Ethereal-dev: Re: [ethereal-dev] A possible bug in IP_OPTION dissector.

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Olivier Abad <abad@xxxxxxxxxxxxx>
Date: Wed, 2 Feb 2000 23:09:38 +0100
On mar, fév 01, 2000 at 08:35:33 +0200, Paul Ionescu wrote:
> 
> Hello,
> 
> I captured a ping from a NT with timestamp enabled in IP header.  The
> capture is attached to this email.  I think that there is a bug in
> "dissect_ipopt_timestamp" function.  The host IP from
> IP->Options->Timestamp is wrong.  It should be 10.1.1.1 but instead is
> 3.219.180.46 which is the time field.  I think that is a offset
> problem.  And the displayed field is wrong too.  When I select any of
> the "Address field", in the data field are highlited first 8 bytes
> from IP options.

Here is a patch to correct this. I checked the updated packet-ip.c in
the CVS tree.

Olivier

diff -u -r1.71 packet-ip.c
--- packet-ip.c	2000/01/24 04:44:35	1.71
+++ packet-ip.c	2000/02/02 22:02:32
@@ -526,25 +526,18 @@
 
   while (optlen > 0) {
     if (flg == IPOPT_TS_TSANDADDR) {
-      if (optlen < 4) {
-        proto_tree_add_text(field_tree, offset + optoffset, optlen,
-          "(suboption would go past end of option)");
-        break;
-      }
       /* XXX - check whether it goes past end of packet */
-      ts = pntohl(opd);
-      opd += 4;
-      optlen -= 4;
-      if (optlen < 4) {
+      if (optlen < 8) {
         proto_tree_add_text(field_tree, offset + optoffset, optlen,
           "(suboption would go past end of option)");
         break;
       }
-      /* XXX - check whether it goes past end of packet */
       memcpy((char *)&addr, (char *)opd, sizeof(addr));
+      opd += 4;
+      ts = pntohl(opd);
       opd += 4;
-      optlen -= 4;
-      proto_tree_add_text(field_tree, offset,      8,
+      optlen -= 8;
+      proto_tree_add_text(field_tree, offset + optoffset,      8,
           "Address = %s, time stamp = %u",
           ((addr.s_addr == 0) ? "-" :  (char *)get_hostname(addr.s_addr)),
           ts);


-- 
Hokey religions and ancient weapons are no substitute for a good blaster at
your side.
- Han Solo