search

hartkopp / can-isotp

Linux Kernel Module for ISO 15765-2:2016 CAN transport protocol PLEASE NOTE: This module is part of the mainline Linux kernel since version 5.10
Other
248 stars 71 forks source link

ERRNO 84 on recv() #48

Closed polybassa closed 3 years ago

polybassa commented 3 years ago

Hi, I recently discovered an error during receive. This error was discovered during some tests from Scapy.

Here is a log from python:

>>> load_contrib("isotp")
>>> s = ISOTPNativeSocket("vcan0", did=0x587, sid=0x607)
>>> s.recv()
WARNING: Captured no data. [Errno 84] Invalid or incomplete multibyte or wide character
Traceback (most recent call last):
  File "/home/nils/PycharmProjects/secdev_scapy/scapy/contrib/isotp/isotp_native_socket.py", line 332, in recv_raw
    pkt, _, ts = self._recv_raw(self.ins, x)
  File "/home/nils/PycharmProjects/secdev_scapy/scapy/supersocket.py", line 130, in _recv_raw
    pkt, ancdata, flags, sa_ll = sock.recvmsg(x, flags_len)
OSError: [Errno 84] Invalid or incomplete multibyte or wide character

Anyway, I could track this error down and found a way to reproduce it. Here is a candump file, which triggers this error. candump_error.log

This error can even be triggered on isotprecv. I've attached a patch to show this error. isotprecv.patch.txt

This patch produces the following output:

 ./isotprecv -d 587 -s 607 vcan0
received -1, 84

I've sent the malformed CAN messages with canplayer like this:

canplayer -I candump_error.log vcan0=can1

From my first quick analysis, this bug comes from somewhere underneath the isotp-kernel module.

polybassa commented 3 years ago

I'm running this on Linux 5.10.42-1-MANJARO #1 SMP PREEMPT Thu Jun 3 14:37:11 UTC 2021 x86_64 GNU/Linux

polybassa commented 3 years ago

Ok, I figured out that this issues is because my PC is missing some consecutive frame.