Some SSIDs produce "krank" XML files

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Log a WiFi with non-ANSI characters (Unicode?) characters in the SSID.
2. Export
3. Run the XML files through the database loader

What is the expected output? What do you see instead?
Some XML files end up in the krank folder. Examples attached.

What version of the product are you using? On what operating system?
00.7.05 (as well as earlier ones) on Cyanogenmod 10.1.3 (as well as RC1 and 
RC2).

Please provide any additional information below.
Looking at the XML files, this seems to happen whenever the SSID of some 
networks contains bytes < 32. I don't know how a WiFi would need to be set up 
for that, I suspect they use a Unicode string as their SSID. Everything else 
looks OK, there is also a healthy-looking hash.

Possible solutions:
- Properly sanitize the SSID field, escaping not only characters which have a 
syntactic meaning in XML (such as <>"&) but also all characters <32 and 
anything >=127.
- When a "strange" SSID is found, don't include it in the XML file (provide 
just the 
hash).

Original issue reported on code.google.com by mich...@vonglasow.com on 26 Sep 2013 at 8:16

Attachments:

• krank.zip

[GoogleCodeExporter]

Wow, sounds like techie ssids :-) My editor just displays ssids like 
[ESC][BS][NAK][US][..]

After some research, both theoretical and practical one my router, I found out 
that ssid names seems to be less standardized than expected. For example my 
router allows non-ascii ssids.. So stripping out all non-ascii characters might 
discard information :-(

If we're sure, that Android is comfortable with the ssids, we might solve the 
problem instead by replacing the FileWriter in xml exporter with an UTF-8 
compatible OutputStreamWriter. 

So let's address the ssids:

1) Did you, by chance, notice the 'real' ssid while logging?
2) Could you verify what's stored in the radiobeacon database?
(via 'adb pull data/data/org.openbmap/databases/radiobeacon')

Original comment by wish7code on 27 Sep 2013 at 9:25

• Changed state: Started

[GoogleCodeExporter]

Maybe some people do that on purpose, as a DOS attack on piggybackers, 
data-hungry Street View cars and the like :-)

Unfortunately I did not look at the real SSID as displayed by Android. I'll 
check the XML where it was, maybe I get near that area and can check what gets 
displayed.

I'll try to extract the relevant data from the local db and attach it.

As for stripping data, I meant something slightly different: Given that 
openBmap does not store any plaintext SSIDs but only hashes (for privacy 
reasons, as the SSID may often contain personal data, such as the owner's 
name), do we actually need to upload the SSID in plaintext, or is it sufficient 
to just send the hash? If the plain SSID is optional and the server will accept 
XML files with just the hash, then that might be an option.

Original comment by mich...@vonglasow.com on 28 Sep 2013 at 11:30

[GoogleCodeExporter]

Attached a database with one of the SSIDs that produced a "krank" XML file. 
Since the DB is some 150 MB in size, I pulled it from my phone and deleted all 
networks other than the questionable one (identified by its MAC address) from 
the wifis table. The wifi was observed in exactly one session; I deleted all 
other sessions and all references to it from the other tables.

Original comment by mich...@vonglasow.com on 28 Sep 2013 at 12:03

Attachments:

• radiobeacon.zip

[GoogleCodeExporter]

Has been closed a while ago in a pragmatic way: SSID is optional anyways, so in 
case SSID contains non-ascii chars no SSID is stored at all..

Original comment by wish7code on 7 Sep 2014 at 1:48

• Changed state: Fixed