diff options
| author | Michal Labedzki <michal.labedzki@tieto.com> | 2015-06-09 11:25:37 +0200 |
|---|---|---|
| committer | Michal Labedzki <michal.labedzki@tieto.com> | 2015-06-12 08:47:09 +0000 |
| commit | 9813013ac4cbfdabea56ea00c61a10c87d43d5e9 (patch) | |
| tree | 26b4e70c83ed2accd04eeaa69ef531d7d3243fc4 /extcap | |
| parent | 91ed2b0b6369ea62eaca825849c585e673e884a5 (diff) | |
androiddump: Fix Bluetooth External Parser
Be careful when use char buffer [aka signed char] with arithmetic and thinking
in unsigned logic. Also add missing rules for SCO.
Change-Id: I3fbb0407c74215719103e08344be8f673a7deedf
Reviewed-on: https://code.wireshark.org/review/8895
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Diffstat (limited to 'extcap')
| -rw-r--r-- | extcap/androiddump.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/extcap/androiddump.c b/extcap/androiddump.c index 3a766675d0..722ec77913 100644 --- a/extcap/androiddump.c +++ b/extcap/androiddump.c @@ -1366,7 +1366,7 @@ static int capture_android_bluetooth_external_parser(char *interface, uint64_t *timestamp; char *packet = buffer + BLUEDROID_TIMESTAMP_SIZE - sizeof(own_pcap_bluetooth_h4_header); /* skip timestamp (8 bytes) and reuse its space for header */ own_pcap_bluetooth_h4_header *h4_header; - char *payload = packet + sizeof(own_pcap_bluetooth_h4_header); + guint8 *payload = packet + sizeof(own_pcap_bluetooth_h4_header); const char *adb_transport = "0012""host:transport-any"; const char *adb_transport_serial_templace = "%04x""host:transport:%s"; const char *adb_tcp_bluedroid_external_parser_template = "%04x""tcp:%05u"; @@ -1519,6 +1519,9 @@ static int capture_android_bluetooth_external_parser(char *interface, (payload[BLUEDROID_H4_PACKET_TYPE] == BLUEDROID_H4_PACKET_TYPE_ACL && used_buffer_length >= BLUEDROID_TIMESTAMP_SIZE + BLUEDROID_H4_SIZE + 2 + 2 && BLUEDROID_TIMESTAMP_SIZE + BLUEDROID_H4_SIZE + 2 + payload[BLUEDROID_H4_SIZE + 2] + (payload[BLUEDROID_H4_SIZE + 2 + 1] << 8) + 2 <= used_buffer_length) || + (payload[BLUEDROID_H4_PACKET_TYPE] == BLUEDROID_H4_PACKET_TYPE_SCO && + used_buffer_length >= BLUEDROID_TIMESTAMP_SIZE + BLUEDROID_H4_SIZE + 2 + 1 && + BLUEDROID_TIMESTAMP_SIZE + BLUEDROID_H4_SIZE + 2 + payload[BLUEDROID_H4_SIZE + 2] + 1 <= used_buffer_length) || (payload[BLUEDROID_H4_PACKET_TYPE] == BLUEDROID_H4_PACKET_TYPE_HCI_EVT && used_buffer_length >= BLUEDROID_TIMESTAMP_SIZE + BLUEDROID_H4_SIZE + 1 + 1 && BLUEDROID_TIMESTAMP_SIZE + BLUEDROID_H4_SIZE + 1 + payload[BLUEDROID_H4_SIZE + 1] + 1 <= used_buffer_length)) { @@ -1564,6 +1567,14 @@ static int capture_android_bluetooth_external_parser(char *interface, return 1; } + if (verbose) { + static unsigned int id = 1; + printf("\t Packet %u: used_buffer_length=%"G_GSSIZE_FORMAT" length=%"G_GSSIZE_FORMAT" captured_length=%i type=0x%02x\n", id, used_buffer_length, length, captured_length, payload[BLUEDROID_H4_PACKET_TYPE]); + if (payload[BLUEDROID_H4_PACKET_TYPE] == BLUEDROID_H4_PACKET_TYPE_HCI_EVT) + printf("\t Packet: %02x %02x %02x\n", (unsigned int) payload[0], (unsigned int) payload[1], (unsigned int)payload[2]); + id +=1; + } + ts -= BLUEDROID_TIMESTAMP_BASE; extcap_dumper_dump(extcap_dumper, packet, |