projects / project / uqmi.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
SEGFAULT on reading Unicode sms messages
[project/uqmi.git] / commands-wms.c
1 #include "qmi-message.h"
2
3 static void cmd_wms_list_messages_cb(struct qmi_dev *qmi, struct qmi_request *req, struct qmi_msg *msg)
4 {
5 struct qmi_wms_list_messages_response res;
6 void *c;
7 int i;
8
9 qmi_parse_wms_list_messages_response(msg, &res);
10 c = blobmsg_open_array(&status, NULL);
11 for (i = 0; i < res.data.message_list_n; i++)
12 blobmsg_add_u32(&status, NULL, res.data.message_list[i].memory_index);
13
14 blobmsg_close_array(&status, c);
15 }
16
17 static enum qmi_cmd_result
18 cmd_wms_list_messages_prepare(struct qmi_dev *qmi, struct qmi_request *req, struct qmi_msg *msg, char *arg)
19 {
20 static struct qmi_wms_list_messages_request mreq = {
21 QMI_INIT(storage_type, QMI_WMS_STORAGE_TYPE_UIM),
22 QMI_INIT(message_tag, QMI_WMS_MESSAGE_TAG_TYPE_MT_NOT_READ),
23 };
24
25 qmi_set_wms_list_messages_request(msg, &mreq);
26
27 return QMI_CMD_REQUEST;
28 }
29
30 static int
31 put_unicode_char(char *dest, uint16_t c)
32 {
33 if (c < 0x80) {
34 *dest = c;
35 return 1;
36 } else if (c < 0x800) {
37 *(dest++) = 0xc0 | ((c >> 6) & 0x1f);
38 *dest = 0x80 | (c & 0x3f);
39 return 2;
40 } else {
41 *(dest++) = 0xe0 | ((c >> 12) & 0xf);
42 *(dest++) = 0x80 | ((c >> 6) & 0x3f);
43 *dest = 0x80 | (c & 0x3f);
44 return 3;
45 }
46 }
47
48
49 static int
50 pdu_decode_7bit_char(char *dest, int len, unsigned char c, bool *escape)
51 {
52 uint16_t conv_0x20[] = {
53 0x0040, 0x00A3, 0x0024, 0x00A5, 0x00E8, 0x00E9, 0x00F9, 0x00EC,
54 0x00F2, 0x00E7, 0x000A, 0x00D8, 0x00F8, 0x000D, 0x00C5, 0x00E5,
55 0x0394, 0x005F, 0x03A6, 0x0393, 0x039B, 0x03A9, 0x03A0, 0x03A8,
56 0x03A3, 0x0398, 0x039E, 0x00A0, 0x00C6, 0x00E6, 0x00DF, 0x00C9,
57 };
58 uint16_t conv_0x5b[] = {
59 0x00C4, 0x00D6, 0x00D1, 0x00DC, 0x00A7, 0x00BF,
60 };
61 uint16_t conv_0x7b[] = {
62 0x00E4, 0x00F6, 0x00F1, 0x00FC, 0x00E0
63 };
64 int cur_len = 0;
65 uint16_t outc;
66
67 fprintf(stderr, " %02x", c);
68 dest += len;
69 if (*escape) {
70 switch(c) {
71 case 0x0A:
72 *dest = 0x0C;
73 return 1;
74 case 0x14:
75 *dest = 0x5E;
76 return 1;
77 case 0x28:
78 *dest = 0x7B;
79 return 1;
80 case 0x29:
81 *dest = 0x7D;
82 return 1;
83 case 0x2F:
84 *dest = 0x5C;
85 return 1;
86 case 0x3C:
87 *dest = 0x5B;
88 return 1;
89 case 0x3D:
90 *dest = 0x7E;
91 return 1;
92 case 0x3E:
93 *dest = 0x5D;
94 return 1;
95 case 0x40:
96 *dest = 0x7C;
97 return 1;
98 case 0x65:
99 outc = 0x20AC;
100 goto out;
101 case 0x1B:
102 goto normal;
103 default:
104 /* invalid */
105 *(dest++) = conv_0x20[0x1B];
106 cur_len++;
107 goto normal;
108 }
109 }
110
111 if (c == 0x1b) {
112 *escape = true;
113 return 0;
114 }
115
116 normal:
117 if (c < 0x20)
118 outc = conv_0x20[(int) c];
119 else if (c == 0x40)
120 outc = 0x00A1;
121 else if (c >= 0x5b && c <= 0x60)
122 outc = conv_0x5b[c - 0x5b];
123 else if (c >= 0x7b && c <= 0x7f)
124 outc = conv_0x7b[c - 0x7b];
125 else
126 outc = c;
127
128 out:
129 return cur_len + put_unicode_char(dest, outc);
130 }
131
132 static int
133 pdu_decode_7bit_str(char *dest, const unsigned char *data, int data_len, int bit_offset)
134 {
135 bool escape = false;
136 int len = 0;
137 int i;
138
139 fprintf(stderr, "Raw text:");
140 for (i = 0; i < data_len; i++) {
141 int pos = (i + bit_offset) % 7;
142
143 if (pos == 0) {
144 len += pdu_decode_7bit_char(dest, len, data[i] & 0x7f, &escape);
145 } else {
146 if (i)
147 len += pdu_decode_7bit_char(dest, len,
148 (data[i - 1] >> (7 + 1 - pos)) |
149 ((data[i] << pos) & 0x7f), &escape);
150
151 if (pos == 6)
152 len += pdu_decode_7bit_char(dest, len, (data[i] >> 1) & 0x7f,
153 &escape);
154 }
155 }
156 dest[len] = 0;
157 fprintf(stderr, "\n");
158 return len;
159 }
160
161 static void decode_udh(const unsigned char *data)
162 {
163 const unsigned char *end;
164 unsigned int type, len;
165
166 len = *(data++);
167 end = data + len;
168 while (data < end) {
169 const unsigned char *val;
170
171 type = data[0];
172 len = data[1];
173 val = &data[2];
174 data += 2 + len;
175 if (data > end)
176 break;
177
178 switch (type) {
179 case 0:
180 blobmsg_add_u32(&status, "concat_ref", (uint32_t) val[0]);
181 blobmsg_add_u32(&status, "concat_part", (uint32_t) val[2]);
182 blobmsg_add_u32(&status, "concat_parts", (uint32_t) val[1]);
183 break;
184 default:
185 break;
186 }
187 }
188 }
189
190 static void decode_7bit_field(char *name, const unsigned char *data, int data_len, bool udh)
191 {
192 const unsigned char *udh_start;
193 char *dest;
194 int pos_offset = 0;
195
196 if (udh) {
197 int len = data[0] + 1;
198
199 udh_start = data;
200 data += len;
201 data_len -= len;
202 pos_offset = len % 7;
203 }
204
205 dest = blobmsg_alloc_string_buffer(&status, name, 3 * (data_len * 8 / 7) + 2);
206 pdu_decode_7bit_str(dest, data, data_len, pos_offset);
207 blobmsg_add_string_buffer(&status);
208
209 if (udh)
210 decode_udh(udh_start);
211 }
212
213 static char *pdu_add_semioctet(char *str, char val)
214 {
215 *str = '0' + (val & 0xf);
216 if (*str <= '9')
217 str++;
218
219 *str = '0' + ((val >> 4) & 0xf);
220 if (*str <= '9')
221 str++;
222
223 return str;
224 }
225
226 static void
227 pdu_decode_address(char *str, unsigned char *data, int len)
228 {
229 unsigned char toa;
230
231 toa = *(data++);
232 switch (toa & 0x70) {
233 case 0x50:
234 pdu_decode_7bit_str(str, data, len, 0);
235 return;
236 case 0x10:
237 *(str++) = '+';
238 /* fall through */
239 default:
240 while (len--) {
241 str = pdu_add_semioctet(str, *data);
242 data++;
243 }
244 }
245
246 *str = 0;
247 }
248
249 static void wms_decode_address(char *name, unsigned char *data, int len)
250 {
251 char *str = blobmsg_alloc_string_buffer(&status, name, len * 2 + 2);
252 pdu_decode_address(str, data, len);
253 blobmsg_add_string_buffer(&status);
254 }
255
256 static void cmd_wms_get_message_cb(struct qmi_dev *qmi, struct qmi_request *req, struct qmi_msg *msg)
257 {
258 struct qmi_wms_raw_read_response res;
259 unsigned char *data, *end;
260 char *str;
261 int cur_len;
262 bool sent;
263 unsigned char first, dcs;
264 void *c;
265
266 qmi_parse_wms_raw_read_response(msg, &res);
267 c = blobmsg_open_table(&status, NULL);
268 data = (unsigned char *) res.data.raw_message_data.raw_data;
269 end = data + res.data.raw_message_data.raw_data_n;
270
271 cur_len = *(data++);
272 if (data + cur_len >= end)
273 goto error;
274
275 if (cur_len) {
276 wms_decode_address("smsc", data, cur_len - 1);
277 data += cur_len;
278 }
279
280 if (data + 3 >= end)
281 goto error;
282
283 first = *(data++);
284 sent = (first & 0x3) == 1;
285 if (sent)
286 data++;
287
288 cur_len = *(data++);
289 if (data + cur_len >= end)
290 goto error;
291
292 if (cur_len) {
293 cur_len = (cur_len + 1) / 2;
294 wms_decode_address(sent ? "receiver" : "sender", data, cur_len);
295 data += cur_len + 1;
296 }
297
298 if (data + 3 >= end)
299 goto error;
300
301 /* Protocol ID */
302 if (*(data++) != 0)
303 goto error;
304
305 /* Data Encoding */
306 dcs = *(data++);
307
308 /* only 7-bit encoding supported for now */
309 if (dcs & 0x0c)
310 goto error;
311
312 if (dcs & 0x10)
313 blobmsg_add_u32(&status, "class", (dcs & 3));
314
315 if (sent) {
316 /* Message validity */
317 data++;
318 } else {
319 if (data + 6 >= end)
320 goto error;
321
322 str = blobmsg_alloc_string_buffer(&status, "timestamp", 32);
323
324 /* year */
325 *(str++) = '2';
326 *(str++) = '0';
327 str = pdu_add_semioctet(str, data[0]);
328 /* month */
329 *(str++) = '-';
330 str = pdu_add_semioctet(str, data[1]);
331 /* day */
332 *(str++) = '-';
333 str = pdu_add_semioctet(str, data[2]);
334
335 /* hour */
336 *(str++) = ' ';
337 str = pdu_add_semioctet(str, data[3]);
338 /* minute */
339 *(str++) = ':';
340 str = pdu_add_semioctet(str, data[4]);
341 /* second */
342 *(str++) = ':';
343 str = pdu_add_semioctet(str, data[5]);
344 *str = 0;
345
346 blobmsg_add_string_buffer(&status);
347
348 data += 7;
349 }
350
351 cur_len = *(data++);
352 decode_7bit_field("text", data, end - data, !!(first & 0x40));
353 blobmsg_close_table(&status, c);
354
355 return;
356
357 error:
358 blobmsg_close_table(&status, c);
359 fprintf(stderr, "There was an error reading message.\n");
360 }
361
362 static enum qmi_cmd_result
363 cmd_wms_get_message_prepare(struct qmi_dev *qmi, struct qmi_request *req, struct qmi_msg *msg, char *arg)
364 {
365 static struct qmi_wms_raw_read_request mreq = {
366 QMI_INIT_SEQUENCE(message_memory_storage_id,
367 .storage_type = QMI_WMS_STORAGE_TYPE_UIM,
368 ),
369 QMI_INIT(message_mode, QMI_WMS_MESSAGE_MODE_GSM_WCDMA),
370 };
371 char *err;
372 int id;
373
374 id = strtoul(arg, &err, 10);
375 if (err && *err) {
376 uqmi_add_error("Invalid message ID");
377 return QMI_CMD_EXIT;
378 }
379
380 mreq.data.message_memory_storage_id.memory_index = id;
381 qmi_set_wms_raw_read_request(msg, &mreq);
382
383 return QMI_CMD_REQUEST;
384 }
385
386
387 static void cmd_wms_get_raw_message_cb(struct qmi_dev *qmi, struct qmi_request *req, struct qmi_msg *msg)
388 {
389 struct qmi_wms_raw_read_response res;
390 unsigned char *data;
391 char *str;
392 int i;
393
394 qmi_parse_wms_raw_read_response(msg, &res);
395 data = (unsigned char *) res.data.raw_message_data.raw_data;
396 str = blobmsg_alloc_string_buffer(&status, NULL, res.data.raw_message_data.raw_data_n * 3);
397 for (i = 0; i < res.data.raw_message_data.raw_data_n; i++) {
398 str += sprintf(str, &" %02x"[i ? 0 : 1], data[i]);
399 }
400 blobmsg_add_string_buffer(&status);
401 }
402
403 #define cmd_wms_get_raw_message_prepare cmd_wms_get_message_prepare
404
405
406 static struct {
407 const char *smsc;
408 const char *target;
409 bool flash;
410 } _send;
411
412
413 #define cmd_wms_send_message_smsc_cb no_cb
414 static enum qmi_cmd_result
415 cmd_wms_send_message_smsc_prepare(struct qmi_dev *qmi, struct qmi_request *req, struct qmi_msg *msg, char *arg)
416 {
417 _send.smsc = arg;
418 return QMI_CMD_DONE;
419 }
420
421 #define cmd_wms_send_message_target_cb no_cb
422 static enum qmi_cmd_result
423 cmd_wms_send_message_target_prepare(struct qmi_dev *qmi, struct qmi_request *req, struct qmi_msg *msg, char *arg)
424 {
425 _send.target = arg;
426 return QMI_CMD_DONE;
427 }
428
429 #define cmd_wms_send_message_flash_cb no_cb
430 static enum qmi_cmd_result
431 cmd_wms_send_message_flash_prepare(struct qmi_dev *qmi, struct qmi_request *req, struct qmi_msg *msg, char *arg)
432 {
433 _send.flash = true;
434 return QMI_CMD_DONE;
435 }
436
437 static int
438 pdu_encode_semioctet(unsigned char *dest, const char *str)
439 {
440 int len = 0;
441 bool lower = true;
442
443 while (*str) {
444 char digit = *str - '0';
445
446 if (lower)
447 dest[len] = 0xf0 | digit;
448 else
449 dest[len++] &= (digit << 4) | 0xf;
450
451 lower = !lower;
452 str++;
453 }
454
455 return len;
456 }
457
458 static int
459 pdu_encode_7bit_str(unsigned char *data, const char *str)
460 {
461 unsigned char c;
462 int len = 0;
463 int ofs = 0;
464
465 while(1) {
466 c = *(str++) & 0x7f;
467 if (!c)
468 break;
469
470 switch(ofs) {
471 case 0:
472 data[len] = c;
473 break;
474 default:
475 data[len++] |= c << (8 - ofs);
476 data[len] = c >> ofs;
477 break;
478 }
479
480 ofs = (ofs + 1) % 8;
481 }
482
483 return len + 1;
484 }
485
486 static int
487 pdu_encode_number(unsigned char *dest, const char *str, bool smsc)
488 {
489 unsigned char format;
490 bool ascii = false;
491 int len = 0;
492 int i;
493
494 dest[len++] = 0;
495 if (*str == '+') {
496 str++;
497 format = 0x91;
498 } else {
499 format = 0x81;
500 }
501
502 for (i = 0; str[i]; i++) {
503 if (str[i] >= '0' || str[i] <= '9')
504 continue;
505
506 ascii = true;
507 break;
508 }
509
510 if (ascii)
511 format |= 0x40;
512
513 dest[len++] = format;
514 if (!ascii)
515 len += pdu_encode_semioctet(&dest[len], str);
516 else
517 len += pdu_encode_7bit_str(&dest[len], str);
518
519 if (smsc)
520 dest[0] = len - 1;
521 else
522 dest[0] = strlen(str);
523
524 return len;
525 }
526
527 static int
528 pdu_encode_data(unsigned char *dest, const char *str)
529 {
530 int len = 0;
531
532 dest[len++] = 0;
533 len += pdu_encode_7bit_str(&dest[len], str);
534 dest[0] = len - 1;
535
536 return len;
537 }
538
539 #define cmd_wms_send_message_cb no_cb
540 static enum qmi_cmd_result
541 cmd_wms_send_message_prepare(struct qmi_dev *qmi, struct qmi_request *req, struct qmi_msg *msg, char *arg)
542 {
543 static unsigned char buf[512];
544 static struct qmi_wms_raw_send_request mreq = {
545 QMI_INIT_SEQUENCE(raw_message_data,
546 .format = QMI_WMS_MESSAGE_FORMAT_GSM_WCDMA_POINT_TO_POINT,
547 .raw_data = buf,
548 ),
549 };
550 unsigned char *cur = buf;
551 unsigned char first_octet = 0x11;
552 unsigned char protocol_id = 0x00;
553 unsigned char dcs = 0x00;
554
555 if (!_send.smsc || !*_send.smsc || !_send.target || !*_send.target) {
556 uqmi_add_error("Missing argument");
557 return QMI_CMD_EXIT;
558 }
559
560 if (strlen(_send.smsc) > 16 || strlen(_send.target) > 16 || strlen(arg) > 160) {
561 uqmi_add_error("Argument too long");
562 return QMI_CMD_EXIT;
563 }
564
565 if (_send.flash)
566 dcs |= 0x10;
567
568 cur += pdu_encode_number(cur, _send.smsc, true);
569 *(cur++) = first_octet;
570 *(cur++) = 0; /* reference */
571
572 cur += pdu_encode_number(cur, _send.target, false);
573 *(cur++) = protocol_id;
574 *(cur++) = dcs;
575
576 *(cur++) = 0xff; /* validity */
577 cur += pdu_encode_data(cur, arg);
578
579 mreq.data.raw_message_data.raw_data_n = cur - buf;
580 qmi_set_wms_raw_send_request(msg, &mreq);
581
582 return QMI_CMD_REQUEST;
583 }
Tiny QMI command line utility