Hello,
We found some problems in smltk DevInf decoding for some Nokia
phones[1], here are the two patches:
commit 1077b831ecf4dcc7e780bc4d4ec0f7b4326ceb94
Author: Chen Congwu <congwu.c...@intel.com>
Date: Wed Mar 24 12:00:42 2010 +0800
smltk+DevInf decoding: avoid a possible infinite loop
For DevInf 1.1 parsing, DevInf decoding will cause an infinite loop
if there is an empty <PropName> tag (found from Nokia N900,
Nokia 7210c):
eg:
<CTCap>
<CTType>text/plain</CTType>
<PropName/>
</CTCap>
buildDevInfProperty will return OK without further processing if
encountering an empty tag (in this case <PropName>) and the caller
buildDevInfCtCap will re-evaluate the tag without advancing the
parser, the re-evaluation can only end if current tag is an end tag
or an unknown tag, otherwize it will call buildDevInfProperty with
exactly the same environment again.
diff --git a/src/syncml_tk/src/sml/xlt/all/xltdevinf.c
b/src/syncml_tk/src/sml/xlt/all/xltdevinf.c
index 28b2aea..5ad9e4c 100755
--- a/src/syncml_tk/src/sml/xlt/all/xltdevinf.c
+++ b/src/syncml_tk/src/sml/xlt/all/xltdevinf.c
@@ -651,7 +651,9 @@ static Ret_t buildDevInfProperty(XltDecoderPtr_t pDecoder,
VoidPtr_t *ppElem, in
XltDecScannerPtr_t pScanner = pDecoder->scanner;
Ret_t rc;
- if (IS_EMPTY(pScanner->curtok)) {
+ /* Do not return immediately for <1.2 style, the outer loop ends only
meeting an end tag
+ * which will lead to an infinite loop*/
+ if (datastoreLocal && IS_EMPTY(pScanner->curtok)) {
return SML_ERR_OK;
}
@@ -825,6 +827,7 @@ Ret_t buildDevInfCtcap(XltDecoderPtr_t pDecoder, VoidPtr_t
*ppElem, Boolean_t da
rc = buildDevInfProperty(pDecoder,
(VoidPtr_t)&pCtcap->data->prop,datastoreLocal);
if (rc==SML_ERR_OK)
continue; // re-evaluate current tag (tag that caused
buildDevInfProperty() to end, either unknown or closing </CTCap>
+ // this means do not return SML_ERR_OK unless this
is an unknow tag or closing </CTCcap>, otherwise it will tri
}
break;
commit 277d35dc82f814e86da26020a17eeea65f7d9634
Author: Chen Congwu <congwu.c...@intel.com>
Date: Wed Mar 24 09:58:25 2010 +0800
smltk: DevInf decoding
Some Nokia phones (N900) sent a nor-wellformed DevInf:
The DevInf version was declared as 1.2, while <CTCAP> was not
inside <Datastore>(which is the DevInf 1.1 behaviour). In addition,
the content inside <CTCAP> was in DevInf 1.2 format.
The original approach detects whether this is a DevInf 1.2 or 1.1
by testing whether <CTCAP> was inside <datastore>, thus will think
this is a DevInf 1.1 when decoding the <CTCAP> which fails.
The patch worked around this, when decoding <CTCAP> (precisely the
<Property> or <PropName> inside <CTCAP>), use 1.2 style if we are
decoding <Property> and 1.1 stype when decoding <PropName>
diff --git a/src/syncml_tk/src/sml/xlt/all/xltdevinf.c
b/src/syncml_tk/src/sml/xlt/all/xltdevinf.c
index b589209..28b2aea 100755
--- a/src/syncml_tk/src/sml/xlt/all/xltdevinf.c
+++ b/src/syncml_tk/src/sml/xlt/all/xltdevinf.c
@@ -812,7 +812,10 @@ Ret_t buildDevInfCtcap(XltDecoderPtr_t pDecoder, VoidPtr_t
*ppElem, Boolean_t da
break;
case TN_DEVINF_PROPERTY:
// DS 1.2 case: only </Property> ends the property building
process, next token must be read first
- rc = buildDevInfProperty(pDecoder,
(VoidPtr_t)&pCtcap->data->prop,datastoreLocal);
+ // If there is a Property tag, let's take it as DS 1.2 Property
Decoding even if the CTCAP is globally
+ // This is found from some Nokia phones (eg. N900, which will send
a DevInf v1.2 but the CTCAP
+ // was not inside the datastore as DevInf v1.1)
+ rc = buildDevInfProperty(pDecoder,
(VoidPtr_t)&pCtcap->data->prop,TRUE);
break;
case TN_DEVINF_PROPNAME:
// <DS 1.2 case: current token TN_DEVINF_PROPNAME is processed by
builder, next occurence of TN_DEVINF_PROPNAME ends property
[1] http://bugzilla.moblin.org/show_bug.cgi?id=10324
--
Regards,
Chen Congwu
Moblin China Development
_______________________________________________
os-libsynthesis mailing list
os-libsynthesis@synthesis.ch
http://lists.synthesis.ch/mailman/listinfo/os-libsynthesis
