8614881fb3
DataElement.from_bytes -> list_from_bytes -> (SEQUENCE/ALTERNATIVE constructor dispatches back to list_from_bytes) had no depth limit. A malicious SDP peer could send a PDU of a few kilobytes containing ~1000 nested SEQUENCE tags and exhaust the Python recursion stack, crashing the host with an unhandled RecursionError propagating out of the SDP handler. Reachable via: any remote Bluetooth device that Bumble performs SDP service discovery against (default during Classic connection setup). Same family as PR #912 (ATT_PDU.from_bytes empty PDU IndexError) - remote unchecked-input parser crash in the Bluetooth stack. Fix: thread-local depth counter, cap nesting at 32 (well above anything a legitimate service record uses). Added two regression tests covering the deep-nesting reject path and normal 16-level-nested SEQUENCE parsing. Reproducer (4.5 KB payload, deterministic crash on 0.0.228): from bumble.sdp import DataElement inner = b"\x35\x00" for _ in range(1500): size = len(inner) if size < 65535: inner = bytes([0x36, (size >> 8) & 0xFF, size & 0xFF]) + inner DataElement.from_bytes(inner) # RecursionError before fix Signed-off-by: ibondarenko1 <ibondarenko1@users.noreply.github.com>
_ _ _
| | | | | |
| |__ _ _ ____ | |__ | | _____
| _ \| | | | \| _ \| || ___ |
| |_) ) |_| | | | | |_) ) || ____|
|____/|____/|_|_|_|____/ \_)_____)
Bluetooth Stack for Apps, Emulation, Test and Experimentation
Bumble is a full-featured Bluetooth stack written entirely in Python. It supports most of the common Bluetooth Low Energy (BLE) and Bluetooth Classic (BR/EDR) protocols and profiles, including GAP, L2CAP, ATT, GATT, SMP, SDP, RFCOMM, HFP, HID and A2DP. The stack can be used with physical radios via HCI over USB, UART, or the Linux VHCI, as well as virtual radios, including the virtual Bluetooth support of the Android emulator.
Documentation
Browse the pre-built Online Documentation,
or see the documentation source under docs/mkdocs/src, or build the static HTML site from the markdown text with:
mkdocs build -f docs/mkdocs/mkdocs.yml
Usage
Getting Started
For a quick start to using Bumble, see the Getting Started guide.
Dependencies
To install package dependencies needed to run the bumble examples, execute the following commands:
python -m pip install --upgrade pip
python -m pip install ".[test,development,documentation]"
Examples
Refer to the Examples Documentation for details on the included example scripts and how to run them.
The complete list of Examples, and what they are designed to do is here.
There are also a set of Apps and Tools that show the utility of Bumble.
Using Bumble With a USB Dongle
Bumble is easiest to use with a dedicated USB dongle.
This is because internal Bluetooth interfaces tend to be locked down by the operating system.
You can use the usb_probe tool (all platforms) or lsusb (Linux or macOS) to list the available USB devices on your system.
See the USB Transport page for details on how to refer to USB devices. Also, if you are on a mac, see these instructions.
License
Licensed under the Apache 2.0 License.
Disclaimer
This is not an official Google product.
This library is in alpha and will be going through a lot of breaking changes. While releases will be stable enough for prototyping, experimentation and research, we do not recommend using it in any production environment yet. Expect bugs and sharp edges. Please help by trying it out, reporting bugs, and letting us know what you think!