libusbmuxd icon indicating copy to clipboard operation
libusbmuxd copied to clipboard
verified publisher icon libimobiledevice

Inconsistency between libusbmuxd and libimobiledevice in network structure parsing

Open tihmstar opened this issue 2 years ago • 0 comments

In libusbmuxd tools the parsing code found here: https://github.com/libimobiledevice/libusbmuxd/blob/master/tools/iproxy.c#L132-L145 and here: https://github.com/libimobiledevice/libusbmuxd/blob/master/tools/inetcat.c#L219-L231 Looks like this:

		if (dev->conn_data[1] == 0x02) { // AF_INET
			saddr->sa_family = AF_INET;
			memcpy(&saddr->sa_data[0], (uint8_t*)dev->conn_data+2, 14);
		}
		else if (dev->conn_data[1] == 0x1E) { //AF_INET6 (bsd)
#ifdef AF_INET6
			saddr->sa_family = AF_INET6;
			/* copy the address and the host dependent scope id */
			memcpy(&saddr->sa_data[0], (uint8_t*)dev->conn_data+2, 26);
#else
			fprintf(stderr, "ERROR: Got an IPv6 address but this system doesn't support IPv6\n");
			CDATA_FREE(cdata);
			return NULL;
#endif
		}

While at first i thought it's odd that you hardcode 0x1E for AF_INET6 (bsd), i realized it may be due to compatibility reasons on original Apple usbmuxd on windows (as on linux either would work just fine).

But in libimobiledevice the same code is parsed differently, which is problematic! Looking here: https://github.com/libimobiledevice/libimobiledevice/blob/master/src/idevice.c#L333-L345 we find:

			switch (saddr->sa_family) {
				case AF_INET:
					addrlen = sizeof(struct sockaddr_in);
					break;
#ifdef AF_INET6
				case AF_INET6:
					addrlen = sizeof(struct sockaddr_in6);
					break;
#endif
				default:
					debug_info("Unsupported address family 0x%02x\n", saddr->sa_family);
					continue;
			}

Note: even sockaddr is different between macOS and Linux.

struct sockaddr{ //macOS
   uint8_t sa_len;
   uint8_t sa_family;
   char sa_data[14];
};
struct sockaddr{ //linux
   uint16_t sa_family;
   char sa_data[14];
};

.... After looking through more code it looks like libimobiledevice style is more sane (libimobiledevice-glue also assumes this structure). So i recomment to change the libusmuxd code to match libimobiledevice and libimobiledevice-glue.

If 0x1E) { //AF_INET6 (bsd) is needed for compatibility reasons, i recommend to add a small compatibility layer inside libusbmuxd which converts that format into the system-standard format

tihmstar avatar Nov 28 '23 12:11 tihmstar