Hi All,
Comments Below:
> You're mixing up the SMSC response with the delivery report.
> When you send a message, you send a type 51 message. you will
> get a 50ACK back saying the SMSC has accepted the SMS.
Is this a typo on your part? According to the EMI spec 4.0 the response to
the submit short message operation 51 should contain an operation type of
51 not 50.
> This is NOT the delivery report. The SMSC response is acknowledging that
> the SMSC has accepted the message but it doesnt say that the message
> has been delivered to the handset.
I think there is a misunderstanding of terminology here. I use the term
submission notification to mean that the message was submitted to the SMSC
not
delivered to the handset.
The EMI2 driver does the following when a response to a submit operation is
received:
Some code removed for brevity
if (emimsg->ot == 51) {
if (PRIVDATA(conn)->slots[emimsg->trn].dlr) {
...
dlrmsg = dlr_find(octstr_get_cstr((conn->id ? conn->id :
privdata->name)),
octstr_get_cstr(ts), /* timestamp */
octstr_get_cstr(origmsg->sms.receiver), /*
destination */
(octstr_get_char(emimsg->fields[0], 0) ==
'A' ?
DLR_SMSC_SUCCESS : DLR_SMSC_FAIL));
octstr_destroy(ts);
if (dlrmsg != NULL) {
...
/*
* Recode the msg structure with the given msgdata.
* Note: the DLR URL is delivered in msg->sms.dlr_url
already.
*/
dlrmsg->sms.msgdata =
octstr_duplicate(emimsg->fields[E50_AMSG]);
octstr_hex_to_binary(dlrmsg->sms.msgdata);
dlrmsg->sms.sms_type = report;
This is the code for handling a response to a submit short message operation
and
checking if the user requested notification that the message was submitted
to
the SMSC.
So as per my original mail why does the driver try to reference the E50_AMSG
field from the
response of submitted message?
I have checked CVS and it appears our emi2 module is up to date. I can
understand the
driver doing this for a delivery report as the field exists in a delivery
report message
but not for an acknowledgement to a submitted message. Does your SMSC send
acknowledgements
that include the E50_AMSG field?
We have being testing with an EMI emulator that claims to implement the EMI
standard, version 4.
Look forward to hearing from you,
Warm Regards,
Michael.
ANAM Wireless Internet Solutions
http://www.anam.com mailto:[EMAIL PROTECTED]
+353 1 284 7555
Castle Yard, Saint Patrick's Road, Dalkey, County Dublin, Ireland
-----Original Message-----
From: Andreas Fink [mailto:[EMAIL PROTECTED]]
Sent: 03 February 2003 13:19
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: EMI Driver Bug
On Montag, Februar 3, 2003, at 01:23 Uhr, Michael Mulcahy wrote:
Hi All,
Summary:
The assigning of a nonexistent field in the EMI driver when creating a
submission
report results in an out of bounds read.
Scenario:
The EMI driver checks for a DLR when a response is received for a submitted
message.
If there is a DLR requested for that message then the driver does the
following:
/*
* Recode the msg structure with the given msgdata.
* Note: the DLR URL is delivered in msg->sms.dlr_url already.
*/
dlrmsg->sms.msgdata = octstr_duplicate(emimsg->fields[E50_AMSG]);
octstr_hex_to_binary(dlrmsg->sms.msgdata);
dlrmsg->sms.sms_type = report;
Why does the driver assign the value of the E50_AMSG field to the msgdata of
the
dlr message?
The AMSG field does contain the delivery report text of the SMSC.
This is a text of style "The message to 12345 with referenfce number 1847127
has been delivered on 12.1.2003 14:25"
This field is not available in the EMI response. The response EMI message
only has three fields so the above code accesses data beyond the array
bounds as
E50_AMSG has a value of 20.
You're mixing up the SMSC response with the delivery report.
When you send a message, you send a type 51 message. you will get a 50ACK
back saying the SMSC has accepted the SMS. This is NOT the delivery report.
The SMSC response is acknowledging that the SMSC has accepted the message
but it doesnt say that the message has been delivered to the handset. When
the message has been delivered to the handset, the SMSC generates an
incoming message of type "Delivery Report" which has all fields, much
similar to an incoming SMS.
Andreas Fink
Global Networks Switzerland AG
------------------------------------------------------------------
Tel: +41-61-6666333 Fax: +41-61-6666334 Mobile: +41-79-2457333
Global Networks, Inc. Clarastrasse 3, 4058 Basel, Switzerland
Web: http://www.global-networks.ch/ [EMAIL PROTECTED]
------------------------------------------------------------------
Member of the GSM Association
