Harald Welte | 9510992 | 2020-12-04 13:55:38 +0100 | [diff] [blame] | 1 | /* (C) 2008-2020 by Harald Welte <laforge@gnumonks.org> |
Harald Welte | e08da97 | 2017-11-13 01:00:26 +0900 | [diff] [blame] | 2 | * (C) 2016-2017 by sysmocom - s.f.m.c. GmbH |
Harald Welte | 468b643 | 2014-09-11 13:05:51 +0800 | [diff] [blame] | 3 | * |
| 4 | * All Rights Reserved |
| 5 | * |
Harald Welte | e08da97 | 2017-11-13 01:00:26 +0900 | [diff] [blame] | 6 | * SPDX-License-Identifier: GPL-2.0+ |
| 7 | * |
Harald Welte | 468b643 | 2014-09-11 13:05:51 +0800 | [diff] [blame] | 8 | * This program is free software; you can redistribute it and/or modify |
| 9 | * it under the terms of the GNU General Public License as published by |
| 10 | * the Free Software Foundation; either version 2 of the License, or |
| 11 | * (at your option) any later version. |
| 12 | * |
| 13 | * This program is distributed in the hope that it will be useful, |
| 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 16 | * GNU General Public License for more details. |
| 17 | * |
| 18 | * You should have received a copy of the GNU General Public License |
| 19 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 20 | * |
| 21 | */ |
| 22 | |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 23 | #include <stdio.h> |
| 24 | #include <stdint.h> |
Max | dbd3a92 | 2017-01-02 14:10:30 +0100 | [diff] [blame] | 25 | #include <errno.h> |
Pablo Neira Ayuso | 8341934 | 2011-03-22 16:36:13 +0100 | [diff] [blame] | 26 | #include <osmocom/core/utils.h> |
Harald Welte | 9510992 | 2020-12-04 13:55:38 +0100 | [diff] [blame] | 27 | #include <osmocom/core/logging.h> |
Pablo Neira Ayuso | 8341934 | 2011-03-22 16:36:13 +0100 | [diff] [blame] | 28 | #include <osmocom/gsm/tlv.h> |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 29 | |
Harald Welte | 57c7d37 | 2011-08-17 17:50:55 +0200 | [diff] [blame] | 30 | /*! \addtogroup tlv |
| 31 | * @{ |
Neels Hofmeyr | 87e4550 | 2017-06-20 00:17:59 +0200 | [diff] [blame] | 32 | * Osmocom TLV Parser |
Harald Welte | 96e2a00 | 2017-06-12 21:44:18 +0200 | [diff] [blame] | 33 | * |
| 34 | * The Osmocom TLV parser is intended to operate as a low-level C |
| 35 | * implementation without dynamic memory allocations. Basically, it |
| 36 | * iterates over the IE (Information Elements) of the message and fills |
| 37 | * an array of pointers, indexed by the IEI (IE Identifier). The |
| 38 | * parser output is thus an array of pointers to the start of the |
| 39 | * respective IE inside the message. |
| 40 | * |
| 41 | * The TLV parser is configured by a TLV parser definition, which |
| 42 | * determines which if the IEIs for a given protocol are of which |
| 43 | * particular type. Types are e.g. TV (Tag + single byte value), Tag + |
| 44 | * fixed-length value, TLV with 8bit length, TLV with 16bit length, TLV |
| 45 | * with variable-length length field, etc. |
Neels Hofmeyr | 17518fe | 2017-06-20 04:35:06 +0200 | [diff] [blame] | 46 | * |
| 47 | * \file tlv_parser.c */ |
Harald Welte | 57c7d37 | 2011-08-17 17:50:55 +0200 | [diff] [blame] | 48 | |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 49 | struct tlv_definition tvlv_att_def; |
Harald Welte | 2fe6847 | 2012-07-14 01:50:33 +0200 | [diff] [blame] | 50 | struct tlv_definition vtvlv_gan_att_def; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 51 | |
Stefan Sperling | c9bebbd | 2018-03-16 15:59:01 +0100 | [diff] [blame] | 52 | /*! Dump parsed TLV structure to stdout */ |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 53 | int tlv_dump(struct tlv_parsed *dec) |
| 54 | { |
| 55 | int i; |
| 56 | |
| 57 | for (i = 0; i <= 0xff; i++) { |
| 58 | if (!dec->lv[i].val) |
| 59 | continue; |
| 60 | printf("T=%02x L=%d\n", i, dec->lv[i].len); |
| 61 | } |
| 62 | return 0; |
| 63 | } |
| 64 | |
Neels Hofmeyr | 87e4550 | 2017-06-20 00:17:59 +0200 | [diff] [blame] | 65 | /*! Copy \ref tlv_parsed using given talloc context |
Max | dbd3a92 | 2017-01-02 14:10:30 +0100 | [diff] [blame] | 66 | * \param[in] tp_orig Parsed TLV structure |
| 67 | * \param[in] ctx Talloc context for allocations |
| 68 | * \returns NULL on errors, \ref tlv_parsed pointer otherwise |
| 69 | */ |
| 70 | struct tlv_parsed *osmo_tlvp_copy(const struct tlv_parsed *tp_orig, void *ctx) |
| 71 | { |
| 72 | struct tlv_parsed *tp_out; |
| 73 | size_t i, len; |
| 74 | |
| 75 | tp_out = talloc_zero(ctx, struct tlv_parsed); |
| 76 | if (!tp_out) |
| 77 | return NULL; |
| 78 | |
| 79 | /* if the original is NULL, return empty tlvp */ |
| 80 | if (!tp_orig) |
| 81 | return tp_out; |
| 82 | |
| 83 | for (i = 0; i < ARRAY_SIZE(tp_orig->lv); i++) { |
| 84 | len = tp_orig->lv[i].len; |
| 85 | tp_out->lv[i].len = len; |
| 86 | if (len && tp_out->lv[i].val) { |
| 87 | tp_out->lv[i].val = talloc_zero_size(tp_out, len); |
| 88 | if (!tp_out->lv[i].val) { |
| 89 | talloc_free(tp_out); |
| 90 | return NULL; |
| 91 | } |
| 92 | memcpy((uint8_t *)tp_out->lv[i].val, tp_orig->lv[i].val, |
| 93 | len); |
| 94 | } |
| 95 | } |
| 96 | |
| 97 | return tp_out; |
| 98 | } |
| 99 | |
Neels Hofmeyr | 87e4550 | 2017-06-20 00:17:59 +0200 | [diff] [blame] | 100 | /*! Merge all \ref tlv_parsed attributes of 'src' into 'dst' |
Max | dbd3a92 | 2017-01-02 14:10:30 +0100 | [diff] [blame] | 101 | * \param[in] dst Parsed TLV structure to merge into |
| 102 | * \param[in] src Parsed TLV structure to merge from |
| 103 | * \returns 0 on success, negative on error |
| 104 | */ |
| 105 | int osmo_tlvp_merge(struct tlv_parsed *dst, const struct tlv_parsed *src) |
| 106 | { |
| 107 | size_t i, len; |
| 108 | for (i = 0; i < ARRAY_SIZE(dst->lv); i++) { |
| 109 | len = src->lv[i].len; |
| 110 | if (len == 0 || src->lv[i].val == NULL) |
| 111 | continue; |
| 112 | if (dst->lv[i].val) { |
| 113 | talloc_free((uint8_t *) dst->lv[i].val); |
| 114 | dst->lv[i].len = 0; |
| 115 | } |
| 116 | dst->lv[i].val = talloc_zero_size(dst, len); |
| 117 | if (!dst->lv[i].val) |
| 118 | return -ENOMEM; |
| 119 | memcpy((uint8_t *) dst->lv[i].val, src->lv[i].val, len); |
| 120 | } |
| 121 | return 0; |
| 122 | } |
| 123 | |
Harald Welte | 8006f53 | 2019-02-13 22:23:13 +0100 | [diff] [blame] | 124 | |
| 125 | /*! Encode a single TLV into given message buffer |
| 126 | * \param[inout] msg Caller-allocated message buffer with sufficient tailroom |
| 127 | * \param[in] type TLV type/format to use during encode |
| 128 | * \param[in] tag Tag of TLV to be encoded |
Vadim Yanitskiy | 64277a0 | 2023-02-28 03:30:27 +0700 | [diff] [blame] | 129 | * \param[in] len Length of TLV to be encoded |
Harald Welte | 8006f53 | 2019-02-13 22:23:13 +0100 | [diff] [blame] | 130 | * \param[in] val Value part of TLV to be encoded |
| 131 | * \returns 0 on success; negative in case of error */ |
| 132 | int tlv_encode_one(struct msgb *msg, enum tlv_type type, uint8_t tag, |
| 133 | unsigned int len, const uint8_t *val) |
| 134 | { |
| 135 | switch (type) { |
| 136 | case TLV_TYPE_NONE: |
| 137 | break; |
| 138 | case TLV_TYPE_FIXED: |
| 139 | msgb_tv_fixed_put(msg, tag, len, val); |
| 140 | break; |
| 141 | case TLV_TYPE_T: |
| 142 | msgb_v_put(msg, tag); |
| 143 | break; |
| 144 | case TLV_TYPE_TV: |
| 145 | msgb_tv_put(msg, tag, val[0]); |
| 146 | break; |
| 147 | case TLV_TYPE_TLV: |
| 148 | msgb_tlv_put(msg, tag, len, val); |
| 149 | break; |
| 150 | case TLV_TYPE_TL16V: |
| 151 | msgb_tl16v_put(msg, tag, len, val); |
| 152 | break; |
| 153 | case TLV_TYPE_TvLV: |
| 154 | msgb_tvlv_put(msg, tag, len, val); |
| 155 | break; |
| 156 | case TLV_TYPE_SINGLE_TV: |
| 157 | msgb_v_put(msg, (tag << 4) | (val[0] & 0xf)); |
| 158 | break; |
| 159 | case TLV_TYPE_vTvLV_GAN: |
| 160 | msgb_vtvlv_gan_put(msg, tag, len, val); |
| 161 | break; |
| 162 | default: |
| 163 | return -EINVAL; |
| 164 | } |
| 165 | return 0; |
| 166 | } |
| 167 | |
| 168 | /*! Encode a set of decoded TLVs according to a given definition into a message buffer |
| 169 | * \param[inout] msg Caller-allocated message buffer with sufficient tailroom |
| 170 | * \param[in] def structure defining the valid TLV tags / configurations |
| 171 | * \param[in] tp decoded values to be encoded |
| 172 | * \returns number of bytes consumed in msg; negative in case of error */ |
| 173 | int tlv_encode(struct msgb *msg, const struct tlv_definition *def, const struct tlv_parsed *tp) |
| 174 | { |
| 175 | unsigned int tailroom_before = msgb_tailroom(msg); |
| 176 | unsigned int i; |
| 177 | int rc; |
| 178 | |
| 179 | for (i = 0; i < ARRAY_SIZE(tp->lv); i++) { |
| 180 | /* skip entries in the array that aren't used/filled */ |
| 181 | if (!TLVP_PRESENT(tp, i)) |
| 182 | continue; |
| 183 | |
| 184 | rc = tlv_encode_one(msg, def->def[i].type, i, TLVP_LEN(tp, i), TLVP_VAL(tp, i)); |
| 185 | if (rc < 0) |
| 186 | return rc; |
| 187 | } |
| 188 | |
| 189 | return tailroom_before - msgb_tailroom(msg); |
| 190 | } |
| 191 | |
| 192 | /*! Encode a set of decoded TLVs according to a given definition and IE order into a message buffer |
| 193 | * \param[inout] msg Caller-allocated message buffer with sufficient tailroom |
| 194 | * \param[in] def structure defining the valid TLV tags / configurations |
| 195 | * \param[in] tp decoded values to be encoded |
| 196 | * \param[in] tag_order array of tags determining the IE encoding order |
| 197 | * \param[in] tag_order_len length of tag_order |
| 198 | * \returns number of bytes consumed in msg; negative in case of error */ |
| 199 | int tlv_encode_ordered(struct msgb *msg, const struct tlv_definition *def, const struct tlv_parsed *tp, |
| 200 | const uint8_t *tag_order, unsigned int tag_order_len) |
| 201 | { |
| 202 | |
| 203 | unsigned int tailroom_before = msgb_tailroom(msg); |
| 204 | unsigned int i; |
| 205 | int rc; |
| 206 | |
| 207 | for (i = 0; i < tag_order_len; i++) { |
| 208 | uint8_t tag = tag_order[i]; |
| 209 | |
| 210 | /* skip entries in the array that aren't used/filled */ |
| 211 | if (!TLVP_PRESENT(tp, tag)) |
| 212 | continue; |
| 213 | |
| 214 | rc = tlv_encode_one(msg, def->def[tag].type, tag, TLVP_LEN(tp, tag), TLVP_VAL(tp, tag)); |
| 215 | if (rc < 0) |
| 216 | return rc; |
| 217 | } |
| 218 | return tailroom_before - msgb_tailroom(msg); |
| 219 | } |
| 220 | |
Neels Hofmeyr | 87e4550 | 2017-06-20 00:17:59 +0200 | [diff] [blame] | 221 | /*! Parse a single TLV encoded IE |
Harald Welte | 57c7d37 | 2011-08-17 17:50:55 +0200 | [diff] [blame] | 222 | * \param[out] o_tag the tag of the IE that was found |
| 223 | * \param[out] o_len length of the IE that was found |
| 224 | * \param[out] o_val pointer to the data of the IE that was found |
| 225 | * \param[in] def structure defining the valid TLV tags / configurations |
| 226 | * \param[in] buf the input data buffer to be parsed |
| 227 | * \param[in] buf_len length of the input data buffer |
Stefan Sperling | 1e50e2a | 2018-01-08 19:20:02 +0100 | [diff] [blame] | 228 | * \returns number of bytes consumed by the TLV entry / IE parsed; negative in case of error |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 229 | */ |
| 230 | int tlv_parse_one(uint8_t *o_tag, uint16_t *o_len, const uint8_t **o_val, |
| 231 | const struct tlv_definition *def, |
| 232 | const uint8_t *buf, int buf_len) |
| 233 | { |
| 234 | uint8_t tag; |
Harald Welte | efdd641 | 2021-01-12 18:07:18 +0100 | [diff] [blame] | 235 | int len; /* number of bytes consumed by TLV entry */ |
| 236 | |
| 237 | if (buf_len < 1) |
| 238 | return OSMO_TLVP_ERR_OFS_BEYOND_BUFFER; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 239 | |
| 240 | tag = *buf; |
| 241 | *o_tag = tag; |
| 242 | |
Andreas Eversberg | cd2a74b | 2010-07-12 08:55:14 +0200 | [diff] [blame] | 243 | /* single octet TV IE */ |
| 244 | if (def->def[tag & 0xf0].type == TLV_TYPE_SINGLE_TV) { |
| 245 | *o_tag = tag & 0xf0; |
| 246 | *o_val = buf; |
| 247 | *o_len = 1; |
| 248 | return 1; |
| 249 | } |
| 250 | |
Neels Hofmeyr | 667e83d | 2015-11-02 20:18:11 +0100 | [diff] [blame] | 251 | /* FIXME: use tables for known IEI */ |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 252 | switch (def->def[tag].type) { |
| 253 | case TLV_TYPE_T: |
| 254 | /* GSM TS 04.07 11.2.4: Type 1 TV or Type 2 T */ |
| 255 | *o_val = buf; |
| 256 | *o_len = 0; |
| 257 | len = 1; |
| 258 | break; |
| 259 | case TLV_TYPE_TV: |
| 260 | *o_val = buf+1; |
| 261 | *o_len = 1; |
| 262 | len = 2; |
| 263 | break; |
| 264 | case TLV_TYPE_FIXED: |
| 265 | *o_val = buf+1; |
| 266 | *o_len = def->def[tag].fixed_len; |
| 267 | len = def->def[tag].fixed_len + 1; |
| 268 | break; |
| 269 | case TLV_TYPE_TLV: |
Harald Welte | 2fe6847 | 2012-07-14 01:50:33 +0200 | [diff] [blame] | 270 | tlv: /* GSM TS 04.07 11.2.4: Type 4 TLV */ |
Harald Welte | efdd641 | 2021-01-12 18:07:18 +0100 | [diff] [blame] | 271 | if (buf_len < 2) |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 272 | return OSMO_TLVP_ERR_OFS_BEYOND_BUFFER; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 273 | *o_val = buf+2; |
| 274 | *o_len = *(buf+1); |
| 275 | len = *o_len + 2; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 276 | break; |
Harald Welte | 2fe6847 | 2012-07-14 01:50:33 +0200 | [diff] [blame] | 277 | case TLV_TYPE_vTvLV_GAN: /* 44.318 / 11.1.4 */ |
| 278 | /* FIXME: variable-length TAG! */ |
Harald Welte | efdd641 | 2021-01-12 18:07:18 +0100 | [diff] [blame] | 279 | if (buf_len < 2) |
| 280 | return OSMO_TLVP_ERR_OFS_BEYOND_BUFFER; |
Harald Welte | 2fe6847 | 2012-07-14 01:50:33 +0200 | [diff] [blame] | 281 | if (*(buf+1) & 0x80) { |
Harald Welte | efdd641 | 2021-01-12 18:07:18 +0100 | [diff] [blame] | 282 | if (buf_len < 3) |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 283 | return OSMO_TLVP_ERR_OFS_BEYOND_BUFFER; |
Harald Welte | efdd641 | 2021-01-12 18:07:18 +0100 | [diff] [blame] | 284 | /* like TL16Vbut without highest bit of len */ |
Harald Welte | 2fe6847 | 2012-07-14 01:50:33 +0200 | [diff] [blame] | 285 | *o_val = buf+3; |
| 286 | *o_len = (*(buf+1) & 0x7F) << 8 | *(buf+2); |
| 287 | len = *o_len + 3; |
Harald Welte | 2fe6847 | 2012-07-14 01:50:33 +0200 | [diff] [blame] | 288 | } else { |
| 289 | /* like TLV */ |
| 290 | goto tlv; |
| 291 | } |
| 292 | break; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 293 | case TLV_TYPE_TvLV: |
Harald Welte | efdd641 | 2021-01-12 18:07:18 +0100 | [diff] [blame] | 294 | if (buf_len < 2) |
| 295 | return OSMO_TLVP_ERR_OFS_BEYOND_BUFFER; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 296 | if (*(buf+1) & 0x80) { |
| 297 | /* like TLV, but without highest bit of len */ |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 298 | *o_val = buf+2; |
| 299 | *o_len = *(buf+1) & 0x7f; |
| 300 | len = *o_len + 2; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 301 | break; |
| 302 | } |
| 303 | /* like TL16V, fallthrough */ |
| 304 | case TLV_TYPE_TL16V: |
Harald Welte | efdd641 | 2021-01-12 18:07:18 +0100 | [diff] [blame] | 305 | if (buf_len < 3) |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 306 | return OSMO_TLVP_ERR_OFS_BEYOND_BUFFER; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 307 | *o_val = buf+3; |
| 308 | *o_len = *(buf+1) << 8 | *(buf+2); |
| 309 | len = *o_len + 3; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 310 | break; |
| 311 | default: |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 312 | return OSMO_TLVP_ERR_UNKNOWN_TLV_TYPE; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 313 | } |
| 314 | |
Harald Welte | efdd641 | 2021-01-12 18:07:18 +0100 | [diff] [blame] | 315 | if (buf_len < len) { |
| 316 | *o_val = NULL; |
| 317 | return OSMO_TLVP_ERR_OFS_LEN_BEYOND_BUFFER; |
| 318 | } |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 319 | return len; |
| 320 | } |
| 321 | |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 322 | /*! Parse an entire buffer of TLV encoded Information Elements. |
| 323 | * In case of multiple occurences of an IE, keep only the first occurence. |
| 324 | * Most GSM related protocols clearly indicate that in case of duplicate |
| 325 | * IEs, only the first occurrence shall be used, while any further occurrences |
| 326 | * shall be ignored. See e.g. 3GPP TS 24.008 Section 8.6.3. |
| 327 | * For multiple occurences, use tlv_parse2(). |
Harald Welte | 57c7d37 | 2011-08-17 17:50:55 +0200 | [diff] [blame] | 328 | * \param[out] dec caller-allocated pointer to \ref tlv_parsed |
| 329 | * \param[in] def structure defining the valid TLV tags / configurations |
| 330 | * \param[in] buf the input data buffer to be parsed |
| 331 | * \param[in] buf_len length of the input data buffer |
| 332 | * \param[in] lv_tag an initial LV tag at the start of the buffer |
| 333 | * \param[in] lv_tag2 a second initial LV tag following the \a lv_tag |
Stefan Sperling | c9bebbd | 2018-03-16 15:59:01 +0100 | [diff] [blame] | 334 | * \returns number of TLV entries parsed; negative in case of error |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 335 | */ |
| 336 | int tlv_parse(struct tlv_parsed *dec, const struct tlv_definition *def, |
| 337 | const uint8_t *buf, int buf_len, uint8_t lv_tag, |
| 338 | uint8_t lv_tag2) |
| 339 | { |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 340 | return tlv_parse2(dec, 1, def, buf, buf_len, lv_tag, lv_tag2); |
| 341 | } |
| 342 | |
| 343 | /*! Like tlv_parse(), but capable of decoding multiple occurences of the same IE. |
| 344 | * Parse an entire buffer of TLV encoded Information Elements. |
| 345 | * To decode multiple occurences of IEs, provide in dec an _array_ of tlv_parsed, and |
| 346 | * pass the size of that array in dec_multiples. The first occurence of each IE |
| 347 | * is stored in dec[0], the second in dec[1] and so forth. If there are more |
| 348 | * occurences than the array length given in dec_multiples, the remaining |
| 349 | * occurences are dropped. |
| 350 | * \param[out] dec caller-allocated pointer to \ref tlv_parsed |
| 351 | * \param[in] dec_multiples length of the tlv_parsed[] in \a dec. |
| 352 | * \param[in] def structure defining the valid TLV tags / configurations |
| 353 | * \param[in] buf the input data buffer to be parsed |
| 354 | * \param[in] buf_len length of the input data buffer |
| 355 | * \param[in] lv_tag an initial LV tag at the start of the buffer |
| 356 | * \param[in] lv_tag2 a second initial LV tag following the \a lv_tag |
| 357 | * \returns number of TLV entries parsed; negative in case of error |
| 358 | */ |
| 359 | int tlv_parse2(struct tlv_parsed *dec, int dec_multiples, |
| 360 | const struct tlv_definition *def, const uint8_t *buf, int buf_len, |
| 361 | uint8_t lv_tag, uint8_t lv_tag2) |
| 362 | { |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 363 | int ofs = 0, num_parsed = 0; |
| 364 | uint16_t len; |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 365 | int dec_i; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 366 | |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 367 | for (dec_i = 0; dec_i < dec_multiples; dec_i++) |
| 368 | memset(&dec[dec_i], 0, sizeof(*dec)); |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 369 | |
| 370 | if (lv_tag) { |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 371 | const uint8_t *val; |
| 372 | uint16_t parsed_len; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 373 | if (ofs > buf_len) |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 374 | return OSMO_TLVP_ERR_OFS_BEYOND_BUFFER; |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 375 | val = &buf[ofs+1]; |
| 376 | len = buf[ofs]; |
| 377 | parsed_len = len + 1; |
| 378 | if (ofs + parsed_len > buf_len) |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 379 | return OSMO_TLVP_ERR_OFS_LEN_BEYOND_BUFFER; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 380 | num_parsed++; |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 381 | ofs += parsed_len; |
| 382 | /* store the resulting val and len */ |
| 383 | for (dec_i = 0; dec_i < dec_multiples; dec_i++) { |
| 384 | if (dec[dec_i].lv[lv_tag].val != NULL) |
| 385 | continue; |
| 386 | dec->lv[lv_tag].val = val; |
| 387 | dec->lv[lv_tag].len = len; |
| 388 | break; |
| 389 | } |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 390 | } |
| 391 | if (lv_tag2) { |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 392 | const uint8_t *val; |
| 393 | uint16_t parsed_len; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 394 | if (ofs > buf_len) |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 395 | return OSMO_TLVP_ERR_OFS_BEYOND_BUFFER; |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 396 | val = &buf[ofs+1]; |
| 397 | len = buf[ofs]; |
| 398 | parsed_len = len + 1; |
| 399 | if (ofs + parsed_len > buf_len) |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 400 | return OSMO_TLVP_ERR_OFS_LEN_BEYOND_BUFFER; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 401 | num_parsed++; |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 402 | ofs += parsed_len; |
| 403 | /* store the resulting val and len */ |
| 404 | for (dec_i = 0; dec_i < dec_multiples; dec_i++) { |
| 405 | if (dec[dec_i].lv[lv_tag2].val != NULL) |
| 406 | continue; |
| 407 | dec->lv[lv_tag2].val = val; |
| 408 | dec->lv[lv_tag2].len = len; |
| 409 | break; |
| 410 | } |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 411 | } |
| 412 | |
| 413 | while (ofs < buf_len) { |
| 414 | int rv; |
| 415 | uint8_t tag; |
| 416 | const uint8_t *val; |
| 417 | |
| 418 | rv = tlv_parse_one(&tag, &len, &val, def, |
| 419 | &buf[ofs], buf_len-ofs); |
| 420 | if (rv < 0) |
| 421 | return rv; |
Neels Hofmeyr | a78b22b | 2018-04-13 03:36:49 +0200 | [diff] [blame] | 422 | for (dec_i = 0; dec_i < dec_multiples; dec_i++) { |
| 423 | if (dec[dec_i].lv[tag].val != NULL) |
| 424 | continue; |
| 425 | dec[dec_i].lv[tag].val = val; |
| 426 | dec[dec_i].lv[tag].len = len; |
| 427 | break; |
Harald Welte | bf383a1 | 2018-02-02 12:11:14 +0100 | [diff] [blame] | 428 | } |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 429 | ofs += rv; |
| 430 | num_parsed++; |
| 431 | } |
| 432 | //tlv_dump(dec); |
| 433 | return num_parsed; |
| 434 | } |
| 435 | |
Pau Espin Pedrol | d110529 | 2021-04-14 17:21:02 +0200 | [diff] [blame] | 436 | /*! take a master (src) tlv_definition and fill up all empty slots in 'dst' |
Harald Welte | 96e2a00 | 2017-06-12 21:44:18 +0200 | [diff] [blame] | 437 | * \param dst TLV parser definition that is to be patched |
| 438 | * \param[in] src TLV parser definition whose content is patched into \a dst */ |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 439 | void tlv_def_patch(struct tlv_definition *dst, const struct tlv_definition *src) |
| 440 | { |
| 441 | int i; |
| 442 | |
| 443 | for (i = 0; i < ARRAY_SIZE(dst->def); i++) { |
| 444 | if (src->def[i].type == TLV_TYPE_NONE) |
| 445 | continue; |
| 446 | if (dst->def[i].type == TLV_TYPE_NONE) |
| 447 | dst->def[i] = src->def[i]; |
| 448 | } |
| 449 | } |
| 450 | |
| 451 | static __attribute__((constructor)) void on_dso_load_tlv(void) |
| 452 | { |
| 453 | int i; |
| 454 | for (i = 0; i < ARRAY_SIZE(tvlv_att_def.def); i++) |
| 455 | tvlv_att_def.def[i].type = TLV_TYPE_TvLV; |
Harald Welte | 2fe6847 | 2012-07-14 01:50:33 +0200 | [diff] [blame] | 456 | |
| 457 | for (i = 0; i < ARRAY_SIZE(vtvlv_gan_att_def.def); i++) |
| 458 | vtvlv_gan_att_def.def[i].type = TLV_TYPE_vTvLV_GAN; |
Harald Welte | ec8b450 | 2010-02-20 20:34:29 +0100 | [diff] [blame] | 459 | } |
Harald Welte | 57c7d37 | 2011-08-17 17:50:55 +0200 | [diff] [blame] | 460 | |
Harald Welte | fbd02fa | 2016-04-25 15:19:35 +0200 | [diff] [blame] | 461 | /*! Advance the data pointer, subtract length and assign value pointer |
| 462 | * \param data pointer to the pointer to data |
| 463 | * \param data_len pointer to size_t containing \arg data length |
| 464 | * \param[in] len the length that we expect the fixed IE to hav |
| 465 | * \param[out] value pointer to pointer of value part of IE |
| 466 | * \returns length of IE value; negative in case of error |
| 467 | */ |
| 468 | int osmo_shift_v_fixed(uint8_t **data, size_t *data_len, |
| 469 | size_t len, uint8_t **value) |
| 470 | { |
| 471 | if (len > *data_len) |
| 472 | goto fail; |
| 473 | |
| 474 | if (value) |
| 475 | *value = *data; |
| 476 | |
| 477 | *data += len; |
| 478 | *data_len -= len; |
| 479 | |
| 480 | return len; |
| 481 | |
| 482 | fail: |
| 483 | *data += *data_len; |
| 484 | *data_len = 0; |
| 485 | return -1; |
| 486 | } |
| 487 | |
| 488 | /*! Match tag, check length and assign value pointer |
| 489 | * \param data pointer to the pointer to data |
| 490 | * \param data_len pointer to size_t containing \arg data length |
| 491 | * \param[in] tag the tag (IEI) that we expect at \arg data |
| 492 | * \param[in] len the length that we expect the fixed IE to have |
| 493 | * \param[out] value pointer to pointer of value part of IE |
| 494 | * \returns length of IE value; negative in case of error |
| 495 | */ |
| 496 | int osmo_match_shift_tv_fixed(uint8_t **data, size_t *data_len, |
| 497 | uint8_t tag, size_t len, |
| 498 | uint8_t **value) |
| 499 | { |
| 500 | size_t ie_len; |
| 501 | |
| 502 | if (*data_len == 0) |
| 503 | goto fail; |
| 504 | |
| 505 | if ((*data)[0] != tag) |
| 506 | return 0; |
| 507 | |
| 508 | if (len > *data_len - 1) |
| 509 | goto fail; |
| 510 | |
| 511 | if (value) |
| 512 | *value = *data + 1; |
| 513 | |
| 514 | ie_len = len + 1; |
| 515 | *data += ie_len; |
| 516 | *data_len -= ie_len; |
| 517 | |
| 518 | return ie_len; |
| 519 | |
| 520 | fail: |
| 521 | *data += *data_len; |
| 522 | *data_len = 0; |
| 523 | return -1; |
| 524 | } |
| 525 | |
| 526 | /*! Verify TLV header and advance data / subtract length |
| 527 | * \param data pointer to the pointer to data |
| 528 | * \param data_len pointer to size_t containing \arg data length |
| 529 | * \param[in] expected_tag the tag (IEI) that we expect at \arg data |
| 530 | * \param[out] value pointer to pointer of value part of IE |
| 531 | * \param[out] value_len pointer to length of \arg value |
| 532 | * \returns length of IE value; negative in case of error |
| 533 | */ |
| 534 | int osmo_match_shift_tlv(uint8_t **data, size_t *data_len, |
| 535 | uint8_t expected_tag, uint8_t **value, |
| 536 | size_t *value_len) |
| 537 | { |
| 538 | int rc; |
| 539 | uint8_t tag; |
| 540 | uint8_t *old_data = *data; |
| 541 | size_t old_data_len = *data_len; |
| 542 | |
| 543 | rc = osmo_shift_tlv(data, data_len, &tag, value, value_len); |
| 544 | |
| 545 | if (rc > 0 && tag != expected_tag) { |
| 546 | *data = old_data; |
| 547 | *data_len = old_data_len; |
| 548 | return 0; |
| 549 | } |
| 550 | |
| 551 | return rc; |
| 552 | } |
| 553 | |
| 554 | /*! Extract TLV and advance data pointer + subtract length |
| 555 | * \param data pointer to the pointer to data |
| 556 | * \param data_len pointer to size_t containing \arg data lengt |
| 557 | * \param[out] tag extract the tag (IEI) at start of \arg data |
| 558 | * \param[out] value extracted pointer to value part of TLV |
| 559 | * \param[out] value_len extracted length of \arg value |
| 560 | * \returns number of bytes subtracted |
| 561 | */ |
| 562 | int osmo_shift_tlv(uint8_t **data, size_t *data_len, |
| 563 | uint8_t *tag, uint8_t **value, size_t *value_len) |
| 564 | { |
| 565 | size_t len; |
| 566 | size_t ie_len; |
| 567 | |
| 568 | if (*data_len < 2) |
| 569 | goto fail; |
| 570 | |
| 571 | len = (*data)[1]; |
| 572 | if (len > *data_len - 2) |
| 573 | goto fail; |
| 574 | |
| 575 | if (tag) |
| 576 | *tag = (*data)[0]; |
| 577 | if (value) |
| 578 | *value = *data + 2; |
| 579 | if (value_len) |
| 580 | *value_len = len; |
| 581 | |
| 582 | ie_len = len + 2; |
| 583 | |
| 584 | *data += ie_len; |
| 585 | *data_len -= ie_len; |
| 586 | |
| 587 | return ie_len; |
| 588 | |
| 589 | fail: |
| 590 | *data += *data_len; |
| 591 | *data_len = 0; |
| 592 | return -1; |
| 593 | } |
| 594 | |
| 595 | /*! Extract LV and advance data pointer + subtract length |
| 596 | * \param data pointer to the pointer to data |
| 597 | * \param data_len pointer to size_t containing \arg data lengt |
| 598 | * \param[out] value extracted pointer to value part of TLV |
| 599 | * \param[out] value_len extracted length of \arg value |
| 600 | * \returns number of bytes subtracted |
| 601 | */ |
| 602 | int osmo_shift_lv(uint8_t **data, size_t *data_len, |
| 603 | uint8_t **value, size_t *value_len) |
| 604 | { |
| 605 | size_t len; |
| 606 | size_t ie_len; |
| 607 | |
| 608 | if (*data_len < 1) |
| 609 | goto fail; |
| 610 | |
| 611 | len = (*data)[0]; |
| 612 | if (len > *data_len - 1) |
| 613 | goto fail; |
| 614 | |
| 615 | if (value) |
| 616 | *value = *data + 1; |
| 617 | if (value_len) |
| 618 | *value_len = len; |
| 619 | |
| 620 | ie_len = len + 1; |
| 621 | *data += ie_len; |
| 622 | *data_len -= ie_len; |
| 623 | |
| 624 | return ie_len; |
| 625 | |
| 626 | fail: |
| 627 | *data += *data_len; |
| 628 | *data_len = 0; |
| 629 | return -1; |
| 630 | } |
| 631 | |
Harald Welte | 9510992 | 2020-12-04 13:55:38 +0100 | [diff] [blame] | 632 | static __thread char ienamebuf[32]; |
| 633 | static __thread char msgnamebuf[32]; |
| 634 | |
| 635 | /*! get the message name for given msg_type in protocol pdef */ |
| 636 | const char *osmo_tlv_prot_msg_name(const struct osmo_tlv_prot_def *pdef, uint8_t msg_type) |
| 637 | { |
| 638 | if (pdef->msg_def[msg_type].name) { |
| 639 | return pdef->msg_def[msg_type].name; |
| 640 | } else if (pdef->msgt_names) { |
| 641 | return get_value_string(pdef->msgt_names, msg_type); |
| 642 | } else { |
| 643 | snprintf(msgnamebuf, sizeof(msgnamebuf), "Unknown msg_type 0x%02x", msg_type); |
| 644 | return msgnamebuf; |
| 645 | } |
| 646 | } |
| 647 | |
| 648 | /*! get the IE name for given IEI in protocol pdef */ |
| 649 | const char *osmo_tlv_prot_ie_name(const struct osmo_tlv_prot_def *pdef, uint8_t iei) |
| 650 | { |
| 651 | if (pdef->ie_def[iei].name) { |
| 652 | return pdef->ie_def[iei].name; |
| 653 | } else { |
| 654 | snprintf(ienamebuf, sizeof(ienamebuf), "Unknown IEI 0x%02x", iei); |
| 655 | return ienamebuf; |
| 656 | } |
| 657 | } |
| 658 | |
| 659 | /*! Validate an already TLV-decoded message against the protocol definition. |
| 660 | * \param[in] pdef protocol definition of given protocol |
| 661 | * \param[in] msg_type message type of the parsed message |
| 662 | * \param[in] tp TLV parser result |
| 663 | * \param[in] log_subsys logging sub-system for log messages |
| 664 | * \param[in] log_pfx prefix for log messages |
| 665 | * \returns 0 in case of success; negative osmo_tlv_parser_error in case of error |
| 666 | */ |
| 667 | int osmo_tlv_prot_validate_tp(const struct osmo_tlv_prot_def *pdef, uint8_t msg_type, |
| 668 | const struct tlv_parsed *tp, int log_subsys, const char *log_pfx) |
| 669 | { |
| 670 | const struct osmo_tlv_prot_msg_def *msg_def= &pdef->msg_def[msg_type]; |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 671 | unsigned int err = 0; |
Harald Welte | 9510992 | 2020-12-04 13:55:38 +0100 | [diff] [blame] | 672 | unsigned int i; |
| 673 | |
| 674 | if (msg_def->mand_ies) { |
| 675 | for (i = 0; i < msg_def->mand_count; i++) { |
| 676 | uint8_t iei = msg_def->mand_ies[i]; |
| 677 | if (!TLVP_PRESENT(tp, iei)) { |
| 678 | LOGP(log_subsys, LOGL_ERROR, "%s %s %s: Missing Mandatory IE: %s\n", |
| 679 | log_pfx, pdef->name, osmo_tlv_prot_msg_name(pdef, msg_type), |
| 680 | osmo_tlv_prot_ie_name(pdef, iei)); |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 681 | if (!err) |
| 682 | err = OSMO_TLVP_ERR_MAND_IE_MISSING; |
Harald Welte | 9510992 | 2020-12-04 13:55:38 +0100 | [diff] [blame] | 683 | } |
| 684 | } |
| 685 | } |
| 686 | |
| 687 | for (i = 0; i < ARRAY_SIZE(tp->lv); i++) { |
| 688 | uint16_t min_len; |
| 689 | |
| 690 | if (!TLVP_PRESENT(tp, i)) |
| 691 | continue; |
| 692 | |
| 693 | min_len = pdef->ie_def[i].min_len; |
| 694 | if (TLVP_LEN(tp, i) < min_len) { |
| 695 | LOGP(log_subsys, LOGL_ERROR, "%s %s %s: Short IE %s: %u < %u\n", log_pfx, |
| 696 | pdef->name, osmo_tlv_prot_msg_name(pdef, msg_type), |
| 697 | osmo_tlv_prot_ie_name(pdef, i), TLVP_LEN(tp, i), min_len); |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 698 | if (!err) |
| 699 | err = OSMO_TLVP_ERR_IE_TOO_SHORT; |
Harald Welte | 9510992 | 2020-12-04 13:55:38 +0100 | [diff] [blame] | 700 | } |
| 701 | } |
| 702 | |
Harald Welte | 30a9294 | 2020-12-04 14:09:22 +0100 | [diff] [blame] | 703 | return err; |
Harald Welte | 9510992 | 2020-12-04 13:55:38 +0100 | [diff] [blame] | 704 | } |
| 705 | |
| 706 | /*! Parse + Validate a TLV-encoded message against the protocol definition. |
| 707 | * \param[in] pdef protocol definition of given protocol |
| 708 | * \param[out] dec caller-allocated pointer to \ref tlv_parsed |
| 709 | * \param[in] dec_multiples length of the tlv_parsed[] in \a dec. |
| 710 | * \param[in] msg_type message type of the parsed message |
| 711 | * \param[in] buf the input data buffer to be parsed |
| 712 | * \param[in] buf_len length of the input data buffer |
| 713 | * \param[in] lv_tag an initial LV tag at the start of the buffer |
| 714 | * \param[in] lv_tag2 a second initial LV tag following the \a lv_tag |
| 715 | * \param[in] log_subsys logging sub-system for log messages |
| 716 | * \param[in] log_pfx prefix for log messages |
| 717 | * \returns 0 in case of success; negative osmo_tlv_parser_error in case of error |
| 718 | */ |
| 719 | int osmo_tlv_prot_parse(const struct osmo_tlv_prot_def *pdef, |
| 720 | struct tlv_parsed *dec, unsigned int dec_multiples, uint8_t msg_type, |
| 721 | const uint8_t *buf, unsigned int buf_len, uint8_t lv_tag, uint8_t lv_tag2, |
| 722 | int log_subsys, const char *log_pfx) |
| 723 | { |
| 724 | int rc; |
| 725 | |
| 726 | rc = tlv_parse2(dec, dec_multiples, pdef->tlv_def, buf, buf_len, lv_tag, lv_tag2); |
| 727 | if (rc < 0) { |
| 728 | LOGP(log_subsys, LOGL_ERROR, "%s %s %s: TLV parser error %d\n", log_pfx, |
| 729 | pdef->name, osmo_tlv_prot_msg_name(pdef, msg_type), rc); |
| 730 | return rc; |
| 731 | } |
| 732 | |
| 733 | return osmo_tlv_prot_validate_tp(pdef, msg_type, dec, log_subsys, log_pfx); |
| 734 | } |
| 735 | |
Sylvain Munaut | dca7d2c | 2012-04-18 21:53:23 +0200 | [diff] [blame] | 736 | /*! @} */ |