I was trying to anayze some mode pages captured in an iSCSI trace, and
ethereal 0.9.5 didn't decode them right. It got the begining right, but it
go everything from the block descriptor on wrong. It jumped backwards in
the packet to get the data!
Turns out that the problem is the mode sense code manually sets offset to
either 4 or 8 after starting to decode a packet. Problem is that since
this is iSCSI, we are typically 48 bytes into the packet to start, so that
number should be 52 or 56, not 4 or 8.
The attached patch fixes this, and makes it so that I can decode the mode
sense pages correctly.
I also noticed that line 1580 (before patch) looks very strange:
proto_tree_add_text (tree, tvb, offset, 1, "PS: %u", (pcode & 0x80) >> 8)
Note that 0x80 >> 8 is zero, so (pcode & 0x80) >> 8 can never be non-zero.
Take care,
Bill
--- packet-scsi.c.orig Thu Aug 15 16:50:43 2002
+++ packet-scsi.c Thu Aug 15 17:13:21 2002
@@ -1873,7 +1873,8 @@
desclen = tvb_get_guint8 (tvb, offset+3);
proto_tree_add_text (tree, tvb, offset+3, 1,
"Block Descriptor Length: %u", desclen);
- offset = 4;
+ tot_len += offset;
+ offset += 4;
tot_len -= 3; /* tot_len does not include the len field */
if (desclen) {
proto_tree_add_text (tree, tvb, offset, 4, "No. of Blocks: %u",
@@ -1942,7 +1943,8 @@
desclen = tvb_get_guint8 (tvb, offset+6);
proto_tree_add_text (tree, tvb, offset+6, 1,
"Block Descriptor Length: %u", desclen);
- offset = 8;
+ tot_len += offset;
+ offset += 8;
tot_len -= 6; /* tot_len does not include the len field */
if (desclen) {
proto_tree_add_text (tree, tvb, offset, 8, "No. of Blocks: %s",
@@ -2010,7 +2012,8 @@
desclen = tvb_get_guint8 (tvb, offset+3);
proto_tree_add_text (tree, tvb, offset+3, 1,
"Block Descriptor Length: %u", desclen);
- offset = 4;
+ tot_len += offset;
+ offset += 4;
/* The actual payload is the min of the length in the response & the
* space allocated by the initiator as specified in the request.
*/
