Ethereal-dev: [Ethereal-dev] [Patch] MEGACO dissector fails to decode observed events descript

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Tarlovskij Eugene" <eugene@xxxxxxxxxxxx>
Date: Wed, 14 Jun 2006 17:25:14 +0400
Hello.

I'm back with the new bug related to my favourite MEGACO dissector :)

MEGACO dissector fails to decode such a packet:
!/1 <company1.com>:2944
T=2{C=-{N=user_1{OE=1025{20060614T01495601:al/of{init=False}}}}}

It produces the following output:
  MEGACO
[skipped for brevity]
    Observed Events Descriptor: OE=1025{20060614T01495601:al/of{init=False}}
     RequestID: 1025
     pkgdName: 20060614T01495601:al/of
      init=False
      [ Parse error: Invalid offset ]

Parse error irritates me, it should not be here, the packet is valid. So,
the details.

Error occurs in the function which is called
dissect_megaco_observedeventsdescriptor(), line 2047 of packet-megaco.c
because tvb_current_offset is equal to tvb_previous_offset. Let's walk back
in timeand try to understand why they are equal.
1. tvb_current_offset - in line 2040 there is an attempt to find next
parameter. There is no next parameter, so tvb_current_offset is adjusted in
line 2044 to tvb_observedevents_end_offset.
2. tvb_previous_offset - in line 2039 is takes value from
tvb_current_offset; tvb_current_offset, in turn, is adjusted in line 1957
and it is equal to tvb_observedevents_end_offset . 

So, I concluded that (tvb_current_offset <= tvb_previous_offset) condition
is always true is there is only one parameter in observed event descriptor. 


Index: packet-megaco.c
===================================================================
--- packet-megaco.c	(revision 18189)
+++ packet-megaco.c	(working copy)
@@ -2042,7 +2042,7 @@
 			if (tvb_current_offset == -1 || tvb_current_offset >
tvb_observedevents_end_offset ){
 				tvb_current_offset =
tvb_observedevents_end_offset;
 			}
-			if (tvb_current_offset <= tvb_previous_offset) {
+			if (tvb_current_offset < tvb_previous_offset) {
 
proto_tree_add_text(megaco_observedevent_tree, tvb, 0, 0, "[ Parse error:
Invalid offset ]");
 				return;
 			}
============== The patch ends ===================

Best,
Eugene Tarlovskij

_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev