forked from osmocom/wireshark
Added an expert info for "4 NOP in a row" in IP and TCP.
svn path=/trunk/; revision=33265
This commit is contained in:
Stig Bjørlykke
parent
d051e79a81
commit
1069c8dccf
|
|
@ -1115,7 +1115,7 @@ static const ip_tcp_opt ipopts[] = {
|
|||
void
|
||||
dissect_ip_tcp_options(tvbuff_t *tvb, int offset, guint length,
|
||||
const ip_tcp_opt *opttab, int nopts, int eol,
|
||||
packet_info *pinfo, proto_tree *opt_tree)
|
||||
packet_info *pinfo, proto_tree *opt_tree, proto_item *opt_item)
|
||||
{
|
||||
guchar opt;
|
||||
const ip_tcp_opt *optp;
|
||||
|
|
@ -1124,7 +1124,7 @@ dissect_ip_tcp_options(tvbuff_t *tvb, int offset, guint length,
|
|||
const char *name;
|
||||
void (*dissect)(const struct ip_tcp_opt *, tvbuff_t *,
|
||||
int, guint, packet_info *, proto_tree *);
|
||||
guint len;
|
||||
guint len, nop_count = 0;
|
||||
|
||||
while (length > 0) {
|
||||
opt = tvb_get_guint8(tvb, offset);
|
||||
|
|
@ -1142,11 +1142,18 @@ dissect_ip_tcp_options(tvbuff_t *tvb, int offset, guint length,
|
|||
optlen = 2;
|
||||
name = ep_strdup_printf("Unknown (0x%02x)", opt);
|
||||
dissect = NULL;
|
||||
nop_count = 0;
|
||||
} else {
|
||||
len_type = optp->len_type;
|
||||
optlen = optp->optlen;
|
||||
name = optp->name;
|
||||
dissect = optp->dissect;
|
||||
if (opt_item && len_type == NO_LENGTH && optlen == 0 && opt == 1) { /* 1 = NOP in both IP and TCP */
|
||||
/* Count number of NOP in a row */
|
||||
nop_count++;
|
||||
} else {
|
||||
nop_count = 0;
|
||||
}
|
||||
}
|
||||
--length; /* account for type byte */
|
||||
if (len_type != NO_LENGTH) {
|
||||
|
|
@ -1207,6 +1214,10 @@ dissect_ip_tcp_options(tvbuff_t *tvb, int offset, guint length,
|
|||
} else {
|
||||
proto_tree_add_text(opt_tree, tvb, offset, 1, "%s", name);
|
||||
offset += 1;
|
||||
|
||||
if (nop_count == 4 && strcmp (name, "NOP") == 0) {
|
||||
expert_add_info_format(pinfo, opt_item, PI_PROTOCOL, PI_WARN, "4 NOP in a row");
|
||||
}
|
||||
}
|
||||
if (opt == eol)
|
||||
break;
|
||||
|
|
@ -1612,7 +1623,7 @@ dissect_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
|
|||
"Options: (%u bytes)", optlen);
|
||||
field_tree = proto_item_add_subtree(tf, ett_ip_options);
|
||||
dissect_ip_tcp_options(tvb, offset + 20, optlen,
|
||||
ipopts, N_IP_OPTS, IPOPT_END, pinfo, field_tree);
|
||||
ipopts, N_IP_OPTS, IPOPT_END, pinfo, field_tree, tf);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2338,7 +2338,7 @@ static void dissect_ipcp_compress_opt(const ip_tcp_opt *optp, tvbuff_t *tvb,
|
|||
field_tree = proto_item_add_subtree(tf, *optp->subtree_index);
|
||||
dissect_ip_tcp_options(tvb, offset, length,
|
||||
ipcp_iphc_subopts, N_IPCP_IPHC_SUBOPTS, -1,
|
||||
pinfo, field_tree);
|
||||
pinfo, field_tree, NULL);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
|
@ -3088,7 +3088,7 @@ dissect_cp( tvbuff_t *tvb, int proto_id, int proto_subtree_index,
|
|||
"Options: (%d byte%s)", length, plurality(length, "", "s"));
|
||||
field_tree = proto_item_add_subtree(tf, options_subtree_index);
|
||||
dissect_ip_tcp_options(tvb, offset, length, opts, nopts, -1,
|
||||
pinfo, field_tree);
|
||||
pinfo, field_tree, NULL);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
|
@ -3252,7 +3252,7 @@ static void
|
|||
dissect_lcp_options(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
||||
{
|
||||
dissect_ip_tcp_options(tvb, 0, tvb_reported_length(tvb), lcp_opts, N_LCP_OPTS,
|
||||
-1, pinfo, tree);
|
||||
-1, pinfo, tree, NULL);
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
@ -3320,7 +3320,7 @@ dissect_vsncp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
"Options: (%d byte%s)", length, plurality(length, "", "s"));
|
||||
field_tree = proto_item_add_subtree(tf, ett_vsncp_options);
|
||||
dissect_ip_tcp_options(tvb, offset, length, vsncp_opts, N_VSNCP_OPTS, -1,
|
||||
pinfo, field_tree);
|
||||
pinfo, field_tree, NULL);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
|
@ -3581,7 +3581,7 @@ dissect_bap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
"Data (%d byte%s)", length, plurality(length, "", "s"));
|
||||
field_tree = proto_item_add_subtree(tf, ett_bap_options);
|
||||
dissect_ip_tcp_options(tvb, offset, length, bap_opts, N_BAP_OPTS, -1,
|
||||
pinfo, field_tree);
|
||||
pinfo, field_tree, NULL);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3497,10 +3497,12 @@ dissect_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
tf = proto_tree_add_bytes_format(tcp_tree, hf_tcp_options, tvb, offset + 20,
|
||||
optlen, p_options, "Options: (%u bytes)", optlen);
|
||||
field_tree = proto_item_add_subtree(tf, ett_tcp_options);
|
||||
} else
|
||||
} else {
|
||||
tf = NULL;
|
||||
field_tree = NULL;
|
||||
}
|
||||
dissect_ip_tcp_options(tvb, offset + 20, optlen,
|
||||
tcpopts, N_TCP_OPTS, TCPOPT_EOL, pinfo, field_tree);
|
||||
tcpopts, N_TCP_OPTS, TCPOPT_EOL, pinfo, field_tree, tf);
|
||||
}
|
||||
|
||||
if(!pinfo->fd->flags.visited){
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ typedef struct ip_tcp_opt {
|
|||
length field in the option, if present, includes the type and
|
||||
length bytes. */
|
||||
extern void dissect_ip_tcp_options(tvbuff_t *, int, guint,
|
||||
const ip_tcp_opt *, int, int, packet_info *, proto_tree *);
|
||||
const ip_tcp_opt *, int, int, packet_info *, proto_tree *, proto_item *);
|
||||
|
||||
/* Routine to dissect options that work like IPv6 options, where the
|
||||
length field in the option, if present, includes only the data, not
|
||||
|
|
|
|||
Loading…
Reference in New Issue