Wireshark-bugs: [Wireshark-bugs] [Bug 6475] New: Decoding of new properties in BACnet Packets
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 20 Oct 2011 10:48:06 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6475

           Summary: Decoding of new properties in BACnet Packets
           Product: Wireshark
           Version: 1.7.x (Experimental)
          Platform: Other
        OS/Version: Windows XP
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: ljtconsulting@xxxxxxxxx


Lori Tribble <ljtconsulting@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #7280|                            |review_for_checkin?
               Flag|                            |

Created an attachment (id=7280)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7280)
Patch that addresses this bug

Build Information:
wireshark 1.7.0-SVN-ALC-122010

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.22.1, with Cairo 1.10.2, with Pango 1.28.3, with
GLib 2.26.1, with WinPcap (version unknown), with libz 1.2.5, without POSIX
capabilities, with threads support, with SMI 0.4.8, with c-ares 1.7.1, with Lua
5.1, without Python, with GnuTLS 2.10.3, with Gcrypt 1.4.6, with MIT Kerberos,
with GeoIP, with PortAudio V19-devel (built Sep  7 2011), with AirPcap.

Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.1
(packet.dll version 4.1.0.1753), based on libpcap version 1.0 branch 1_0_rel0b
(20091008), GnuTLS 2.10.3, Gcrypt 1.4.6, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 21022
--
I found many new properties in BACnet that were not decoded correctly in
Wireshark.  I have attached a patch that adds decoding to the following
properties:

Fixed the following properties to decode:

In the Accumulator Object:
scale (187)
prescale (185)
logging-record (184)

In Access Door Object:
door-members (228)
masked-alarm-values (234)

In the Pulse Converter Object:
input-reference (181)

In the Group Object:
list-of-group-members (53)

In the Event Enrollment Object:
object-property-reference (78)

In the Command Object:
action (2)

In the Trend Log Multiple object:
log-buffer (131)

In the Event Log Object:
log-buffer (131)

In the Structured View object:
subordinate-list (211)

Added decoding for the following enumeration type properties:
  Logging-type (197)
  event-state (36)
  reliability (103)
  notify-type (208)
  door-status (231)
  lock-status (233)
  secured-status (235)
  maintenance-required (158)
  program-state (92)
  program-change (90)
  reason-for-halt (100)
  mode (160)
  silenced (163)
  operation-expected (161)
  tracking-value (164)
  file-access-method (41)

The above fixes also fixed the log-buffer decoding of the old trend log 
recorded as Wireshark bug: #6458

I believe this patch also fixes bug: #6235.  But the original bug did not
contain a capture file so I am not positive my capture represents the
originators issue.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.