Wireshark-bugs: [Wireshark-bugs] [Bug 6528] New: Updating openSAFETY dissector, as well as fixin
Date: Mon, 31 Oct 2011 08:26:03 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6528

           Summary: Updating openSAFETY dissector, as well as fixing CID
                    issues
           Product: Wireshark
           Version: 1.7.x (Experimental)
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: rknall@xxxxxxxxx


Created an attachment (id=7347)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7347)
Updating openSAFETY dissector, as well as fixing CID issues

Build Information:
TShark 1.7.0 (SVN Rev 39684 from /trunk)

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GLib 2.30.0, with libpcap 1.1.1, with libz 1.2.3.4, with
POSIX capabilities (Linux), with threads support, with SMI 0.4.8, with c-ares
1.7.4, with Lua 5.1, with Python 2.7.2+, with GnuTLS 2.10.5, with Gcrypt 1.5.0,
with MIT Kerberos, with GeoIP.

Running on Linux 3.0.0-12-generic, with locale de_AT.UTF-8, with libpcap
version
1.1.1, with libz 1.2.3.4.

Built using gcc 4.6.1.

--

Hi

This is a rather large change-log, but the addressed issues manifest themselve
just in a few lines of code. Basically the changes can be categorized in two
version:

1. Fixing CID 1215, CID 1224 and CID 1246/1247 - and removing
DISSECTOR_ASSERT's where they are not needed anymore. Instead PI_MALFORMED
get's applied to packages where problems occur, as those problems almost always
indicate wrong packages to begin with, which do not occure IRL.

2. Fixing the mess regarding sender/receiver, network, msg category and
direction. This is a convenience issue for people actually using the dissector

3. Adding the necessary code for connection valid. The field has been added
before, but somehow I forgot to add the code to display it.

The changes in more detail:


- Renaming opensafety.msg.type to opensafety.msg.direction
- Introducing real opensafety.msg.type as opensafety.msg.category and generated
field
- Adding openSAFETY Sender and Receiver field, for all types of messages
- Adding openSAFETY Domain number and Node number as generated fields, which
allows filtering for them
- Rework PACKET_RECEIVED_BY and PACKET_SEND_FROM_TO_ALL to PACKET_RECEIVER and
PACKET_SENDER
- Replaced PACKET_SEND_FROM_TO with calls to PACKET_RECEIVER and PACKET_SENDER
- Added functions, so that the new sender and receiver fields as well as
network information are added as sub-trees
- Removed DISSECTOR_ASSERT in opensafety_get_scm_udid as it is not needed here
anymore
- Added the connection valid bit to the dissection tree ( has been there as
message type, but was never validated )
- Added calculations for Domain Network Addr, depending if a valid UDID for the
SCM is present in SSDO and SPDO
- Corrected error, where sub-tree for spdo dissection used global ssdo_tree
instead of spdo_tree
- Added "Message Type unknown" which leads to PI_MALFORMED marked entry in
dissect_opensafety_message
- Added check for ( length - frameOffset ) is below or equal zero, to avoid
using dissector asserts
- Added check for freak frame start detection, where both frame starts would be
equal (could happen during fuzztest)
- Removed DISSECTOR_ASSERT for both frame starts being different
- Added check, that if the frame address is above 1024, the package get's
marked as PI_MALFORMED (fuzztest)
- Fixed CID 1215, CID 1224 and CID 1246/1247
- Corrected naming issue with openSAFETY/SercosIII dissection using UDP
transport


As always, I applied various fuzz and randpkt tests to the patch, and all
things worked out.

regards,
Roland

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.