Wireshark-bugs: [Wireshark-bugs] [Bug 5197] New: NFS ACCESS calls and replies show unrequested t
Date: Thu, 9 Sep 2010 15:40:52 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5197

           Summary: NFS ACCESS calls and replies show unrequested types as
                    "not allowed"
           Product: Wireshark
           Version: 1.5.x (Experimental)
          Platform: x86
        OS/Version: Windows XP
            Status: NEW
          Severity: Normal
          Priority: Medium
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: turney_cal@xxxxxxx


Cal Turney <turney_cal@xxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #5143|                            |review_for_checkin?
               Flag|                            |

Created an attachment (id=5143)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5143)
Patch that passes the requested access to the reply for comparison

Build Information:
Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.16.6, (32-bit) with GLib 2.22.4, with WinPcap (version
unknown), with libz 1.2.3, without POSIX capabilities, without libpcre, with
SMI
0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.8.5, with
Gcrypt 1.4.5, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built
Sep
 9 2010), with AirPcap.

Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.2
(packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch 1_0_rel0b
(20091008), GnuTLS 2.8.5, Gcrypt 1.4.5, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 30729

--
The NFS dissector (all versions) show access types that have not been requested
to be checked as "not allowed" in the call and reply.  This is incorrect and
misleading.  At present one must manually compare what was requested in order
to assess if access was actually denied for that type.  When there are hundreds
or thousands of these ACCESS requests in a capture, it is not possible or
practical  to manually check each one.  

The submitted patch does the following:

* Passes the access mask in the call to the reply for comparison
* Adds filterable fields for each supported (v4) and access type
* Adds a pseudo field, nfs.access_denied
* Lists the access types to be checked in the summary and tree
* Separately lists the supported, denied, and allowed access types in the 
  summary and tree

The changes are applied to all NFS versions.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.