From e79dc4a8f046925682da7a5a5ad70462d187fc40 Mon Sep 17 00:00:00 2001
From: Will Greenberg <willg@eff.org>
Date: Tue, 25 Mar 2025 14:34:26 -0700
Subject: [PATCH] lib: diable null-cipher heuristic due to false positives

Due to an upstream hampi bug (https://github.com/ystero-dev/hampi/issues/133),
our RRC parser is reporting false-positives for the null cipher
heuristic.
---
 lib/src/analysis/analyzer.rs | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/src/analysis/analyzer.rs b/lib/src/analysis/analyzer.rs
index e160483..3d3caaa 100644
--- a/lib/src/analysis/analyzer.rs
+++ b/lib/src/analysis/analyzer.rs
@@ -121,7 +121,11 @@ impl Harness {
         harness.add_analyzer(Box::new(ImsiRequestedAnalyzer::new()));
         harness.add_analyzer(Box::new(ConnectionRedirect2GDowngradeAnalyzer{}));
         harness.add_analyzer(Box::new(LteSib6And7DowngradeAnalyzer{}));
-        harness.add_analyzer(Box::new(NullCipherAnalyzer{}));
+
+        // FIXME: our RRC parser is reporting false positives for this due to an
+        // upstream hampi bug (https://github.com/ystero-dev/hampi/issues/133).
+        // once that's fixed, we should regenerate our parser and re-enable this
+        // harness.add_analyzer(Box::new(NullCipherAnalyzer{}));
 
         harness
     }