Closed psmass closed 5 years ago
PDU is also help to send Unicode text.
Thanks Kayvan - That is what all the docs also say. But to me a equally important issue (unless I am wrong) is that in text mode a malicious user could text in messages with command terminators (e.g. OK or ERROR) and the parser cannot determine if they are part of the message or terminators from the modem? [my rational is that in my limited application, on the controller side, I wanted to use text mode (the parsing of PDU seems a bit complex) but now I see, while unlikely, someone could spoof modem responses and cause my code to become inconsistent (i.e. get out of sync)]. Do you agree or am I wrong with this assertion?
BR Paul
It seems you can make it more secure: see bottom of https://www.developershome.com/sms/cmgrCommand2.asp ... you can enable additional fields including body length. Then the pot. attack vector should be gone.
@Apollon77 - Thank you! That is a good idea and gives me a sol'n if I stay with text mode.
@zabsalahid @Apollon77 @karianpour
Apologies for taking your time, but your modem experience is appreciated. Hopefully, this issue is a more straightforward discussion.
You guys used 'PDU' mode. Can I ask if there was any particular technical reason to use PDU vs. Text Mode?
My thought is that Text mode is not opaque enough (i.e., what is a Modem response and what is a multiline text message). As an example if of an ambiguous text mode messages:
Example of simple clear SMS:
But how about the three line message "Hello, OK, AT+ATZ" (admittedly a contrived example):
Which 'OK' is part of the message and which is the 'OK' that terminates the AT+CMGR? If host code is waiting for OK, the message is believed to be just 'Hello' followed by some sort of command sequence error from the modem echoing some non issued 'AT+ATZ' command
PDU format is clear and unambigious: