Wireshark · Ethereal-dev: Re: [Ethereal-dev] bug report: ** ERROR **: file proto.c: line 1653 ...

Ethereal-dev: Re: [Ethereal-dev] bug report: ** ERROR **: file proto.c: line 1653 ...

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxx>

Date: Thu, 21 Feb 2002 15:32:21 -0800

On Thu, Feb 21, 2002 at 03:03:04PM -0500, Brian D. Yates wrote:
> Procedure: open attached trace file, attempt to view packets 19 or 20.

The problem is that, for some reason, the 802.11 dissector was using, as
the total length of tagged parameters, the number of bytes remaining in
the packet 4 bytes *after* the end of the fixed parameters.

As there aren't *any* bytes after the fixed parameters in those frames,
the routine to get the number of bytes remaining returned -1, and that
now caused an assertion failure because of some checking we now do that
we didn't do in some earlier releases.

(I.e., the checking found a Real Live Bug that had previously gone
undetected.  For other packets that *do* have tagged parameters, the
wrong number of bytes of tagged parameters was being reported.)

I suspect the rationale *might* have been to cope with packets that
included a CRC at the end of the packet, as some capture mechanisms
might supply the CRC.  Others don't, however, so it's an error to simply
*assume* there's a CRC and, implicitly, subtract 4 bytes from the length
remaining in the packet to leave the CRC out.

Here's a patch that fixes that problem.  If that causes some *other*
captures (from Prismdump, or from other types of wireless cards using
different drivers) to think the packet has 4 more bytes of payload than
it really does, because the "payload" includes a CRC, we'll have to
arrange that those captures get a different libpcap DLT_ type, and treat
that type as having a CRC.

Index: packet-ieee80211.c
===================================================================
RCS file: /usr/local/cvsroot/ethereal/packet-ieee80211.c,v
retrieving revision 1.49
diff -c -r1.49 packet-ieee80211.c
*** packet-ieee80211.c	2002/01/28 01:13:48	1.49
--- packet-ieee80211.c	2002/02/21 23:21:36
***************
*** 851,857 ****
  
  	  next_idx = 4;	/* Size of fixed fields */
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx + 4);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
--- 851,857 ----
  
  	  next_idx = 4;	/* Size of fixed fields */
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
***************
*** 873,879 ****
  	  next_idx = 6;	/* Size of fixed fields */
  
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx + 4);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
--- 873,879 ----
  	  next_idx = 6;	/* Size of fixed fields */
  
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
***************
*** 894,900 ****
  
  	  next_idx = 10;	/* Size of fixed fields */
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx + 4);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
--- 894,900 ----
  
  	  next_idx = 10;	/* Size of fixed fields */
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
***************
*** 914,920 ****
  
  	  next_idx = 6;	/* Size of fixed fields */
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx + 4);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
--- 914,920 ----
  
  	  next_idx = 6;	/* Size of fixed fields */
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
***************
*** 930,936 ****
  	case MGT_PROBE_REQ:
  	  next_idx = 0;
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx + 4);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
--- 930,936 ----
  	case MGT_PROBE_REQ:
  	  next_idx = 0;
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
***************
*** 951,957 ****
  
  	  next_idx = 12;	/* Size of fixed fields */
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx + 4);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
--- 951,957 ----
  
  	  next_idx = 12;	/* Size of fixed fields */
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
***************
*** 973,979 ****
  
  	  next_idx = 12;	/* Size of fixed fields */
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx + 4);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
--- 973,979 ----
  
  	  next_idx = 12;	/* Size of fixed fields */
  	  tagged_parameter_tree_len =
! 	      tvb_reported_length_remaining(tvb, next_idx);
  	  tagged_tree = get_tagged_parameter_tree (mgt_tree, tvb, next_idx,
  						   tagged_parameter_tree_len);
  
***************
*** 1005,1011 ****
  	  next_idx = 6;	/* Size of fixed fields */
  
  	  tagged_parameter_tree_len =
! 		  tvb_reported_length_remaining(tvb, next_idx + 4);
  	  if (tagged_parameter_tree_len != 0)
  	    {
  	      tagged_tree = get_tagged_parameter_tree (mgt_tree,
--- 1005,1011 ----
  	  next_idx = 6;	/* Size of fixed fields */
  
  	  tagged_parameter_tree_len =
! 		  tvb_reported_length_remaining(tvb, next_idx);
  	  if (tagged_parameter_tree_len != 0)
  	    {
  	      tagged_tree = get_tagged_parameter_tree (mgt_tree,

References:
- [Ethereal-dev] bug report: ** ERROR **: file proto.c: line 1653 ...
  - From: Brian D. Yates

Prev by Date: [Ethereal-dev] SCCP dissector - need (want) more test captures
Next by Date: Re: [Ethereal-dev] SMB Trans2/QUERY_FS_INFO/Quota partial support.
Previous by thread: [Ethereal-dev] bug report: ** ERROR **: file proto.c: line 1653 ...
Next by thread: [Ethereal-dev] SCCP dissector - need (want) more test captures
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$