1 files changed, 143 insertions, 44 deletions
diff --git a/lib/diameter/include/diameter_gen.hrl b/lib/diameter/include/diameter_gen.hrl
index c8f706dc3e..bc25f7d472 100644
--- a/lib/diameter/include/diameter_gen.hrl
+++ b/lib/diameter/include/diameter_gen.hrl
@@ -30,6 +30,10 @@
 %% error or not. See is_strict/0.
 -define(STRICT_KEY, strict).
 
+%% Key that says whether or not we should do a best-effort decode
+%% within Failed-AVP.
+-define(FAILED_KEY, failed).
+
 -type parent_name()   :: atom().  %% parent = Message or AVP
 -type parent_record() :: tuple(). %%
 -type avp_name()   :: atom().
@@ -286,15 +290,7 @@ decode(Name, 'AVP', Avp, Acc) ->
 
 %% d/3
 
-%% Don't try to decode the value of a Failed-AVP component since it
-%% probably won't. Note that matching on 'Failed-AVP' assumes that
-%% this is the RFC AVP, with code 279. Strictly, this doesn't need to
-%% be the case, so we're assuming no one defines another Failed-AVP.
-d('Failed-AVP' = Name, Avp, Acc) ->
-    decode_AVP(Name, Avp, Acc);
-
-%% Or try to decode.
-d(Name, Avp, {Avps, Acc}) ->
+d(Name, Avp, Acc) ->
     #diameter_avp{name = AvpName,
                   data = Data,
                   type = Type,
@@ -307,51 +303,120 @@ d(Name, Avp, {Avps, Acc}) ->
     %% value around through the entire decode. The solution here is
     %% simple in comparison, both to implement and to understand.
 
-    Reset = relax(Type, M),
+    Strict = relax(Type, M),
+
+    %% Use the process dictionary again to keep track of whether we're
+    %% decoding within Failed-AVP and should ignore decode errors
+    %% altogether.
+
+    Failed = relax(Name),  %% Not AvpName or else a failed Failed-AVP
+                           %% decode is packed into 'AVP'.
+    Mod = dict(Failed),    %% Dictionary to decode in.
 
-    try avp(decode, Data, AvpName) of
+    try Mod:avp(decode, Data, AvpName) of
         V ->
+            {Avps, T} = Acc,
             {H, A} = ungroup(V, Avp),
-            {[H | Avps], pack_avp(Name, A, Acc)}
+            {[H | Avps], pack_avp(Name, A, T)}
     catch
         error: Reason ->
-            %% Failures here won't be visible since they're a "normal"
-            %% occurrence if the peer sends a faulty AVP that we need to
-            %% respond sensibly to. Log the occurence for traceability,
-            %% but the peer will also receive info in the resulting
-            %% answer-message.
-            diameter_lib:log({decode, failure},
-                             ?MODULE,
-                             ?LINE,
-                             {Reason, Avp, erlang:get_stacktrace()}),
-            {Rec, Failed} = Acc,
-            {[Avp|Avps], {Rec, [rc(Reason, Avp) | Failed]}}
+            d(undefined == Failed orelse is_failed(),
+              Reason,
+              Name,
+              trim(Avp),
+              Acc)
     after
-        relax(Reset)
+        reset(?STRICT_KEY, Strict),
+        reset(?FAILED_KEY, Failed)
     end.
 
+%% trim/1
+%%
+%% Remove any extra bit that was added in diameter_codec to induce a
+%% 5014 error.
+
+trim(#diameter_avp{data = <<0:1, Bin/binary>>} = Avp) ->
+    Avp#diameter_avp{data = Bin};
+
+trim(Avp) ->
+    Avp.
+
+%% dict/1
+%%
+%% Retrieve the dictionary for the best-effort decode of Failed-AVP,
+%% as put by diameter_codec:decode/2. See that function for the
+%% explanation.
+
+dict(true) ->
+    case get({diameter_codec, dictionary}) of
+        undefined ->
+            ?MODULE;
+        Mod ->
+            Mod
+    end;
+
+dict(_) ->
+    ?MODULE.
+
+%% d/5
+
+%% Ignore a decode error within Failed-AVP ...
+d(true, _, Name, Avp, Acc) ->
+    decode_AVP(Name, Avp, Acc);
+
+%% ... or not. Failures here won't be visible since they're a "normal"
+%% occurrence if the peer sends a faulty AVP that we need to respond
+%% sensibly to. Log the occurence for traceability, but the peer will
+%% also receive info in the resulting answer message.
+d(false, Reason, Name, Avp, {Avps, Acc}) ->
+    Stack = diameter_lib:get_stacktrace(),
+    diameter_lib:log(decode_error,
+                     ?MODULE,
+                     ?LINE,
+                     {Reason, Name, Avp#diameter_avp.name, Stack}),
+    {Rec, Failed} = Acc,
+    {[Avp|Avps], {Rec, [rc(Reason, Avp) | Failed]}}.
+
+%% relax/2
+
 %% Set false in the process dictionary as soon as we see a Grouped AVP
 %% that doesn't set the M-bit, so that is_strict() can say whether or
 %% not to ignore the M-bit on an encapsulated AVP.
 relax('Grouped', M) ->
-    V = getr(?STRICT_KEY),
-    if V == undefined andalso not M ->
+    case getr(?STRICT_KEY) of
+        undefined when not M ->
             putr(?STRICT_KEY, M);
-       true ->
+        _ ->
             false
     end;
 relax(_, _) ->
     false.
 
-%% Reset strictness.
-relax(undefined) ->
-    eraser(?STRICT_KEY);
-relax(false) ->
-    ok.
-
 is_strict() ->
     false /= getr(?STRICT_KEY).
 
+%% relax/1
+%%
+%% Set true in the process dictionary as soon as we see Failed-AVP.
+%% Matching on 'Failed-AVP' assumes that this is the RFC AVP.
+%% Strictly, this doesn't need to be the case.
+
+relax('Failed-AVP') ->
+    is_failed() orelse putr(?FAILED_KEY, true);
+
+relax(_) ->
+    is_failed().
+    
+is_failed() ->
+    true == getr(?FAILED_KEY).
+
+%% reset/2
+
+reset(Key, undefined) ->
+    eraser(Key);
+reset(_, _) ->
+    ok.
+
 %% decode_AVP/3
 %%
 %% Don't know this AVP: see if it can be packed in an 'AVP' field
@@ -410,8 +475,25 @@ pack_avp(_, Arity, Avp, Acc) ->
 
 %% pack_AVP/3
 
-pack_AVP(Name, #diameter_avp{is_mandatory = M} = Avp, Acc) ->
-    case pack_arity(Name, M) of
+%% Length failure was induced because of a header/payload length
+%% mismatch. The AVP Length is reset to match the received data if
+%% this AVP is encoded in an answer message, since the length is
+%% computed.
+%%
+%% Data is a truncated header if command_code = undefined, otherwise
+%% payload bytes. The former is padded to the length of a header if
+%% the AVP reaches an outgoing encode in diameter_codec.
+%%
+%% RFC 6733 says that an AVP returned with 5014 can contain a minimal
+%% payload for the AVP's type, but in this case we don't know the
+%% type.
+
+pack_AVP(_, #diameter_avp{data = <<0:1, Data/binary>>} = Avp, Acc) ->
+    {Rec, Failed} = Acc,
+    {Rec, [{5014, Avp#diameter_avp{data = Data}} | Failed]};
+
+pack_AVP(Name, #diameter_avp{is_mandatory = M, name = AvpName} = Avp, Acc) ->
+    case pack_arity(Name, AvpName, M) of
         0 ->
             {Rec, Failed} = Acc,
             {Rec, [{if M -> 5001; true -> 5008 end, Avp} | Failed]};
@@ -419,15 +501,32 @@ pack_AVP(Name, #diameter_avp{is_mandatory = M} = Avp, Acc) ->
             pack(Arity, 'AVP', Avp, Acc)
     end.
 
-%% Give Failed-AVP special treatment since it'll contain any
-%% unrecognized mandatory AVP's.
-pack_arity(Name, M) ->
-    case Name /= 'Failed-AVP' andalso M andalso is_strict() of
-        true ->
-            0;
-        false ->
-            avp_arity(Name, 'AVP')
-    end.
+%% Give Failed-AVP special treatment since (1) it'll contain any
+%% unrecognized mandatory AVP's and (2) the RFC 3588 grammar failed to
+%% allow for Failed-AVP in an answer-message.
+
+pack_arity(Name, AvpName, M) ->
+    IsFailed = Name == 'Failed-AVP' orelse is_failed(),
+
+    %% Not testing just Name /= 'Failed-AVP' means we're changing the
+    %% packing of AVPs nested within Failed-AVP, but the point of
+    %% ignoring errors within Failed-AVP is to decode as much as
+    %% possible, and failing because a mandatory AVP couldn't be
+    %% packed into a dedicated field defeats that point. Note that we
+    %% can't just test not is_failed() since this will be 'true' when
+    %% packing an unknown AVP directly within Failed-AVP.
+
+    pack_arity(IsFailed
+                 orelse {Name, AvpName} == {'answer-message', 'Failed-AVP'}
+                 orelse not M
+                 orelse not is_strict(),
+               Name).
+
+pack_arity(true, Name) ->
+    avp_arity(Name, 'AVP');
+
+pack_arity(false, _) ->
+    0.
 
 %% 3588:
 %%