Wireshark · Wireshark-dev: Re: [Wireshark-dev] sigcomp - accessing state with a partial state id >6 bytes

Wireshark-dev: Re: [Wireshark-dev] sigcomp - accessing state with a partial state id >6 bytes

From: cco <cristian.constantin@xxxxxxxxx>

Date: Mon, 4 Dec 2006 10:24:40 +0100

On Wed, Nov 29, 2006 at 09:50:21AM +0100, cco wrote:
> On Tue, Nov 28, 2006 at 02:46:01PM +0100, Anders Broman (AL/EAB) wrote:
> >  
> > 
> > -----Original Message-----
> > From: wireshark-dev-bounces@xxxxxxxxxxxxx
> > [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of cco
> > Sent: den 28 november 2006 11:56
> > To: Developer support list for Wireshark
> > Subject: [Wireshark-dev] sigcomp - accessing state with a partial state
> > id >6 bytes
> > 
> > >hi!
> > >
> > >it seems that wireshark fails to access a previous saved state when the
> > specified psi is longer than 6 bytes. and yes, >the state was saved at
> > END-MESSAGE(); at least this is what the debug message reports.
> > >
> > >here is the scenario:
> > 
> > >1. sigcomp pkt with bytecode is recv. sucessful decompression,
> > END-MESSAGE makes a state create request. state is saved >(it seems that
> > only the first six bytes of the state id are kept; no idea why) 2.
> > sigcomp packet tries to access prev. >saved state with a partial state
> > id. partial state id is longer than 6 bytes and wireshark fails. since
> > one of the 
> > >peers is able to decompress it I suspect there is a problem in
> > wireshark.
> > >
> > >thanks!
> > >bye now!
> > >cristian
> > 
> > Hi,
> > Wireshark will save the state id with the minimum access length in it's
> > hash table.
> > I guess that later when that state of 6 bytes is compareth with a state
> > of 8 bytes the comparison fails.
> > 
> > I think that ought to be changed to save the full 20 bytes state id and
> > the minimum access length
> > And the comparisson should then be made on the actual state id length
> > used, if greater then minimum length.
> 
> cristian: yes, this would be "Signaling Compression (RFC 3320)" compliant.
> 
> > 
> > I currently have little time to work on this you might want to file a
> > bugzilla report on this 
> > preferably with an example trace.
> 
> cristian: o.k. I will try that.

cristian: hi again. here is a patch (for the svn version) which tries to
fix this behaviour. compiled and tested it against the dumps that
contain sigcomp packets accessing state with partial state id > 6 bytes.
seems to work now.

however pls. have a look.

(off-topic?) after patching and compiling (svn) wireshark on my debian
notebook, when trying to access "Preferences" from gui, wireshark
coredumped. here is a bt:

(gdb) bt
#0  0x080f70a6 in pcap_findalldevs ()
#1  0x080f719d in pcap_findalldevs ()
#2  0x08062d94 in get_interface_list_findalldevs (err=0xbfb8b2ec, err_str=0xbfb8b2f0 "P\237\"\b\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff<\uffff\uffff\uffff\uffff\uffffN\uffff") at capture-pcap-util.c:271
#3  0x080a3da1 in capture_prefs_show () at capture_prefs.c:119
#4  0x08083ea0 in prefs_cb (w=0x8518148, dummy=0x0) at prefs_dlg.c:614
#5  0xb6b382a3 in gtk_item_factory_get_type () from /usr/lib/libgtk-x11-2.0.so.0
#6  0xb675ae1b in g_cclosure_marshal_VOID__VOID () from /usr/lib/libgobject-2.0.so.0
#7  0xb674d98b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#8  0xb675df2d in g_signal_chain_from_overridden () from /usr/lib/libgobject-2.0.so.0
#9  0xb675f429 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#10 0xb675f5d9 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#11 0xb6c431c2 in gtk_widget_activate () from /usr/lib/libgtk-x11-2.0.so.0
#12 0xb6b61a1b in gtk_menu_shell_activate_item () from /usr/lib/libgtk-x11-2.0.so.0
#13 0xb6b61d38 in gtk_menu_shell_activate_item () from /usr/lib/libgtk-x11-2.0.so.0
#14 0xb6b5799f in gtk_menu_reorder_child () from /usr/lib/libgtk-x11-2.0.so.0
#15 0xb6b51900 in _gtk_marshal_BOOLEAN__BOXED () from /usr/lib/libgtk-x11-2.0.so.0
#16 0xb674bf49 in g_value_set_boxed () from /usr/lib/libgobject-2.0.so.0
#17 0xb674d98b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#18 0xb675e56f in g_signal_chain_from_overridden () from /usr/lib/libgobject-2.0.so.0
#19 0xb675f208 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#20 0xb675f5d9 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#21 0xb6c433e4 in gtk_widget_activate () from /usr/lib/libgtk-x11-2.0.so.0
#22 0xb6b4fd2d in gtk_propagate_event () from /usr/lib/libgtk-x11-2.0.so.0
#23 0xb6b501a3 in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0
#24 0xb69e3bfa in _gdk_events_queue () from /usr/lib/libgdk-x11-2.0.so.0
#25 0xb66d2731 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#26 0xb66d57a6 in g_main_context_check () from /usr/lib/libglib-2.0.so.0
#27 0xb66d5b67 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#28 0xb6b4f341 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#29 0x081a1180 in ?? ()
#30 0x00000001 in ?? ()
#31 0x00000001 in ?? ()

any idea what could be wrong?

thanks!
bye now!
cristian

Index: epan/sigcomp-udvm.c
===================================================================
--- epan/sigcomp-udvm.c	(revision 20034)
+++ epan/sigcomp-udvm.c	(working copy)
@@ -2731,7 +2731,12 @@
 					proto_tree_add_text(udvm_tree, bytecode_tvb, 0, -1,"SHA1 digest %s",bytes_to_str(sha1_digest_buf, STATE_BUFFER_SIZE));
 
 				}
+/* begin partial state-id change cco@xxxxxxxxx */				
+#if 0
 				udvm_state_create(sha1buff, sha1_digest_buf, state_minimum_access_length_buff[n]);
+#endif				
+				udvm_state_create(sha1buff, sha1_digest_buf, STATE_MIN_ACCESS_LEN);
+/* end partial state-id change cco@xxxxxxxxx */				
 				proto_tree_add_text(udvm_tree,bytecode_tvb, 0, -1,"### Creating state ###");
 				proto_tree_add_string(udvm_tree,hf_id, bytecode_tvb, 0, 0, bytes_to_str(sha1_digest_buf, state_minimum_access_length_buff[n]));
 
Index: epan/sigcomp_state_hdlr.h
===================================================================
--- epan/sigcomp_state_hdlr.h	(revision 20034)
+++ epan/sigcomp_state_hdlr.h	(working copy)
@@ -43,6 +43,7 @@
 extern void sigcomp_init_udvm(void);
 
 #define STATE_BUFFER_SIZE 20
+#define STATE_MIN_ACCESS_LEN 6
 
 #endif 
 /* SIGCOMP_STATE_HDLR_H */
Index: epan/dissectors/packet-sigcomp.c
===================================================================
--- epan/dissectors/packet-sigcomp.c	(revision 20034)
+++ epan/dissectors/packet-sigcomp.c	(working copy)
@@ -717,10 +717,15 @@
 				i++;
 			}
 
+/* begin partial state-id change cco@xxxxxxxxx */				
+#if 0
 			result_code = udvm_state_access(tvb, sigcomp_tree, buff, p_id_start, partial_state_len, state_begin, &state_length, 
 				&state_address, &state_instruction, hf_sigcomp_partial_state);
+#endif
+			result_code = udvm_state_access(tvb, sigcomp_tree, buff, p_id_start, STATE_MIN_ACCESS_LEN, state_begin, &state_length, 
+				&state_address, &state_instruction, hf_sigcomp_partial_state);
 
-
+/* end partial state-id change cco@xxxxxxxxx */				
 			if ( result_code != 0 ){
 				proto_tree_add_text(sigcomp_tree, tvb, 0, -1,"Failed to Access state Wireshark UDVM diagnostic: %s.",
 					    val_to_str(result_code, result_code_vals,"Unknown (%u)"));

Follow-Ups:
- Re: [Wireshark-dev] sigcomp - accessing state with a partial stateid >6 bytes
  - From: Anders Broman

Prev by Date: Re: [Wireshark-dev] wireshark and usb
Next by Date: Re: [Wireshark-dev] wireshark and usb
Previous by thread: Re: [Wireshark-dev] [PATCH] range_string and OSPF bcmodelid
Next by thread: Re: [Wireshark-dev] sigcomp - accessing state with a partial stateid >6 bytes
Index(es):
- Date
- Thread