Wireshark-bugs: [Wireshark-bugs] [Bug 3711] New: BSSLAP Protocol Not Decoded In BSSMAP-LE Messag
Date: Sun, 12 Jul 2009 21:08:28 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3711

           Summary: BSSLAP Protocol Not Decoded In BSSMAP-LE Messages
           Product: Wireshark
           Version: 1.3.x (Experimental)
          Platform: Other
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: High
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: mitrevj@xxxxxxxxxxx



Johnny Mitrevski <mitrevj@xxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #3323|                            |review_for_checkin?
               Flag|                            |


Created an attachment (id=3323)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3323)
The fix to packet-gsm_a_common.c

Build Information:
Version 1.3.0 (SVN Rev unknown)

Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.16.2, with GLib 2.20.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8,
with c-ares 1.6.0, with Lua 5.1, without Python, with GnuTLS 2.8.1, with Gcrypt
1.4.4, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Jul 13
2009), with AirPcap.

Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1
beta5
(packet.dll version 4.1.0.1452), based on libpcap version 1.0.0, GnuTLS 2.8.1,
Gcrypt 1.4.4, without AirPcap.

Built using Microsoft Visual C++ 8.0 build 50727

Wireshark is Open Source Software released under the GNU General Public
License.
--
BSSMAP-LE messages contain a BSSLAP APDU component that is not being decoded in
the latest wireshark release.

Investigating this issue, I see that the APDU LENGTH indicator is only ever
looking for 1 byte LENGTH elements. This is incorrect as the LENGTH indicator
of a BSSLAP APDU message is 2 bytes. This throws off the rest of the decode for
the component containing the BSSLAP APDU.

Upon further investiagion I saw that Revision 27605 submitted a change to
packet-gsm_a_common.c that removed the check for 2 byte LENGTH indicator for
ADPU elements.

The fix submitted just replaces the code that was removed.

Regards,
Johnny


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.