| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
| |
This allows us to skip needing to include the non-existent
build_string_from_mask() or get_string() counterparts in the
documentation index.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
This new service is added for the Google Chromebook usecase where the
device may be locked to a particular carrier. This CID is used to send
lock data to unlock the device as appropriate.
Co-author: Bestha, Lakshminarayana
|
|
|
|
| |
Fixes https://gitlab.freedesktop.org/mobile-broadband/libmbim/-/issues/40
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
The release buildtype will disable certain warnings that we do see in
debug builds. Ensure we have a test build with all features enabled in
debug mode.
We re-use the build we had with introspection enabled, as that is also
covered by the new test.
|
| |
|
| |
|
| |
|
|
|
|
| |
We were ignoring certain context types like tethering.
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 209c996a37c405d1f15aa1227ceca356ae47d15f.
No need for a new test, there is already an existing one doing the
same: test_ms_basic_connect_v3_connect_0_unnamed_tlvs_empty_access_string
|
| |
|
|
|
|
|
|
|
|
|
| |
Document Microsoft MBIM Extensions for 5G (rev 1.17) considers the possibility
of having wchar strings tlvs with datalength == 0 in the information buffer
(e.g. AccessString field in MBIM_CONNECT_INFO_EX3 data structure).
Modify mbim_tlv_string_get for dealing with these situations, returning an
empty string.
|
| |
|
|
|
|
|
|
|
|
|
| |
A compat method for mbim_sms_status_flag_get_string() is given.
The enum itself is considered API/ABI compatible because the numeric
values of the items didn't change.
Fixes https://gitlab.freedesktop.org/mobile-broadband/libmbim/-/issues/36
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
../src/libmbim-glib/mbim-tlv.c:261:13: warning: cast from
'guint8 *' (aka 'unsigned char *') to 'const gunichar2 *' (aka 'const
unsigned short *') increases required alignment from 1 to 2
[-Wcast-align]
utf16 = (const gunichar2 *) MBIM_TLV_FIELD_DATA (self);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
We cannot dereference an element in the array of 16bit elements safely
if the array was casted from an unaligned bytearray. We must duplicate
the array with proper alignment, and then we can dereference each
element one by one.
Fixes https://gitlab.freedesktop.org/mobile-broadband/libmbim/-/issues/35
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
../src/libmbim-glib/mbim-tlv.c:308:37: warning: cast from
'guint8 *' (aka 'unsigned char *') to 'const guint16 *' (aka 'const
unsigned short *') increases required alignment from 1 to 2
[-Wcast-align]
tmp = (guint16 *) g_memdup ((const guint16 *)MBIM_TLV_FIELD_DATA (self), size);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
g_memdup() wants a pointer, so there is no need for the explicit cast
to a different type.
Fixes https://gitlab.freedesktop.org/mobile-broadband/libmbim/-/issues/35
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
To avoid compiler warnings like:
[96/113] Compiling C object src/mbimcli/mbimcli.p/mbimcli-ms-basic-connect-extensions.c.o
../src/mbimcli/mbimcli-ms-basic-connect-extensions.c:133:11: warning: missing field 'short_name' initializer [-Wmissing-field-initializers]
{NULL }
^
1 warning generated.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
To debug modem side issues, modem logs are required
to be captured in debug mode. This intel specific
cid is used to configure the modem trace information
which will be used by tool to configure.
Co-author: Bestha, Lakshminarayana
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
when the device is first shipped or comes out of the factory,
it should be protected with a lock till the device reaches
the end user. This FCC lock feature will ensure the device
is secured till its unlocked.
Co-author: Bestha, Lakshminarayana
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For messages that may be composed of multiple fragments, the
_mbim_message_validate_type_header() method would validate wether the
fragment header can be read or not, because not all fragments contain
the additional type-specific header contents.
But once the message is complete with all fragments, the message
validation must also ensure that the type-specific header contets are
readable before attempting to read them, or we will end up with
invalid memory reads.
Detected via ASAN+Fuzzing:
==5169==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6030000bc9ac at pc 0x55a9fc0d536d bp 0x7ffc556bb7b0 sp 0x7ffc556bb7a8
READ of size 4 at 0x6030000bc9ac thread T0
#0 0x55a9fc0d536c in _mbim_message_validate_complete_fragment libmbim-9999-build/../libmbim-9999/src/libmbim-glib/mbim-message.c:239:28
#1 0x55a9fc0baf40 in _mbim_message_validate_fragment libmbim-9999-build/../libmbim-9999/src/libmbim-glib/mbim-message.c:279:12
#2 0x55a9fc0ba7a1 in mbim_message_validate libmbim-9999-build/../libmbim-9999/src/libmbim-glib/mbim-message.c:292:12
#3 0x55a9fc0b9af1 in LLVMFuzzerTestOneInput libmbim-9999-build/../libmbim-9999/src/libmbim-glib/test/test-message-fuzzer.c:25:5
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The task completion involves creating a duplicate of the MbimMessage,
so a duplicate of the contents of the internal `self->priv->response`
buffer.
This internal buffer may be cleared e.g. with a forced-close, which
users of the MbimDevice may decide to do upon a SIGNAL_ERROR, as the
mbim-proxy does.
So, avoid this race by making sure the task completion and the message
duplication happens before the SIGNAL_ERROR is emitted.
Thread 0(id: 3296) CRASHED [ SIGSEGV /0x00000000@0x0000000000000004 ]
0x00007ce3552f7c32 (libmbim-glib.so.4 - mbim-message.c: 1293) mbim_message_dup
0x00007ce3552fbfd9 (libmbim-glib.so.4 - mbim-device.c: 661) data_available
0x00007ce35525639a (libglib-2.0.so.0 - gmain.c: 3325) g_main_context_dispatch
0x00007ce3552566a7 (libglib-2.0.so.0 - gmain.c: 4119) g_main_context_iterate
0x00007ce355256923 (libglib-2.0.so.0 - gmain.c: 4317) g_main_loop_run
0x00005ae0f48a5524 (mbim-proxy - mbim-proxy.c: 267) main
0x00007ce35501ce04 (libc.so.6) __libc_start_main
0x00005ae0f48a52d9 (mbim-proxy) _start
0x00007ffcca5b6897
Fixes https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/422
|
| |
|
| |
|
| |
|
|
|
|
| |
Fixes https://gitlab.freedesktop.org/mobile-broadband/libmbim/-/issues/33
|