[PATCH] stkagent: Sanitize any output from the agent
by Philippe Nunes
---
src/stkagent.c | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 53 insertions(+), 3 deletions(-)
diff --git a/src/stkagent.c b/src/stkagent.c
index 63b82f3..dbcc962 100644
--- a/src/stkagent.c
+++ b/src/stkagent.c
@@ -59,6 +59,9 @@ struct stk_agent {
DBusPendingCall *call;
void *user_cb;
void *user_data;
+ int min_length;
+ int max_length;
+ ofono_bool_t hidden_entry;
ofono_destroy_func user_destroy;
const struct stk_menu *request_selection_menu;
@@ -539,14 +542,24 @@ static void get_digit_cb(DBusPendingCall *call, void *data)
if (dbus_message_get_args(reply, NULL,
DBUS_TYPE_STRING, &digit,
- DBUS_TYPE_INVALID) == FALSE ||
- strlen(digit) != 1 ||
- !valid_phone_number_format(digit)) {
+ DBUS_TYPE_INVALID) == FALSE) {
ofono_error("Can't parse the reply to GetDigit()");
remove_agent = TRUE;
goto error;
}
+ if (strlen(digit) != 1 || !strspn(digit, "0123456789*#+")) {
+ ofono_error("Invalid character");
+ remove_agent = TRUE;
+ goto error;
+ }
+
+ if (agent->hidden_entry && digit[0] == '+') {
+ ofono_error("The character + is not allowed in this mode");
+ remove_agent = TRUE;
+ goto error;
+ }
+
cb(result, digit, agent->user_data);
CALLBACK_END();
@@ -578,6 +591,7 @@ int stk_agent_request_digit(struct stk_agent *agent, const char *text,
agent->user_cb = cb;
agent->user_data = user_data;
agent->user_destroy = destroy;
+ agent->hidden_entry = FALSE;
dbus_pending_call_set_notify(agent->call, get_digit_cb, agent, NULL);
@@ -610,6 +624,7 @@ int stk_agent_request_quick_digit(struct stk_agent *agent, const char *text,
agent->user_cb = cb;
agent->user_data = user_data;
agent->user_destroy = destroy;
+ agent->hidden_entry = TRUE;
dbus_pending_call_set_notify(agent->call, get_digit_cb, agent, NULL);
@@ -692,6 +707,7 @@ static void get_digits_cb(DBusPendingCall *call, void *data)
enum stk_agent_result result;
gboolean remove_agent;
char *string;
+ int len, span;
if (check_error(agent, reply,
ALLOWED_ERROR_GO_BACK | ALLOWED_ERROR_TERMINATE,
@@ -713,6 +729,25 @@ static void get_digits_cb(DBusPendingCall *call, void *data)
goto error;
}
+ len = strlen(string);
+
+ if (len < agent->min_length || len > agent->max_length) {
+ ofono_error("Length not acceptable");
+ remove_agent = TRUE;
+ goto error;
+ }
+
+ if (agent->hidden_entry)
+ span = strspn(string, "0123456789*#");
+ else
+ span = strspn(string, "0123456789*#+");
+
+ if (span != len) {
+ ofono_error("Invalid character found");
+ remove_agent = TRUE;
+ goto error;
+ }
+
cb(result, string, agent->user_data);
CALLBACK_END();
@@ -756,6 +791,9 @@ int stk_agent_request_digits(struct stk_agent *agent, const char *text,
agent->user_cb = cb;
agent->user_data = user_data;
agent->user_destroy = destroy;
+ agent->min_length = min_val;
+ agent->max_length = max_val;
+ agent->hidden_entry = hidden_val;
dbus_pending_call_set_notify(agent->call, get_digits_cb, agent, NULL);
@@ -770,6 +808,7 @@ static void get_input_cb(DBusPendingCall *call, void *data)
enum stk_agent_result result;
gboolean remove_agent;
char *string;
+ int len;
if (check_error(agent, reply,
ALLOWED_ERROR_GO_BACK | ALLOWED_ERROR_TERMINATE,
@@ -791,6 +830,14 @@ static void get_input_cb(DBusPendingCall *call, void *data)
goto error;
}
+ len = g_utf8_strlen(string, -1);
+
+ if (len < agent->min_length || len > agent->max_length) {
+ ofono_error("Length not acceptable");
+ remove_agent = TRUE;
+ goto error;
+ }
+
cb(result, string, agent->user_data);
CALLBACK_END();
@@ -835,6 +882,9 @@ int stk_agent_request_input(struct stk_agent *agent, const char *text,
agent->user_cb = cb;
agent->user_data = user_data;
agent->user_destroy = destroy;
+ agent->min_length = min_val;
+ agent->max_length = max_val;
+ agent->hidden_entry = hidden_val;
dbus_pending_call_set_notify(agent->call, get_input_cb, agent, NULL);
--
1.7.9.5
7 years, 11 months
[PATCH v4 1/3] smsutil: Fix style issues
by Philippe Nunes
---
src/smsutil.c | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/src/smsutil.c b/src/smsutil.c
index a541964..b4d129f 100644
--- a/src/smsutil.c
+++ b/src/smsutil.c
@@ -81,11 +81,11 @@ void extract_bcd_number(const unsigned char *buf, int len, char *out)
for (i = 0; i < len; i++) {
oct = buf[i];
- out[i*2] = digit_lut[oct & 0x0f];
- out[i*2+1] = digit_lut[(oct & 0xf0) >> 4];
+ out[i * 2] = digit_lut[oct & 0x0f];
+ out[i * 2 + 1] = digit_lut[(oct & 0xf0) >> 4];
}
- out[i*2] = '\0';
+ out[i * 2] = '\0';
}
static inline int to_semi_oct(char in)
@@ -600,7 +600,7 @@ gboolean sms_encode_address_field(const struct sms_address *in, gboolean sc,
out:
pdu[0] = addr_len;
pdu[1] = (in->number_type << 4) | in->numbering_plan | 0x80;
- memcpy(pdu+2, p, (sc ? addr_len - 1 : (addr_len + 1) / 2));
+ memcpy(pdu + 2, p, (sc ? addr_len - 1 : (addr_len + 1) / 2));
*offset = *offset + 2 + (sc ? addr_len - 1 : (addr_len + 1) / 2);
@@ -768,7 +768,7 @@ static gboolean decode_deliver(const unsigned char *pdu, int len,
if ((len - offset) < expected)
return FALSE;
- memcpy(out->deliver.ud, pdu+offset, expected);
+ memcpy(out->deliver.ud, pdu + offset, expected);
return TRUE;
}
@@ -929,11 +929,11 @@ static gboolean decode_submit_report(const unsigned char *pdu, int len,
if (out->type == SMS_TYPE_SUBMIT_REPORT_ERROR) {
out->submit_err_report.udl = udl;
memcpy(out->submit_err_report.ud,
- pdu+offset, expected);
+ pdu + offset, expected);
} else {
out->submit_ack_report.udl = udl;
memcpy(out->submit_ack_report.ud,
- pdu+offset, expected);
+ pdu + offset, expected);
}
}
@@ -1063,7 +1063,7 @@ static gboolean decode_status_report(const unsigned char *pdu, int len,
if ((len - offset) < expected)
return FALSE;
- memcpy(out->status_report.ud, pdu+offset, expected);
+ memcpy(out->status_report.ud, pdu + offset, expected);
}
return TRUE;
@@ -1214,11 +1214,11 @@ static gboolean decode_deliver_report(const unsigned char *pdu, int len,
if (out->type == SMS_TYPE_DELIVER_REPORT_ERROR) {
out->deliver_err_report.udl = udl;
memcpy(out->deliver_err_report.ud,
- pdu+offset, expected);
+ pdu + offset, expected);
} else {
out->deliver_ack_report.udl = udl;
memcpy(out->deliver_ack_report.ud,
- pdu+offset, expected);
+ pdu + offset, expected);
}
}
@@ -1371,7 +1371,7 @@ static gboolean decode_submit(const unsigned char *pdu, int len,
if (expected > (int) sizeof(out->submit.ud))
return FALSE;
- memcpy(out->submit.ud, pdu+offset, expected);
+ memcpy(out->submit.ud, pdu + offset, expected);
return TRUE;
}
@@ -1450,7 +1450,7 @@ static gboolean decode_command(const unsigned char *pdu, int len,
if ((len - offset) < out->command.cdl)
return FALSE;
- memcpy(out->command.cd, pdu+offset, out->command.cdl);
+ memcpy(out->command.cd, pdu + offset, out->command.cdl);
return TRUE;
}
@@ -1866,7 +1866,7 @@ void sms_address_from_string(struct sms_address *addr, const char *str)
addr->numbering_plan = SMS_NUMBERING_PLAN_ISDN;
if (str[0] == '+') {
addr->number_type = SMS_NUMBER_TYPE_INTERNATIONAL;
- strcpy(addr->address, str+1);
+ strcpy(addr->address, str + 1);
} else {
addr->number_type = SMS_NUMBER_TYPE_UNKNOWN;
strcpy(addr->address, str);
@@ -4139,7 +4139,7 @@ char *cbs_decode_text(GSList *cbs_list, char *iso639_lang)
break;
buf[bufsize] = ud[i];
- buf[bufsize + 1] = ud[i+1];
+ buf[bufsize + 1] = ud[i + 1];
bufsize += 2;
i += 2;
--
1.7.9.5
7 years, 11 months
[PATCH 7/8] netreg: adapt CMER and CIEV for telit
by Christopher Vogl
Telit uses a 2 to enable indicator event reporting and
indicators in a +CIEV URC are identified by strings, not numbers.
---
drivers/atmodem/network-registration.c | 46 +++++++++++++++++++++++++-------
1 files changed, 36 insertions(+), 10 deletions(-)
diff --git a/drivers/atmodem/network-registration.c b/drivers/atmodem/network-registration.c
index 3d09913..7083efe 100644
--- a/drivers/atmodem/network-registration.c
+++ b/drivers/atmodem/network-registration.c
@@ -54,6 +54,7 @@ struct netreg_data {
GAtChat *chat;
char mcc[OFONO_MAX_MCC_LENGTH + 1];
char mnc[OFONO_MAX_MNC_LENGTH + 1];
+ const char *signal_identifier;
int signal_index; /* If strength is reported via CIND */
int signal_min; /* min strength reported via CIND */
int signal_max; /* max strength reported via CIND */
@@ -734,6 +735,7 @@ static void ciev_notify(GAtResult *result, gpointer user_data)
struct ofono_netreg *netreg = user_data;
struct netreg_data *nd = ofono_netreg_get_data(netreg);
int strength, ind;
+ const char *ind_str;
GAtResultIter iter;
g_at_result_iter_init(&iter, result);
@@ -741,11 +743,23 @@ static void ciev_notify(GAtResult *result, gpointer user_data)
if (!g_at_result_iter_next(&iter, "+CIEV:"))
return;
- if (!g_at_result_iter_next_number(&iter, &ind))
- return;
+ /*
+ * Telit uses strings to identify indicators.
+ */
+ if (nd->vendor == OFONO_VENDOR_TELIT) {
+ if (!g_at_result_iter_next_unquoted_string(&iter, &ind_str))
+ return;
- if (ind != nd->signal_index)
- return;
+ if (!g_str_equal(nd->signal_identifier, ind_str))
+ return;
+ }
+ else {
+ if (!g_at_result_iter_next_number(&iter, &ind))
+ return;
+
+ if (ind != nd->signal_index)
+ return;
+ }
if (!g_at_result_iter_next_number(&iter, &strength))
return;
@@ -754,6 +768,8 @@ static void ciev_notify(GAtResult *result, gpointer user_data)
strength = -1;
else
strength = (strength * 100) / (nd->signal_max - nd->signal_min);
+
+ DBG("Strength: %d", strength);
ofono_netreg_strength_notify(netreg, strength);
}
@@ -1401,12 +1417,12 @@ static void cind_support_cb(gboolean ok, GAtResult *result, gpointer user_data)
struct netreg_data *nd = ofono_netreg_get_data(netreg);
GAtResultIter iter;
const char *str;
- char *signal_identifier = "signal";
+ const char *cmd;
int index;
int min = 0;
int max = 0;
int tmp_min, tmp_max, invalid;
-
+
if (!ok)
goto error;
@@ -1422,8 +1438,10 @@ static void cind_support_cb(gboolean ok, GAtResult *result, gpointer user_data)
*/
if (nd->vendor == OFONO_VENDOR_TELIT) {
g_at_result_iter_open_list(&iter);
- signal_identifier = "rssi";
+ nd->signal_identifier = "rssi";
}
+ else
+ nd->signal_identifier = "signal";
while (g_at_result_iter_open_list(&iter)) {
/* Reset invalid default value for every token */
@@ -1449,7 +1467,7 @@ static void cind_support_cb(gboolean ok, GAtResult *result, gpointer user_data)
if (!g_at_result_iter_close_list(&iter))
goto error;
- if (g_str_equal(signal_identifier, str) == TRUE) {
+ if (g_str_equal(nd->signal_identifier, str) == TRUE) {
nd->signal_index = index;
nd->signal_min = min;
nd->signal_max = max;
@@ -1464,8 +1482,16 @@ static void cind_support_cb(gboolean ok, GAtResult *result, gpointer user_data)
if (nd->signal_index == 0)
goto error;
-
- g_at_chat_send(nd->chat, "AT+CMER=3,0,0,1", NULL,
+
+ /*
+ * Telit uses a 2 to enable indicator event reporting, 1 is undefined.
+ */
+ if (nd->vendor == OFONO_VENDOR_TELIT)
+ cmd = "AT+CMER=3,0,0,2";
+ else
+ cmd = "AT+CMER=3,0,0,1";
+
+ g_at_chat_send(nd->chat, cmd, NULL,
NULL, NULL, NULL);
g_at_chat_register(nd->chat, "+CIEV:",
ciev_notify, FALSE, netreg, NULL);
--
1.7.7.6
--
Scanned by MailScanner.
7 years, 11 months
[PATCH] sms: Fix to find SMS entry posted by STK
by Philippe Nunes
SMS initiated by proactive command are not exposed on D-BUS.
Therefore, there is no message associated with the entry created from
STK.
---
src/sms.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/src/sms.c b/src/sms.c
index acfc39b..743f725 100644
--- a/src/sms.c
+++ b/src/sms.c
@@ -2114,16 +2114,15 @@ int __ofono_sms_txq_set_submit_notify(struct ofono_sms *sms,
void *data,
ofono_destroy_func destroy)
{
- struct message *m;
+ GList *l;
struct tx_queue_entry *entry;
- m = g_hash_table_lookup(sms->messages, uuid);
- if (m == NULL)
+ l = g_queue_find_custom(sms->txq, uuid, entry_compare_by_uuid);
+
+ if (l == NULL)
return -ENOENT;
- entry = message_get_data(m);
- if (entry == NULL)
- return -ENOTSUP;
+ entry = l->data;
tx_queue_entry_set_submit_notify(entry, cb, data, destroy);
--
1.7.9.5
7 years, 11 months
[RFC v1] gatchat: Print error message if opening tun failes
by Daniel Wagner
From: Daniel Wagner <daniel.wagner(a)bmw-carit.de>
This is a very common misstake. Let's help the users to
configure their system correctly.
---
Hi,
I was not able to find out why the check in at_grps_context_prope() does not
hit when the tun module is not loaded. Therefore, this on gets only
an RFC state...
cheers,
daniel
gatchat/ppp_net.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/gatchat/ppp_net.c b/gatchat/ppp_net.c
index 1609b99..813ed9b 100644
--- a/gatchat/ppp_net.c
+++ b/gatchat/ppp_net.c
@@ -155,8 +155,12 @@ struct ppp_net *ppp_net_new(GAtPPP *ppp, int fd)
if (fd < 0) {
/* open a tun interface */
fd = open("/dev/net/tun", O_RDWR);
- if (fd < 0)
+ if (fd < 0) {
+ ppp_debug(ppp, "Couldn't open tun device. "
+ "Do you run oFono as root and do you "
+ "have the TUN module loaded?");
goto error;
+ }
ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
strcpy(ifr.ifr_name, "ppp%d");
--
1.7.12.rc1.16.g05a20c8
7 years, 11 months
[PATCH 00/12] mmsd: (resending) Support Delivery Report notification
by Ronald Tessier
These patches concern mmsd and add delivery report notification support.
Add MMS M-Delivery.ind PDU decoding support.
Update meta file of the sent message to store the received msg_id and to add a
group [delivery_status] if delivery_report is requested.
Upon MMS M-Delivery.ind PDU reception, update delivery_status recipient entry
with the received status (this is described in doc/storage.txt) and signal the
new delivery_report status for the recipient concerned.
Modify the monitor_mms test script to add report_changed monitoring.
Update message-api.txt doc to describe new ReportChanged signal.
Ronald Tessier (12):
mmsutil: Define mms_delivery_ind struct
mmsutil: Decode delivery_ind msg
service: Store msg_id provided by M-Send.conf PDU
service: Move mms_address_to_string() up
service: Add a group [delivery_status] in the msg status
service: Support M-Delivery.ind in mms_service_push_notify()
service: Support delivery_ind notif on start
store: Define MMS_META_UUID_XXX len and suffix
service: Process delivery_ind notification
service: Send a delivery changed signal
test: Add ReportChanged to monitored signals
doc: Add ReportChanged signal description
doc/message-api.txt | 7 ++
src/mmsutil.c | 22 ++++-
src/mmsutil.h | 8 ++
src/service.c | 260 ++++++++++++++++++++++++++++++++++++++++++++++-----
src/store.c | 8 +-
src/store.h | 5 +
test/monitor-mms | 10 ++
7 files changed, 292 insertions(+), 28 deletions(-)
--
1.7.9.5
7 years, 11 months
[PATCH v2 0/4] Immediate digit response
by Philippe Nunes
Introduce a new STK method to get digit response on single key press.
This method asks to not display the entered digit and does not accept
the character '+'.
Philippe Nunes (4):
doc: Add new STK Agent API to get digit response on single key press
stkagent: Add new API to get digit response on single key press
stk: Ask for immediate digit response if specified by command
qualifier
test: Update with RequestQuickDigit API
doc/stk-api.txt | 9 +++++++++
src/stk.c | 9 +++++++--
src/stkagent.c | 32 ++++++++++++++++++++++++++++++++
src/stkagent.h | 5 +++++
test/test-stk-menu | 37 +++++++++++++++++++++++++++++++++++++
5 files changed, 90 insertions(+), 2 deletions(-)
--
1.7.9.5
7 years, 11 months
[PATCH] stk: Check if an agent is registered when UI is required
by Philippe Nunes
In case of unsolicited proactive command, we could have a crash
when no agent was registered.
---
src/stk.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/stk.c b/src/stk.c
index 18a8eaf..4c24abb 100644
--- a/src/stk.c
+++ b/src/stk.c
@@ -515,6 +515,9 @@ static gboolean stk_alpha_id_set(struct ofono_stk *stk,
if (alpha == NULL)
return FALSE;
+ if (stk->current_agent == NULL)
+ return FALSE;
+
if (stk->respond_on_exit)
stk_agent_display_action(stk->current_agent, alpha, icon,
user_termination_cb, stk, NULL);
@@ -2645,6 +2648,9 @@ static gboolean handle_setup_call_confirmation_req(struct stk_command *cmd,
if (alpha_id == NULL)
goto out;
+ if (stk->current_agent == FALSE)
+ goto out;
+
err = stk_agent_confirm_call(stk->current_agent, alpha_id,
&sc->icon_id_usr_cfm,
confirm_handled_call_cb,
@@ -2752,6 +2758,9 @@ void ofono_stk_proactive_command_notify(struct ofono_stk *stk,
case STK_COMMAND_TYPE_GET_INPUT:
case STK_COMMAND_TYPE_PLAY_TONE:
case STK_COMMAND_TYPE_SETUP_CALL:
+ case STK_COMMAND_TYPE_SEND_SMS:
+ case STK_COMMAND_TYPE_SEND_USSD:
+ case STK_COMMAND_TYPE_SEND_DTMF:
send_simple_response(stk, STK_RESULT_TYPE_NOT_CAPABLE);
return;
--
1.7.9.5
7 years, 11 months
[PATCH] stk: Display action information while sending USSD.
by Philippe Nunes
---
src/stk.c | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)
diff --git a/src/stk.c b/src/stk.c
index 38f2e18..18a8eaf 100644
--- a/src/stk.c
+++ b/src/stk.c
@@ -2026,11 +2026,6 @@ static gboolean handle_command_send_ussd(const struct stk_command *cmd,
cmd->send_ussd.ussd_string.len,
send_ussd_callback, stk);
- if (err >= 0) {
- stk->cancel_cmd = send_ussd_cancel;
-
- return FALSE;
- }
if (err == -ENOSYS) {
rsp->result.type = STK_RESULT_TYPE_NOT_CAPABLE;
@@ -2043,6 +2038,20 @@ static gboolean handle_command_send_ussd(const struct stk_command *cmd,
return TRUE;
}
+ if (err < 0) {
+ unsigned char no_cause_result[] = { 0x00 };
+
+ /*
+ * We most likely got an out of memory error, tell SIM
+ * to retry
+ */
+ ADD_ERROR_RESULT(rsp->result, STK_RESULT_TYPE_TERMINAL_BUSY,
+ no_cause_result);
+ return TRUE;
+ }
+
+ stk->cancel_cmd = send_ussd_cancel;
+
stk_alpha_id_set(stk, cmd->send_ussd.alpha_id,
&cmd->send_ussd.text_attr,
&cmd->send_ussd.icon_id);
--
1.7.9.5
7 years, 11 months
[PATCH] default.xml: accept SMS with SMSC num "123"
by Nicolas Bertrand
Reply to the SMS pdu with CMGS:0 when SMSC is set to "123".
This is used by Send SMS in Demo sim app
---
src/default.xml | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/default.xml b/src/default.xml
index 568259b..78fc9ae 100644
--- a/src/default.xml
+++ b/src/default.xml
@@ -2757,6 +2757,13 @@
<response>+CMGS: 0\n\nOK</response>
<switch name="default"/>
</chat>
+
+ <chat>
+ <!-- Accept messages with SMSC set to 123 (STK app) -->
+ <command>038121F3*</command>
+ <response>+CMGS: 0\n\nOK</response>
+ <switch name="default"/>
+ </chat>
</state>
<chat>
--
1.7.9.5
7 years, 11 months
