Wireshark-dev: [Wireshark-dev] Bug Report for packet-cip.c dissectors
From: Marc Bommert <marc@xxxxxxxxxxxxx>
Date: Wed, 3 Apr 2019 21:15:21 +0200 (CEST)
Hello guys,

a "Forward Open Response" CIP response message with a failure CIP status code of 0x1E (CIP_GSR_SERVICE_ERROR) is interpreted by the dissector with a success reply frame layout. Pretty sure this is wrong. The error response message structure applies for all error status codes.
 
This is in line 6850 of master/epan/dissectors/packet-cip.c

- ->         if( gen_status == CI_GRC_SUCCESS || gen_status == CI_GRC_SERVICE_ERROR )
 
Should be (at least for forward open, forward close, haven't really checked the others):

+ ->         if( gen_status == CI_GRC_SUCCESS)
 
 
I have checked 2019 ODVA specs and products of two vendors, where one product is the firmware I'm involved in.
 
Penny for your thoughts
Marc

Attachment: scrren1.png
Description: PNG image