Wireshark-bugs: [Wireshark-bugs] [Bug 5253] New: [NAS EPS] Wrong dissection of Non-current nativ
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5253
Summary: [NAS EPS] Wrong dissection of Non-current native NAS
key set identifier
Product: Wireshark
Version: 1.5.x (Experimental)
Platform: Other
OS/Version: All
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: pascal.quantin@xxxxxxxxx
Pascal Quantin <pascal.quantin@xxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #5205| |review_for_checkin?
Flag| |
Created an attachment (id=5205)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5205)
Fix dissection of Non-current native NAS key set identifier IE
Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
When decoding the following Tracking Area Update Request message, Wireshark
stops right after the non-current native NAS key set identifier IE (even if
there are still IEs following):
07 48 03 0b f6 64 f0 53 00 01 05 01 21 a9 c9 b7 52 64 f0 53 05 01 57 02 60 00
Non-Access-Stratum (NAS)PDU
0000 .... = Security header type: Plain NAS message, not security protected
(0)
.... 0111 = Protocol discriminator: EPS mobility management messages (7)
NAS EPS Mobility Management Message Type: Tracking area update request
(0x48)
0... .... = Type of security context flag (TSC): Native security context
(0)
.000 .... = NAS key set identifier: (0) ASME
.... 0... = Active flag: No bearer establishment requested
.... .011 = EPS update type value: Periodic updating (3)
EPS mobile identity - Old GUTI
Length: 11
.... 0... = odd/even indic: 0
.... .110 = Type of identity: GUTI (6)
Mobile Country Code (MCC): China (People's Republic of) (460)
Mobile Network Code (MNC): Unknown (35)
MME Group ID: 1
MME Code: 5
M-TMSI: 0x0121a9c9
NAS key set identifier - SGSN
1011 .... = Element ID
.... 0... = Type of security context flag (TSC): Native security
context (0)
.... .111 = NAS key set identifier: No key is available (7)
With the attached patch, the decoding succeeds:
Non-Access-Stratum (NAS)PDU
0000 .... = Security header type: Plain NAS message, not security protected
(0)
.... 0111 = Protocol discriminator: EPS mobility management messages (7)
NAS EPS Mobility Management Message Type: Tracking area update request
(0x48)
0... .... = Type of security context flag (TSC): Native security context
(0)
.000 .... = NAS key set identifier: (0) ASME
.... 0... = Active flag: No bearer establishment requested
.... .011 = EPS update type value: Periodic updating (3)
EPS mobile identity - Old GUTI
Length: 11
.... 0... = odd/even indic: 0
.... .110 = Type of identity: GUTI (6)
Mobile Country Code (MCC): China (People's Republic of) (460)
Mobile Network Code (MNC): Unknown (35)
MME Group ID: 1
MME Code: 5
M-TMSI: 0x0121a9c9
NAS key set identifier - Non-current native NAS key set identifier
1011 .... = Element ID
.... 0... = Type of security context flag (TSC): Native security
context (0)
.... .111 = NAS key set identifier: No key is available (7)
Tracking area identity - Last visited registered TAI
Element ID: 82
Mobile Country Code (MCC): China (People's Republic of) (460)
Mobile Network Code (MNC): Unknown (35)
Tracking area code(TAC): 0x0501
EPS bearer context status
Element ID: 87
Length: 2
0... .... = EBI(7): BEARER CONTEXT-INACTIVE
.1.. .... = EBI(6): BEARER CONTEXT-ACTIVE
..1. .... = EBI(5): BEARER CONTEXT-ACTIVE
...0 .... = EBI(4) spare: False
.... 0... = EBI(3) spare: False
.... .0.. = EBI(2) spare: False
.... ..0. = EBI(1) spare: False
.... ...0 = EBI(0) spare: False
0... .... = EBI(15): BEARER CONTEXT-INACTIVE
.0.. .... = EBI(14): BEARER CONTEXT-INACTIVE
..0. .... = EBI(13): BEARER CONTEXT-INACTIVE
...0 .... = EBI(12): BEARER CONTEXT-INACTIVE
.... 0... = EBI(11): BEARER CONTEXT-INACTIVE
.... .0.. = EBI(10): BEARER CONTEXT-INACTIVE
.... ..0. = EBI(9): BEARER CONTEXT-INACTIVE
.... ...0 = EBI(8): BEARER CONTEXT-INACTIVE
PS: as a bonus, the patch also adds the dissection of Additional update result
and Additional update type IEs.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.