1 // SPDX-License-Identifier: LGPL-2.1-or-later
4 * BlueZ - Bluetooth protocol stack for Linux
6 * Copyright (C) 2011-2014 Intel Corporation
7 * Copyright (C) 2002-2010 Marcel Holtmann <marcel@holtmann.org>
21 #include "lib/bluetooth.h"
24 #include "src/shared/util.h"
33 #define MAX_CONT_SIZE 17
39 uint8_t cont[MAX_CONT_SIZE];
42 static struct tid_data tid_list[MAX_TID];
44 static struct tid_data *get_tid(uint16_t tid, uint16_t channel)
48 for (i = 0; i < MAX_TID; i++) {
49 if (!tid_list[i].inuse) {
55 if (tid_list[i].tid == tid && tid_list[i].channel == channel)
62 tid_list[n].inuse = true;
63 tid_list[n].tid = tid;
64 tid_list[n].channel = channel;
69 static void clear_tid(struct tid_data *tid)
75 static void print_uint(uint8_t indent, const uint8_t *data, uint32_t size)
79 print_field("%*c0x%2.2x", indent, ' ', data[0]);
82 print_field("%*c0x%4.4x", indent, ' ', get_be16(data));
85 print_field("%*c0x%8.8x", indent, ' ', get_be32(data));
88 print_field("%*c0x%16.16" PRIx64, indent, ' ', get_be64(data));
91 packet_hexdump(data, size);
96 static void print_sint(uint8_t indent, const uint8_t *data, uint32_t size)
98 packet_hexdump(data, size);
101 static void print_uuid(uint8_t indent, const uint8_t *data, uint32_t size)
105 print_field("%*c%s (0x%4.4x)", indent, ' ',
106 bt_uuid16_to_str(get_be16(data)), get_be16(data));
109 print_field("%*c%s (0x%8.8x)", indent, ' ',
110 bt_uuid32_to_str(get_be32(data)), get_be32(data));
113 /* BASE_UUID = 00000000-0000-1000-8000-00805F9B34FB */
114 print_field("%*c%8.8x-%4.4x-%4.4x-%4.4x-%4.4x%8.4x",
116 get_be32(data), get_be16(data + 4),
117 get_be16(data + 6), get_be16(data + 8),
118 get_be16(data + 10), get_be32(data + 12));
119 if (get_be16(data + 4) == 0x0000 &&
120 get_be16(data + 6) == 0x1000 &&
121 get_be16(data + 8) == 0x8000 &&
122 get_be16(data + 10) == 0x0080 &&
123 get_be32(data + 12) == 0x5F9B34FB)
124 print_field("%*c%s", indent, ' ',
125 bt_uuid32_to_str(get_be32(data)));
128 packet_hexdump(data, size);
133 static void print_string(uint8_t indent, const uint8_t *data, uint32_t size)
135 char *str = alloca(size + 1);
138 strncpy(str, (const char *) data, size);
140 print_field("%*c%s [len %d]", indent, ' ', str, size);
143 static void print_boolean(uint8_t indent, const uint8_t *data, uint32_t size)
145 print_field("%*c%s", indent, ' ', data[0] ? "true" : "false");
148 #define SIZES(args...) ((uint8_t[]) { args, 0xff } )
155 void (*print) (uint8_t indent, const uint8_t *data, uint32_t size);
157 { 0, SIZES(0), false, "Nil" },
158 { 1, SIZES(0, 1, 2, 3, 4), false, "Unsigned Integer", print_uint },
159 { 2, SIZES(0, 1, 2, 3, 4), false, "Signed Integer", print_sint },
160 { 3, SIZES(1, 2, 4), false, "UUID", print_uuid },
161 { 4, SIZES(5, 6, 7), false, "String", print_string },
162 { 5, SIZES(0), false, "Boolean", print_boolean },
163 { 6, SIZES(5, 6, 7), true, "Sequence" },
164 { 7, SIZES(5, 6, 7), true, "Alternative" },
165 { 8, SIZES(5, 6, 7), false, "URL", print_string },
175 { 0, 0, 1, "1 byte" },
176 { 1, 0, 2, "2 bytes" },
177 { 2, 0, 4, "4 bytes" },
178 { 3, 0, 8, "8 bytes" },
179 { 4, 0, 16, "16 bytes" },
180 { 5, 8, 0, "8 bits" },
181 { 6, 16, 0, "16 bits" },
182 { 7, 32, 0, "32 bits" },
186 static bool valid_size(uint8_t size, uint8_t *sizes)
190 for (i = 0; sizes[i] != 0xff; i++) {
191 if (sizes[i] == size)
198 static uint8_t get_bits(const uint8_t *data, uint32_t size)
202 for (i = 0; size_table[i].str; i++) {
203 if (size_table[i].index == (data[0] & 0x07))
204 return size_table[i].bits;
210 static uint32_t get_size(const uint8_t *data, uint32_t size)
214 for (i = 0; size_table[i].str; i++) {
215 if (size_table[i].index == (data[0] & 0x07)) {
216 switch (size_table[i].bits) {
218 if ((data[0] & 0xf8) == 0)
221 return size_table[i].size;
225 return get_be16(data + 1);
227 return get_be32(data + 1);
237 static void decode_data_elements(uint32_t position, uint8_t indent,
238 const uint8_t *data, uint32_t size,
239 void (*print_func) (uint32_t, uint8_t, uint8_t,
240 const uint8_t *, uint32_t))
243 uint32_t datalen, elemlen, extrabits;
249 extrabits = get_bits(data, size);
251 if (size < 1 + (extrabits / 8)) {
252 print_text(COLOR_ERROR, "data element descriptor too short");
253 packet_hexdump(data, size);
257 datalen = get_size(data, size);
259 if (size < 1 + (extrabits / 8) + datalen) {
260 print_text(COLOR_ERROR, "data element size too short");
261 packet_hexdump(data, size);
265 elemlen = 1 + (extrabits / 8) + datalen;
267 for (i = 0; type_table[i].str; i++) {
268 uint8_t type = (data[0] & 0xf8) >> 3;
270 if (type_table[i].value != type)
274 print_func(position, indent, type,
275 data + 1 + (extrabits / 8), datalen);
279 print_field("%*c%s (%d) with %u byte%s [%u extra bits] len %u",
280 indent, ' ', type_table[i].str, type,
281 datalen, datalen == 1 ? "" : "s",
283 if (!valid_size(data[0] & 0x07, type_table[i].sizes)) {
284 print_text(COLOR_ERROR, "invalid data element size");
285 packet_hexdump(data + 1 + (extrabits / 8), datalen);
289 if (type_table[i].recurse)
290 decode_data_elements(0, indent + 2,
291 data + 1 + (extrabits / 8), datalen,
293 else if (type_table[i].print)
294 type_table[i].print(indent + 2,
295 data + 1 + (extrabits / 8), datalen);
302 decode_data_elements(position + 1, indent, data, size, print_func);
305 static uint32_t get_bytes(const uint8_t *data, uint32_t size)
307 switch (data[0] & 0x07) {
311 return 3 + get_be16(data + 1);
313 return 5 + get_be32(data + 1);
322 } attribute_table[] = {
323 { 0x0000, "Service Record Handle" },
324 { 0x0001, "Service Class ID List" },
325 { 0x0002, "Service Record State" },
326 { 0x0003, "Service ID" },
327 { 0x0004, "Protocol Descriptor List" },
328 { 0x0005, "Browse Group List" },
329 { 0x0006, "Language Base Attribute ID List" },
330 { 0x0007, "Service Info Time To Live" },
331 { 0x0008, "Service Availability" },
332 { 0x0009, "Bluetooth Profile Descriptor List" },
333 { 0x000a, "Documentation URL" },
334 { 0x000b, "Client Executable URL" },
335 { 0x000c, "Icon URL" },
336 { 0x000d, "Additional Protocol Descriptor List" },
340 static void print_attr(uint32_t position, uint8_t indent, uint8_t type,
341 const uint8_t *data, uint32_t size)
345 if ((position % 2) == 0) {
346 uint16_t id = get_be16(data);
347 const char *str = "Unknown";
349 for (i = 0; attribute_table[i].str; i++) {
350 if (attribute_table[i].id == id)
351 str = attribute_table[i].str;
354 print_field("%*cAttribute: %s (0x%4.4x) [len %d]",
355 indent, ' ', str, id, size);
359 for (i = 0; type_table[i].str; i++) {
360 if (type_table[i].value != type)
363 if (type_table[i].recurse)
364 decode_data_elements(0, indent + 2, data, size, NULL);
365 else if (type_table[i].print)
366 type_table[i].print(indent + 2, data, size);
371 static void print_attr_list(uint32_t position, uint8_t indent, uint8_t type,
372 const uint8_t *data, uint32_t size)
374 print_field("%*cAttribute list: [len %d] {position %d}",
375 indent, ' ', size, position);
377 decode_data_elements(0, indent + 2, data, size, print_attr);
380 static void print_attr_lists(uint32_t position, uint8_t indent, uint8_t type,
381 const uint8_t *data, uint32_t size)
383 decode_data_elements(0, indent, data, size, print_attr_list);
386 static void print_continuation(const uint8_t *data, uint16_t size)
388 if (data[0] != size - 1) {
389 print_text(COLOR_ERROR, "invalid continuation state");
390 packet_hexdump(data, size);
394 print_field("Continuation state: %d", data[0]);
395 packet_hexdump(data + 1, size - 1);
398 static void store_continuation(struct tid_data *tid,
399 const uint8_t *data, uint16_t size)
401 if (size > MAX_CONT_SIZE) {
402 print_text(COLOR_ERROR, "invalid continuation size");
405 memcpy(tid->cont, data, size);
406 print_continuation(data, size);
418 static struct cont_data cont_list[MAX_CONT];
420 static void handle_continuation(struct tid_data *tid, bool nested,
421 uint16_t bytes, const uint8_t *data, uint16_t size)
426 if (bytes + 1 > size) {
427 print_text(COLOR_ERROR, "missing continuation state");
431 if (tid->cont[0] == 0x00 && data[bytes] == 0x00) {
432 decode_data_elements(0, 2, data, bytes,
433 nested ? print_attr_lists : print_attr_list);
435 print_continuation(data + bytes, size - bytes);
439 for (i = 0; i < MAX_CONT; i++) {
440 if (cont_list[i].cont[0] == 0x00) {
446 if (cont_list[i].channel != tid->channel)
449 if (cont_list[i].cont[0] != tid->cont[0])
452 if (!memcmp(cont_list[i].cont + 1,
453 tid->cont + 1, tid->cont[0])) {
459 print_continuation(data + bytes, size - bytes);
464 newdata = realloc(cont_list[n].data, cont_list[n].size + bytes);
466 print_text(COLOR_ERROR, "failed buffer allocation");
467 free(cont_list[n].data);
468 cont_list[n].data = NULL;
469 cont_list[n].size = 0;
473 cont_list[n].channel = tid->channel;
474 cont_list[n].data = newdata;
477 memcpy(cont_list[n].data + cont_list[n].size, data, bytes);
478 cont_list[n].size += bytes;
481 if (data[bytes] == 0x00) {
482 print_field("Combined attribute bytes: %d", cont_list[n].size);
484 decode_data_elements(0, 2, cont_list[n].data, cont_list[n].size,
485 nested ? print_attr_lists : print_attr_list);
487 free(cont_list[n].data);
488 cont_list[n].data = NULL;
489 cont_list[n].size = 0;
490 #ifdef TIZEN_FEATURE_BLUEZ_MODIFY
491 cont_list[n].cont[0] = 0x00;
494 memcpy(cont_list[n].cont, data + bytes, data[bytes] + 1);
497 static uint16_t common_rsp(const struct l2cap_frame *frame,
498 struct tid_data *tid)
502 if (frame->size < 2) {
503 print_text(COLOR_ERROR, "invalid size");
504 packet_hexdump(frame->data, frame->size);
508 bytes = get_be16(frame->data);
509 print_field("Attribute bytes: %d", bytes);
511 if (bytes > frame->size - 2) {
512 print_text(COLOR_ERROR, "invalid attribute size");
513 packet_hexdump(frame->data + 2, frame->size - 2);
520 static const char *error_str(uint16_t code)
524 return "Invalid Version";
526 return "Invalid Record Handle";
528 return "Invalid Syntax";
530 return "Invalid PDU Size";
532 return "Invalid Continuation State";
538 static void error_rsp(const struct l2cap_frame *frame, struct tid_data *tid)
544 if (frame->size < 2) {
545 print_text(COLOR_ERROR, "invalid size");
546 packet_hexdump(frame->data, frame->size);
550 error = get_be16(frame->data);
552 print_field("Error code: %s (0x%4.4x)", error_str(error), error);
555 static void service_req(const struct l2cap_frame *frame, struct tid_data *tid)
557 uint32_t search_bytes;
559 search_bytes = get_bytes(frame->data, frame->size);
560 print_field("Search pattern: [len %d]", search_bytes);
562 if (search_bytes + 2 > frame->size) {
563 print_text(COLOR_ERROR, "invalid search list length");
564 packet_hexdump(frame->data, frame->size);
568 decode_data_elements(0, 2, frame->data, search_bytes, NULL);
570 print_field("Max record count: %d",
571 get_be16(frame->data + search_bytes));
573 print_continuation(frame->data + search_bytes + 2,
574 frame->size - search_bytes - 2);
577 static void service_rsp(const struct l2cap_frame *frame, struct tid_data *tid)
584 if (frame->size < 4) {
585 print_text(COLOR_ERROR, "invalid size");
586 packet_hexdump(frame->data, frame->size);
590 count = get_be16(frame->data + 2);
592 print_field("Total record count: %d", get_be16(frame->data));
593 print_field("Current record count: %d", count);
595 for (i = 0; i < count; i++)
596 print_field("Record handle: 0x%4.4x",
597 get_be32(frame->data + 4 + (i * 4)));
599 print_continuation(frame->data + 4 + (count * 4),
600 frame->size - 4 - (count * 4));
603 static void attr_req(const struct l2cap_frame *frame, struct tid_data *tid)
607 if (frame->size < 6) {
608 print_text(COLOR_ERROR, "invalid size");
609 packet_hexdump(frame->data, frame->size);
613 print_field("Record handle: 0x%4.4x", get_be32(frame->data));
614 print_field("Max attribute bytes: %d", get_be16(frame->data + 4));
616 attr_bytes = get_bytes(frame->data + 6, frame->size - 6);
617 print_field("Attribute list: [len %d]", attr_bytes);
619 if (attr_bytes + 6 > frame->size) {
620 print_text(COLOR_ERROR, "invalid attribute list length");
621 packet_hexdump(frame->data, frame->size);
625 decode_data_elements(0, 2, frame->data + 6, attr_bytes, NULL);
627 store_continuation(tid, frame->data + 6 + attr_bytes,
628 frame->size - 6 - attr_bytes);
631 static void attr_rsp(const struct l2cap_frame *frame, struct tid_data *tid)
635 bytes = common_rsp(frame, tid);
637 handle_continuation(tid, false, bytes,
638 frame->data + 2, frame->size - 2);
643 static void search_attr_req(const struct l2cap_frame *frame,
644 struct tid_data *tid)
646 uint32_t search_bytes, attr_bytes;
648 search_bytes = get_bytes(frame->data, frame->size);
649 print_field("Search pattern: [len %d]", search_bytes);
651 if (search_bytes + 2 > frame->size) {
652 print_text(COLOR_ERROR, "invalid search list length");
653 packet_hexdump(frame->data, frame->size);
657 decode_data_elements(0, 2, frame->data, search_bytes, NULL);
659 print_field("Max record count: %d",
660 get_be16(frame->data + search_bytes));
662 attr_bytes = get_bytes(frame->data + search_bytes + 2,
663 frame->size - search_bytes - 2);
664 print_field("Attribute list: [len %d]", attr_bytes);
666 decode_data_elements(0, 2, frame->data + search_bytes + 2,
669 store_continuation(tid, frame->data + search_bytes + 2 + attr_bytes,
670 frame->size - search_bytes - 2 - attr_bytes);
673 static void search_attr_rsp(const struct l2cap_frame *frame,
674 struct tid_data *tid)
678 bytes = common_rsp(frame, tid);
680 handle_continuation(tid, true, bytes, frame->data + 2, frame->size - 2);
688 void (*func) (const struct l2cap_frame *frame, struct tid_data *tid);
691 static const struct sdp_data sdp_table[] = {
692 { 0x01, "Error Response", error_rsp },
693 { 0x02, "Service Search Request", service_req },
694 { 0x03, "Service Search Response", service_rsp },
695 { 0x04, "Service Attribute Request", attr_req },
696 { 0x05, "Service Attribute Response", attr_rsp },
697 { 0x06, "Service Search Attribute Request", search_attr_req },
698 { 0x07, "Service Search Attribute Response", search_attr_rsp },
702 void sdp_packet(const struct l2cap_frame *frame)
706 struct l2cap_frame sdp_frame;
707 struct tid_data *tid_info;
708 const struct sdp_data *sdp_data = NULL;
709 const char *pdu_color, *pdu_str;
712 l2cap_frame_pull(&sdp_frame, frame, 0);
714 if (!l2cap_frame_get_u8(&sdp_frame, &pdu) ||
715 !l2cap_frame_get_be16(&sdp_frame, &tid) ||
716 !l2cap_frame_get_be16(&sdp_frame, &plen)) {
717 print_text(COLOR_ERROR, "frame too short");
718 packet_hexdump(frame->data, frame->size);
722 if (sdp_frame.size != plen) {
723 print_text(COLOR_ERROR, "invalid frame size");
724 packet_hexdump(sdp_frame.data, sdp_frame.size);
728 for (i = 0; sdp_table[i].str; i++) {
729 if (sdp_table[i].pdu == pdu) {
730 sdp_data = &sdp_table[i];
736 if (sdp_data->func) {
738 pdu_color = COLOR_MAGENTA;
740 pdu_color = COLOR_BLUE;
742 pdu_color = COLOR_WHITE_BG;
743 pdu_str = sdp_data->str;
745 pdu_color = COLOR_WHITE_BG;
749 print_indent(6, pdu_color, "SDP: ", pdu_str, COLOR_OFF,
750 " (0x%2.2x) tid %d len %d", pdu, tid, plen);
752 tid_info = get_tid(tid, frame->chan);
754 if (!sdp_data || !sdp_data->func || !tid_info) {
755 packet_hexdump(sdp_frame.data, sdp_frame.size);
759 sdp_data->func(&sdp_frame, tid_info);