diff options
| -rw-r--r-- | src/mm-sms-part-cdma.c | 37 | ||||
| -rw-r--r-- | src/tests/test-sms-part-cdma.c | 11 |
2 files changed, 33 insertions, 15 deletions
diff --git a/src/mm-sms-part-cdma.c b/src/mm-sms-part-cdma.c index d02e9dc5..3210d608 100644 --- a/src/mm-sms-part-cdma.c +++ b/src/mm-sms-part-cdma.c @@ -789,32 +789,39 @@ read_bearer_data_user_data (MMSmsPart *sms_part, } \ } while (0) -#define SUBPARAMETER_SIZE_CHECK(required_size) \ - if (subparameter->parameter_len < required_size) { \ - mm_obj_dbg (log_object, " cannot read user data, need at least %u bytes (got %u)", \ - required_size, \ - subparameter->parameter_len); \ - return; \ - } +#define SUBPARAMETER_SIZE_CHECK_BITS(required_bits) \ + do { \ + guint required_bytes; \ + \ + required_bytes = byte_offset + ((bit_offset + required_bits) / 8); \ + if ((bit_offset + required_bits) % 8) \ + required_bytes++; \ + if (subparameter->parameter_len < required_bytes) { \ + mm_obj_dbg (log_object, " cannot read user data, need at least %u bytes (got %u)", \ + required_bytes, \ + subparameter->parameter_len); \ + return; \ + } \ + } while (0) g_assert (subparameter->parameter_id == SUBPARAMETER_ID_USER_DATA); /* Message encoding */ - SUBPARAMETER_SIZE_CHECK (1); + SUBPARAMETER_SIZE_CHECK_BITS (5); message_encoding = read_bits (&subparameter->parameter_value[byte_offset], bit_offset, 5); OFFSETS_UPDATE (5); mm_obj_dbg (log_object, " message encoding: %s", encoding_to_string (message_encoding)); /* Message type, only if extended protocol message */ if (message_encoding == ENCODING_EXTENDED_PROTOCOL_MESSAGE) { - SUBPARAMETER_SIZE_CHECK (2); + SUBPARAMETER_SIZE_CHECK_BITS (8); message_type = read_bits (&subparameter->parameter_value[byte_offset], bit_offset, 8); OFFSETS_UPDATE (8); mm_obj_dbg (log_object, " message type: %u", message_type); } /* Number of fields */ - SUBPARAMETER_SIZE_CHECK (byte_offset + 1 + ((bit_offset + 8) / 8)); + SUBPARAMETER_SIZE_CHECK_BITS (8); num_fields = read_bits (&subparameter->parameter_value[byte_offset], bit_offset, 8); OFFSETS_UPDATE (8); mm_obj_dbg (log_object, " num fields: %u", num_fields); @@ -825,7 +832,7 @@ read_bearer_data_user_data (MMSmsPart *sms_part, GByteArray *data; guint i; - SUBPARAMETER_SIZE_CHECK (byte_offset + 1 + ((bit_offset + (num_fields * 8)) / 8)); + SUBPARAMETER_SIZE_CHECK_BITS (num_fields * 8); data = g_byte_array_sized_new (num_fields); g_byte_array_set_size (data, num_fields); @@ -875,7 +882,7 @@ read_bearer_data_user_data (MMSmsPart *sms_part, break; } - SUBPARAMETER_SIZE_CHECK (byte_offset + ((bit_offset + (num_fields * 7)) / 8)); + SUBPARAMETER_SIZE_CHECK_BITS (num_fields * 7); text = g_malloc (num_fields + 1); for (i = 0; i < num_fields; i++) { @@ -900,7 +907,7 @@ read_bearer_data_user_data (MMSmsPart *sms_part, break; } - SUBPARAMETER_SIZE_CHECK (byte_offset + 1 + ((bit_offset + (num_fields * 8)) / 8)); + SUBPARAMETER_SIZE_CHECK_BITS (num_fields * 8); latin = g_malloc (num_fields + 1); for (i = 0; i < num_fields; i++) { @@ -936,7 +943,7 @@ read_bearer_data_user_data (MMSmsPart *sms_part, /* 2 bytes per field! */ num_bytes = num_fields * 2; - SUBPARAMETER_SIZE_CHECK (byte_offset + 1 + ((bit_offset + (num_bytes * 8)) / 8)); + SUBPARAMETER_SIZE_CHECK_BITS (num_bytes * 8); utf16 = g_malloc (num_bytes); for (i = 0; i < num_bytes; i++) { @@ -961,7 +968,7 @@ read_bearer_data_user_data (MMSmsPart *sms_part, } #undef OFFSETS_UPDATE -#undef SUBPARAMETER_SIZE_CHECK +#undef SUBPARAMETER_SIZE_CHECK_BITS } static void diff --git a/src/tests/test-sms-part-cdma.c b/src/tests/test-sms-part-cdma.c index 61a12e71..26b4d008 100644 --- a/src/tests/test-sms-part-cdma.c +++ b/src/tests/test-sms-part-cdma.c @@ -402,6 +402,16 @@ test_empty_ascii_user_data (void) common_test_valid_part_from_pdu (pdu, sizeof (pdu)); } +static void +test_invalid_ascii_user_data (void) +{ + static const guint8 pdu[] = { + 0x0, 0x8, 0x4, 0x1, 0x2, 0x10, 0xe }; + + /* valid but don't care about exact details */ + common_test_valid_part_from_pdu (pdu, sizeof (pdu)); +} + /********************* PDU CREATOR TESTS *********************/ static void @@ -609,6 +619,7 @@ int main (int argc, char **argv) g_test_add_func ("/MM/SMS/CDMA/PDU-Parser/unicode-encoding", test_unicode_encoding); g_test_add_func ("/MM/SMS/CDMA/PDU-Parser/empty-unicode-user-data", test_empty_unicode_user_data); g_test_add_func ("/MM/SMS/CDMA/PDU-Parser/empty-ascii-user-data", test_empty_ascii_user_data); + g_test_add_func ("/MM/SMS/CDMA/PDU-Parser/invalid-ascii-user-data", test_invalid_ascii_user_data); g_test_add_func ("/MM/SMS/CDMA/PDU-Creator/ascii-encoding", test_create_pdu_text_ascii_encoding); g_test_add_func ("/MM/SMS/CDMA/PDU-Creator/latin-encoding", test_create_pdu_text_latin_encoding); |