644] blob
pkg/rtmgr_models/xapp_subscription_data.go [new file with mode: 0644] blob
(near-realtime) RIC Platform Subscription Manager