Wireshark-bugs: [Wireshark-bugs] [Bug 9206] New: Improve "eHRPD Indicator" NVSE dissection in 3G
Bug ID |
9206
|
Summary |
Improve "eHRPD Indicator" NVSE dissection in 3GPP2 A11 Registration Request
|
Classification |
Unclassified
|
Product |
Wireshark
|
Version |
SVN
|
Hardware |
All
|
OS |
All
|
Status |
UNCONFIRMED
|
Severity |
Major
|
Priority |
Low
|
Component |
Dissection engine (libwireshark)
|
Assignee |
bugzilla-admin@wireshark.org
|
Reporter |
masayuki.takemura@gmail.com
|
Attachment #11676 Flags |
review_for_checkin?
|
Created attachment 11676 [details]
Improve "eHRPD Indicator" NVSE dissection in 3GPP2 A11 Registration Request
Build Information:
$ ./wireshark -v
wireshark 1.11.0 (SVN Rev 52283 from /trunk)
Copyright 1998-2013 Gerald Combs <gerald@wireshark.org> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 2.24.6, with Cairo 1.10.2, with Pango 1.34.1, with
GLib 2.36.3, with libpcap, with libz 1.2.7, without POSIX capabilities, without
libnl, with SMI 0.4.8, without c-ares, with ADNS, without Lua, without Python,
with GnuTLS 2.12.23, with Gcrypt 1.5.2, without Kerberos, with GeoIP, without
PortAudio, with AirPcap.
Running on FreeBSD 9.1-RELEASE, without locale, with libpcap version 1.2.1,
with
libz 1.2.7, GnuTLS 2.12.23, Gcrypt 1.5.2, without AirPcap.
Quad-Core AMD Opteron(tm) Processor 2384
Built using gcc 4.2.1 20070831 patched [FreeBSD].
--
This patch proposes correct dissection for bit fields in "eHRPD Indicator" NVSE
in 3GPP2 A11 Registration Request message and adds descriptive messages for the
bit fields.
According to 3GPP2 spec, the NVSE has 1 octet which includes 3 bit fields:
* PMK
* E-UTRAN Handoff Info
* Tunnel Mode
However, current implementation interpret the whole octet as PMK, which is
incorrect for non-zero octet; for example, if the octet is 0x01, the current
implementation displays "PMK: True", but actually PMK is false and Tunnel Mode
is set.
For the variable names and description messages, I tried to be consistent with
the other parts. But I don't mind if you change any of them to better one.
The patch passes 128 rounds of fuzz testing against 1.6M A11 pcap file.
Reference:
* 3GPP2 A.S0022-0 v2.0, Section 4.2.14 Normal Vendor/Organization Specific
Extension (NVSE)
You are receiving this mail because:
- You are watching all bug changes.