Ethereal-dev: Re: [Ethereal-dev] New dissector: IAX2 (Inter-Asterisk eXchange 2) VoIP protocol

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Mon, 26 Jan 2004 17:45:20 -0800

On Jan 26, 2004, at 4:06 PM, Alastair Maw wrote:
I've therefore modified things so that the dissector assumes two bytes for the address header, two for the port and four for the IPv4 address. Unfortunately, there isn't an IAX RFC/spec to make it clear that this is definitely the right thing to do. One is apparently in the works. If Asterisk is ported to architectures other than Linux and FreeBSD this might need some further attention,
Note that {Free,Net,Open}BSD, BSD/OS, and Darwin/Mac OS X have similar socket address structures that aren't exactly the same as the Linux ones - instead of a 2-byte address family type, they have a 1-byte length and 1-byte address family type. 


static const value_string iax_ies_type[] = {
That's not used, because the IE type and length aren't put into the protocol tree. They probably should be put into the protocol tree. 


static void
dissect_iax2 (tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree)
{
  char buffer[150];
  proto_tree *iax2_tree = NULL, *ies_tree = NULL, *codec_tree = NULL;
  proto_item *ti = 0, *ies_base = 0, *codec_base = 0;
  guint32 offset = 0, codecs = 0, i = 0, mask = 0, retransmission = 0;
  long addr;
  const char *data = tvb_get_ptr (tvb, offset, -1);
Dissectors shouldn't just grab a pointer to the entire packet data and directly reference it. For one thing, if any field in the packet is not aligned on the natural boundary, that'll crash on some machines (e.g., SPARC). For another, it means no bounds checking is done.
Instead, fields should be fetched one at a time with the appropriate "tvb_get" routines. 

I've changed the dissector to do that.


  struct ast_iax2_full_hdr *h;
That structure uses some GCC-specific features, such as __attribute((packed)), and some features not in C89, such as zero-length arrays.
I've replaced references to structure members with references to values fetched with the appropriate "tvb_get" routines, and removed the structure definitions from "packet-iax2.h". 


  if (check_col (pinfo->cinfo, COL_PROTOCOL))
    {
      col_set_str (pinfo->cinfo, COL_PROTOCOL, PROTO_TAG_IAX2);
    }
The Info column should be cleared at that point, so that if the dissector throws an exception, due to the packet data being cut short, before setting the Info column, the column doesn't show whatever stuff the previous dissector put there.
I've checked in the dissector, with the changes in question (except for putting the IE type and length into the protocol tree).