Skip to content

crash handling SMS PDU with invalid timestamp

This is probably more a request for what is the best way to proceed than an actual bug.

I noticed a crash while parsing SMS PDU

ModemManager[173489]: <debug> [1649255216.131676] [modem0] correctly parsed PDU (39)
ModemManager[173489]: <debug> [1649255216.131735] [modem0/sms-list] SMS part at 'sm/39' is from a singlepart SMS
ModemManager[173489]: <debug> [1649255216.132158] [modem0] parsing PDU (40)...
ModemManager[173489]: <debug> [1649255216.133822] [modem0]   SMSC address parsed: '+393492000200'
ModemManager[173489]: <debug> [1649255216.133901] [modem0]   deliver type PDU detected
ModemManager[173489]: <debug> [1649255216.133951] [modem0]   number parsed: +
zsh: segmentation fault  sudo ModemManager --debug

the crash occurs in a call to g_date_time_format_iso8601 (called by date_time_format_iso8601) because dt is null.

The PDU causing the problem is: 0791934329002000000011000C9193934291549300

which I obtained by printing the variable hexpdu from mm_sms_part_3gpp_new_from_pdu.

Using another service to decode it, it results that the timestamp is 39/39/2019 24:19:45, and in fact g_date_time_new called in mm-common-helpers.c:mm_new_iso8601_time does not accept month > 12 and day > 31, so it returns the NULL datetime.

Adding a g_assert(month <= 12) in sms_decode_timestamp confirms the idea:

ModemManager[169949]: <debug> [1649254990.996457] [modem0] correctly parsed PDU (39)
ModemManager[169949]: <debug> [1649254990.996515] [modem0/sms-list] SMS part at 'sm/39' is from a singlepart SMS
ModemManager[169949]: <debug> [1649254990.996855] [modem0] PDU: 0791934329002000000011000C9193934291549300
ModemManager[169949]: <debug> [1649254990.996955] [modem0] parsing PDU (40)...
ModemManager[169949]: <debug> [1649254990.997028] [modem0]   SMSC address parsed: '+393492000200'
ModemManager[169949]: <debug> [1649254990.997093] [modem0]   deliver type PDU detected
ModemManager[169949]: <debug> [1649254990.997128] [modem0]   number parsed: +
**
ERROR:../src/mm-sms-part-3gpp.c:181:sms_decode_timestamp: assertion failed: (month <= 12)
Bail out! ERROR:../src/mm-sms-part-3gpp.c:181:sms_decode_timestamp: assertion failed: (month <= 12)
zsh: IOT instruction  sudo ModemManager --debug
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information