Wireshark · Ethereal-dev: Re: [Ethereal-dev] iSCSI Dissector Available

[Mark Burton <markb@xxxxxxxxxx>]

From: Guy Harris <guy@xxxxxxxxxx>
Subject: Re: [Ethereal-dev] iSCSI Dissector Available
Date: Wed, 30 May 2001 11:54:22 -0700 (PDT)

> ...with one change - heuristic dissectors must not throw an exception
> until they have determined that the packet is a packet for their
> protocol, so the iSCSI dissector has to first check whether there are at
> least 8 bytes worth of data in the packet before fetching the opcode and
> data segment length from the packet and, if there aren't at least 8
> bytes, it has to return FALSE.

Well, come to think of it. Any packet less than 48 bytes long is not
of much interest as far as iSCSI is concerned so I enclose a patch
(from the CVS version) that does this right.

Regards,

Mark

Index: packet-iscsi.c
===================================================================
RCS file: /cvsroot/ethereal/packet-iscsi.c,v
retrieving revision 1.1
diff -u -3 -p -u -r1.1 packet-iscsi.c
--- packet-iscsi.c	2001/05/30 18:52:37	1.1
+++ packet-iscsi.c	2001/05/30 20:17:11
@@ -520,17 +520,17 @@ dissect_iscsi(tvbuff_t *tvb, packet_info
     guint32 data_segment_len;
     guint8 opcode;
     const char *opcode_str;
-    guint32 pdu_len;
+    guint32 packet_len = tvb_length_remaining(tvb, offset);
 
-    /* Make sure we have enough of the packet to check whether it's
-       iSCSI */
-    if (tvb_length_remaining(tvb, offset) < 8) {
-	/* We don't */
+    /* quick check to see if the packet is long enough to contain a
+     * whole iSCSI header segment */
+    if (packet_len < 48) {
+	/* no, so give up */
 	return FALSE;
     }
 
     opcode = tvb_get_guint8(tvb, offset + 0);
-    pdu_len = tvb_length_remaining(tvb, 0);
+
     if(enable_03_mode) {
 	opcode_str = match_strval(opcode, iscsi_opcodes_03);
 	data_segment_len = tvb_get_ntohl(tvb, offset + 4);
@@ -544,8 +544,7 @@ dissect_iscsi(tvbuff_t *tvb, packet_info
     if(opcode_str == NULL ||
        (enable_bogosity_filter &&
 	(data_segment_len > bogus_pdu_data_length_threshold ||
-	 pdu_len < 48  ||
-	 pdu_len > (data_segment_len + 48 + bogus_pdu_max_digest_padding)))) {
+	 packet_len > (data_segment_len + 48 + bogus_pdu_max_digest_padding)))) {
 	return FALSE;
     }
 
@@ -559,7 +558,7 @@ dissect_iscsi(tvbuff_t *tvb, packet_info
 
 	col_add_str(pinfo->fd, COL_INFO, (char *)opcode_str);
 
-	if((opcode & 0xbf) == 0x01 && pdu_len > 32)
+	if((opcode & 0xbf) == 0x01 && packet_len > 32)
 	    scsiCommandName = match_strval(tvb_get_guint8(tvb, offset + 32),
 					   iscsi_scsi_cdb0);
 	if(scsiCommandName != NULL)
@@ -572,7 +571,7 @@ dissect_iscsi(tvbuff_t *tvb, packet_info
 
 	/* create display subtree for the protocol */
 	ti = proto_tree_add_item(tree, proto_iscsi, tvb, offset,
-				 pdu_len, FALSE);
+				 packet_len, FALSE);
 
 	if((enable_03_mode && opcode == 0x00) ||
 	   (!enable_03_mode && (opcode == 0x00 ||
@@ -794,8 +793,8 @@ dissect_iscsi(tvbuff_t *tvb, packet_info
 		proto_tree_add_uint(ti, hf_iscsi_ExpStatSN, tvb, offset + 28, 4, tvb_get_ntohl(tvb, offset + 28));
 	    }
 	    offset += 48;
-	    if(pdu_len > 48) {
-		int text_len = min(data_segment_len, pdu_len - 48);
+	    if(packet_len > 48) {
+		int text_len = min(data_segment_len, packet_len - 48);
 		proto_item *tf = proto_tree_add_text(ti, tvb, 48, text_len, "Key/Value Pairs");
 		proto_tree *tt = proto_item_add_subtree(tf, ett_iscsi_KeyValues);
 		offset = addTextKeys(tt, tvb, 48, text_len);
@@ -835,8 +834,8 @@ dissect_iscsi(tvbuff_t *tvb, packet_info
 		proto_tree_add_uint(ti, hf_iscsi_Login_Status, tvb, offset + 36, 1, tvb_get_ntohs(tvb, offset + 36));
 	    }
 	    offset += 48;
-	    if(pdu_len > 48) {
-		int text_len = min(data_segment_len, pdu_len - 48);
+	    if(packet_len > 48) {
+		int text_len = min(data_segment_len, packet_len - 48);
 		proto_item *tf = proto_tree_add_text(ti, tvb, 48, text_len, "Key/Value Pairs");
 		proto_tree *tt = proto_item_add_subtree(tf, ett_iscsi_KeyValues);
 		offset = addTextKeys(tt, tvb, 48, text_len);
@@ -862,8 +861,8 @@ dissect_iscsi(tvbuff_t *tvb, packet_info
 	    proto_tree_add_uint(ti, hf_iscsi_CmdSN, tvb, offset + 24, 4, tvb_get_ntohl(tvb, offset + 24));
 	    proto_tree_add_uint(ti, hf_iscsi_ExpStatSN, tvb, offset + 28, 4, tvb_get_ntohl(tvb, offset + 28));
 	    offset += 48;
-	    if(pdu_len > 48) {
-		int text_len = min(data_segment_len, pdu_len - 48);
+	    if(packet_len > 48) {
+		int text_len = min(data_segment_len, packet_len - 48);
 		proto_item *tf = proto_tree_add_text(ti, tvb, 48, text_len, "Key/Value Pairs");
 		proto_tree *tt = proto_item_add_subtree(tf, ett_iscsi_KeyValues);
 		offset = addTextKeys(tt, tvb, 48, text_len);
@@ -888,8 +887,8 @@ dissect_iscsi(tvbuff_t *tvb, packet_info
 	    proto_tree_add_uint(ti, hf_iscsi_ExpCmdSN, tvb, offset + 28, 4, tvb_get_ntohl(tvb, offset + 28));
 	    proto_tree_add_uint(ti, hf_iscsi_MaxCmdSN, tvb, offset + 32, 4, tvb_get_ntohl(tvb, offset + 32));
 	    offset += 48;
-	    if(pdu_len > 48) {
-		int text_len = min(data_segment_len, pdu_len - 48);
+	    if(packet_len > 48) {
+		int text_len = min(data_segment_len, packet_len - 48);
 		proto_item *tf = proto_tree_add_text(ti, tvb, 48, text_len, "Key/Value Pairs");
 		proto_tree *tt = proto_item_add_subtree(tf, ett_iscsi_KeyValues);
 		offset = addTextKeys(tt, tvb, 48, text_len);
@@ -1094,8 +1093,8 @@ dissect_iscsi(tvbuff_t *tvb, packet_info
 	    offset += 48;
 	}
 
-	if(pdu_len > offset)
-	    proto_tree_add_bytes(ti, hf_iscsi_Payload, tvb, offset, pdu_len - offset, tvb_get_ptr(tvb, offset, pdu_len - offset));
+	if(packet_len > offset)
+	    proto_tree_add_bytes(ti, hf_iscsi_Payload, tvb, offset, packet_len - offset, tvb_get_ptr(tvb, offset, packet_len - offset));
     }
 
     return TRUE;