osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

From Patrick White via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7061 : 

Add UDP to BFCP dissector and dissect new primitives and attibutes
From me: add an expert info in case of invalid payload length to avoid a potential infinite loop

svn path=/trunk/; revision=42160
This commit is contained in:
pascal 2012-04-20 14:41:34 +00:00
parent d74383ed1c
commit 3140c10fbb
1 changed files with 144 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

165
epan/dissectors/packet-bfcp.c
View File

@ -32,18 +32,24 @@
#include <epan/packet.h>
#include <epan/prefs.h>
#include <epan/expert.h>
/* Initialize protocol and registered fields */
static int proto_bfcp = -1;
static gboolean bfcp_enable_heuristic_dissection = FALSE;
static dissector_handle_t bfcp_handle;
static int hf_bfcp_transaction_initiator = -1;
static int hf_bfcp_primitive = -1;
static int hf_bfcp_payload_length = -1;
static int hf_bfcp_conference_id = -1;
static int hf_bfcp_transaction_id = -1;
static int hf_bfcp_user_id = -1;
static int hf_bfcp_payload = -1;
static int hf_bfcp_attribute_types = -1;
static int hf_bfcp_attribute_length = -1;
static int hf_bfcp_request_status = -1;
/* Initialize subtree pointers */
static gint ett_bfcp = -1;
@ -64,10 +70,51 @@ static const value_string map_bfcp_primitive[] = {
{ 11, "Hello"},
{ 12, "HelloAck"},
{ 13, "Error"},
{ 14, "FloorRequestStatusAck"},
{ 15, "ErrorAck"},
{ 16, "FloorStatusAck"},
{ 17, "Goodbye"},
{ 18, "GoodbyeAck"},
{ 0, NULL},
};
static const value_string map_bfcp_attribute_types[] = {
{ 0, "<Invalid Primitive>"},
{ 1, "BeneficiaryID"},
{ 2, "FloorID"},
{ 3, "FloorRequestID"},
{ 4, "Priority"},
{ 5, "RequestStatus"},
{ 6, "ErrorCode"},
{ 7, "ErrorInfo"},
{ 8, "ParticipantProvidedInfo"},
{ 9, "StatusInfo"},
{ 10, "SupportedAttributes"},
{ 11, "SupportedPrimitives"},
{ 12, "UserDisplayName"},
{ 13, "UserURI"},
{ 14, "BeneficiaryInformation"},
{ 15, "FloorRequestInformation"},
{ 16, "RequestedByInformation"},
{ 17, "FloorRequestStatus"},
{ 18, "OverallRequestStatus"},
{ 0, NULL},
};
static const value_string map_bfcp_request_status[] = {
{ 0, "<Invalid Primitive>"},
{ 1, "Pending"},
{ 2, "Accepted"},
{ 3, "Granted"},
{ 4, "Denied"},
{ 5, "Cancelled"},
{ 6, "Released"},
{ 7, "Revoked"},
{ 0, NULL},
};
/*Define offset for fields in BFCP packet */
#define BFCP_OFFSET_TRANSACTION_INITIATOR 0
#define BFCP_OFFSET_PRIMITIVE 1
#define BFCP_OFFSET_PAYLOAD_LENGTH 2
#define BFCP_OFFSET_CONFERENCE_ID 4
@ -76,13 +123,13 @@ static const value_string map_bfcp_primitive[] = {
#define BFCP_OFFSET_PAYLOAD 12
/* Code to actually dissect BFCP packets */
static gboolean dissect_bfcp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
static gboolean dissect_bfcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
guint8 first_byte = 0;
guint8 primitive = 0;
const gchar *str = NULL;
guint idx = 0;
gint bfcp_payload_length = 0;
gint bfcp_payload_length;
/* Size of smallest BFCP packet 12-octets */
if (tvb_length(tvb) < 12)
@ -91,16 +138,16 @@ static gboolean dissect_bfcp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *
/* Check version and reserved bits in first byte */
first_byte = tvb_get_guint8 (tvb, 0);
/* If first_byte of bfcp_packet is not 0x20 then
* this can not be a BFCP. Return FALSE give another
* dissector a chance to dissect it.
/* If first_byte of bfcp_packet is a combination of the
* version and the I bit. The value must be either 0x20 or 0x30
* if the bit is set, otherwise it is not BFCP.
*/
if (first_byte != 0x20)
if (first_byte != 0x20 && first_byte != 0x30 )
return FALSE;
primitive = tvb_get_guint8 (tvb, 1);
if (primitive < 1 || primitive > 13)
if (primitive < 1 || primitive > 18 )
return FALSE;
str = match_strval_idx(primitive, map_bfcp_primitive, &idx);
@ -112,7 +159,7 @@ static gboolean dissect_bfcp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *
col_add_str (pinfo->cinfo, COL_INFO, str);
if (tree) {
gint read_attr = 0;
proto_item *ti = NULL;
proto_tree *bfcp_tree = NULL;
@ -120,6 +167,8 @@ static gboolean dissect_bfcp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *
bfcp_tree = proto_item_add_subtree(ti, ett_bfcp);
/* Add items to BFCP tree */
proto_tree_add_item(bfcp_tree, hf_bfcp_transaction_initiator, tvb,
BFCP_OFFSET_TRANSACTION_INITIATOR, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(bfcp_tree, hf_bfcp_primitive, tvb,
BFCP_OFFSET_PRIMITIVE, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(bfcp_tree, hf_bfcp_payload_length, tvb,
@ -132,12 +181,54 @@ static gboolean dissect_bfcp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *
BFCP_OFFSET_USER_ID, 2, ENC_BIG_ENDIAN);
bfcp_payload_length = tvb_get_ntohs(tvb,
BFCP_OFFSET_PAYLOAD_LENGTH);
BFCP_OFFSET_PAYLOAD_LENGTH) * 4;
if (tvb_length_remaining(tvb, BFCP_OFFSET_PAYLOAD) > 0)
proto_tree_add_item(bfcp_tree, hf_bfcp_payload, tvb,
BFCP_OFFSET_PAYLOAD, bfcp_payload_length,
ENC_NA);
while( tvb_length_remaining(tvb, BFCP_OFFSET_PAYLOAD + read_attr) >= 2 &&
(bfcp_payload_length - read_attr) >= 2 )
{
gint read = 0;
guint8 first_byte = 0;
guint8 attribute_type = 0;
guint8 length = 0;
first_byte = tvb_get_guint8 (tvb, BFCP_OFFSET_PAYLOAD + read_attr );
/* Padding so continue to next attribute */
if( first_byte == 0 )
{
read_attr++;
continue;
}
proto_tree_add_item(bfcp_tree, hf_bfcp_attribute_types, tvb,
BFCP_OFFSET_PAYLOAD + read_attr,1, ENC_BIG_ENDIAN);
attribute_type = (first_byte & 0xFE) >> 1;
read++;
ti = proto_tree_add_item(bfcp_tree, hf_bfcp_attribute_length, tvb,
BFCP_OFFSET_PAYLOAD + read_attr + read,1, ENC_BIG_ENDIAN);
length = tvb_get_guint8 (tvb, BFCP_OFFSET_PAYLOAD + read_attr + read );
read++;
/* If RequestStatus then show what type of status it is... */
if( attribute_type == 5 )
{
proto_tree_add_item(bfcp_tree, hf_bfcp_request_status, tvb,
BFCP_OFFSET_PAYLOAD + read_attr + read,1, ENC_BIG_ENDIAN);
read++;
}
if (length >= read)
{
proto_tree_add_item(bfcp_tree, hf_bfcp_payload, tvb,
BFCP_OFFSET_PAYLOAD + read_attr + read, length-read, ENC_NA);
}
else
{
expert_add_info_format(pinfo, ti, PI_MALFORMED, PI_ERROR,
"Attribute length is too small (%d bytes)", length);
break;
}
read_attr = read_attr + length;
}
}
return TRUE;
}
@ -150,16 +241,20 @@ void proto_reg_handoff_bfcp(void)
* Heuristic dissection in disabled by default since
* the heuristic is quite weak.
*/
if (!prefs_initialized) {
heur_dissector_add ("tcp", dissect_bfcp_tcp, proto_bfcp);
bfcp_handle = new_create_dissector_handle(dissect_bfcp_tcp,
proto_bfcp);
dissector_add_handle("tcp.port", bfcp_handle);
prefs_initialized = TRUE;
if (!prefs_initialized)
{
heur_dissector_add ("tcp", dissect_bfcp, proto_bfcp);
heur_dissector_add ("udp", dissect_bfcp, proto_bfcp);
bfcp_handle = new_create_dissector_handle(dissect_bfcp, proto_bfcp);
dissector_add_handle("tcp.port", bfcp_handle);
dissector_add_handle("udp.port", bfcp_handle);
prefs_initialized = TRUE;
}
heur_dissector_set_enabled("tcp", dissect_bfcp_tcp, proto_bfcp,
heur_dissector_set_enabled("tcp", dissect_bfcp, proto_bfcp,
bfcp_enable_heuristic_dissection);
heur_dissector_set_enabled("udp", dissect_bfcp, proto_bfcp,
bfcp_enable_heuristic_dissection);
}
@ -168,6 +263,13 @@ void proto_register_bfcp(void)
module_t *bfcp_module;
static hf_register_info hf[] = {
{
&hf_bfcp_transaction_initiator,
{ "Transaction Initiator", "bfcp.transaction_initiator",
FT_BOOLEAN, 8,
NULL, 0x10,
NULL, HFILL }
},
{
&hf_bfcp_primitive,
{ "Primitive", "bfcp.primitive",
@ -209,6 +311,27 @@ void proto_register_bfcp(void)
FT_BYTES, BASE_NONE,
NULL, 0x0, NULL,
HFILL }
},
{
&hf_bfcp_attribute_types,
{ "Attribute Type", "bfcp.attribute_type",
FT_UINT8, BASE_DEC,
VALS(map_bfcp_attribute_types), 0xFE,
NULL, HFILL }
},
{
&hf_bfcp_attribute_length,
{ "Attribute Length", "bfcp.attribute_length",
FT_UINT16, BASE_DEC,
NULL, 0x0,
NULL, HFILL }
},
{
&hf_bfcp_request_status,
{ "Request Status", "bfcp.request_status",
FT_UINT8, BASE_DEC,
VALS(map_bfcp_request_status), 0x0,
NULL, HFILL }
}
};