osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

androiddump: Read btsnoop header separately from rest of data 

The code to read and skip btsnoop header was written in a way where
it reads up to PACKET_LENGTH bytes of data, skips the header, then
move rest of data back start of buffer. So far so good. The code
then resets number of bytes used in buffer making it skip rest of
all data read.

Many times this works fine but only by luck. When there's no data
transfers first recv call will always only return the header
(sender side writes header separately right after accept).

When data transfers are ongoing first recv call will return both
header and data. Then initial data is lost but more importantly
risk parsing data with invalid offset.

Fix by reading btsnoop header separately from rest of data.

Change-Id: Ie52c33f943d8b311e0cd5638ec1a7d4840e271b8
Reviewed-on: https://code.wireshark.org/review/26659
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
This commit is contained in:
Mikael Kanstrup 2018-03-27 08:38:16 +02:00 committed by Michal Labedzki
parent 850336443f
commit 2fb9c8244e
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
extcap/androiddump.c
View File

@ -125,6 +125,8 @@
#define ADB_HEX4_FORMAT "%04zx"
#define ADB_HEX4_LEN 4
#define BTSNOOP_HDR_LEN 16
enum exit_code {
EXIT_CODE_SUCCESS = 0,
EXIT_CODE_CANNOT_GET_INTERFACES_LIST = 1,
@ -1926,20 +1928,15 @@ static int capture_android_bluetooth_btsnoop_net(char *interface, char *fifo,
}
/* Read "btsnoop" header - 16 bytes */
while (used_buffer_length < 16) {
length = recv(sock, packet + used_buffer_length, (int)(PACKET_LENGTH - used_buffer_length), 0);
while (used_buffer_length < BTSNOOP_HDR_LEN) {
length = recv(sock, packet + used_buffer_length, (int)(BTSNOOP_HDR_LEN - used_buffer_length), 0);
if (length <= 0) {
g_warning("Broken socket connection.");
closesocket(sock);
return EXIT_CODE_GENERIC;
}
used_buffer_length += length;
}
if (used_buffer_length > 16)
memmove(packet, packet + 16, used_buffer_length - 16);
used_buffer_length = 0;
while (endless_loop) {