Wireshark-bugs: [Wireshark-bugs] [Bug 3733] New: Problem in packet-per.c for ASN.1 PER Encoding
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3733
Summary: Problem in packet-per.c for ASN.1 PER Encoding
Product: Wireshark
Version: 1.2.0
Platform: All
OS/Version: All
Status: NEW
Severity: Major
Priority: Medium
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: yunjnz@xxxxxxxxx
Created an attachment (id=3338)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3338)
Patch on packet.c
Build Information:
Version 1.2.0
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.16.2, with GLib 2.20.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8,
with c-ares 1.6.0, with Lua 5.1, with GnuTLS 2.8.1, with Gcrypt 1.4.4, with MIT
Kerberos, with GeoIP, with PortAudio V19-devel (built Jul 9 2009), with
AirPcap.
Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.1
beta5
(packet.dll version 4.1.0.1452), based on libpcap version 1.0.0, GnuTLS 2.8.1,
Gcrypt 1.4.4, without AirPcap.
Built using Microsoft Visual C++ 9.0 build 30729
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
Hi,
We're using the LTE RRC dissector(packet-lte-rrc.c) recently and we find a
problem while parsing the RRC Connection Request,
Following is the definition of the RRC Connection Request:
-- ASN1START
RRCConnectionRequest ::= SEQUENCE {
criticalExtensions CHOICE {
rrcConnectionRequest-r8
RRCConnectionRequest-r8-IEs,
criticalExtensionsFuture SEQUENCE {}
}
}
RRCConnectionRequest-r8-IEs ::= SEQUENCE {
ue-Identity
InitialUE-Identity,
establishmentCause
EstablishmentCause,
spare BIT
STRING (SIZE (1))
}
InitialUE-Identity ::= CHOICE {
s-TMSI S-TMSI,
randomValue BIT
STRING (SIZE (40))
}
EstablishmentCause ::= ENUMERATED {
emergency, highPriorityAccess, mt-Access, mo-Signalling,
mo-Data, spare3, spare2, spare1}
-- ASN1STOP
Totally there are 6 bytes in the encoded packet, but the dissector indicates
"Malformed Packet" even the 6 bytes data is present.
It seems that the packet-per.c wants to read 2 more bytes(line 226 in
packet-per.c "word = tvb_get_ntohs(tvb,boffset+i) << shift1;") for the single
bit "spare" field and thus not enough data available.
Attached is the patch for the file and it works fine for this packet.
Would you please have a look and confirm if the patch properly corrects the
issue?
Thanks,
Sean
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.