osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

QUIC: like Fbzero dissector check direclty offset_end 

and don't subtract tag_len

Change-Id: I4dbae23614ecad0dc30e9c8581acdbf5b38b037f
Reviewed-on: https://code.wireshark.org/review/22588
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
Alexis La Goutte 2017-07-11 13:53:40 +02:00 committed by Anders Broman
parent 5ae49910dd
commit f41a4f5e6f
1 changed files with 10 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
epan/dissectors/packet-quic.c
View File

@ -1375,7 +1375,8 @@ dissect_quic_tag(tvbuff_t *tvb, packet_info *pinfo, proto_tree *quic_tree, guint
/* Fix issue with CRT.. (Fragmentation ?) */
if( tag_len > tvb_reported_length_remaining(tvb, tag_offset_start + tag_offset)){
tag_len = tvb_reported_length_remaining(tvb, tag_offset_start + tag_offset);
expert_add_info(pinfo, ti_len, &ei_quic_tag_length);
offset_end = tag_offset + tag_len;
expert_add_info(pinfo, ti_len, &ei_quic_tag_length);
}
proto_tree_add_item(tag_tree, hf_quic_tag_value, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
@ -1384,281 +1385,232 @@ dissect_quic_tag(tvbuff_t *tvb, packet_info *pinfo, proto_tree *quic_tree, guint
case TAG_PAD:
proto_tree_add_item(tag_tree, hf_quic_tag_pad, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_SNI:
proto_tree_add_item_ret_string(tag_tree, hf_quic_tag_sni, tvb, tag_offset_start + tag_offset, tag_len, ENC_ASCII|ENC_NA, wmem_packet_scope(), &tag_str);
proto_item_append_text(ti_tag, ": %s", tag_str);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_VER:
proto_tree_add_item_ret_string(tag_tree, hf_quic_tag_ver, tvb, tag_offset_start + tag_offset, 4, ENC_ASCII|ENC_NA, wmem_packet_scope(), &tag_str);
proto_item_append_text(ti_tag, ": %s", tag_str);
tag_offset += 4;
tag_len -= 4;
break;
case TAG_CCS:
while(tag_len > 0){
while(offset_end - tag_offset >= 8){
proto_tree_add_item(tag_tree, hf_quic_tag_ccs, tvb, tag_offset_start + tag_offset, 8, ENC_NA);
tag_offset += 8;
tag_len -= 8;
}
break;
case TAG_PDMD:
proto_tree_add_item_ret_string(tag_tree, hf_quic_tag_pdmd, tvb, tag_offset_start + tag_offset, tag_len, ENC_ASCII|ENC_NA, wmem_packet_scope(), &tag_str);
proto_item_append_text(ti_tag, ": %s", tag_str);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_UAID:
proto_tree_add_item_ret_string(tag_tree, hf_quic_tag_uaid, tvb, tag_offset_start + tag_offset, tag_len, ENC_ASCII|ENC_NA, wmem_packet_scope(), &tag_str);
proto_item_append_text(ti_tag, ": %s", tag_str);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_STK:
proto_tree_add_item(tag_tree, hf_quic_tag_stk, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_SNO:
proto_tree_add_item(tag_tree, hf_quic_tag_sno, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_PROF:
proto_tree_add_item(tag_tree, hf_quic_tag_prof, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_SCFG:{
guint32 scfg_tag_number;
proto_tree_add_item(tag_tree, hf_quic_tag_scfg, tvb, tag_offset_start + tag_offset, 4, ENC_ASCII|ENC_NA);
tag_offset += 4;
tag_len -= 4;
proto_tree_add_item(tag_tree, hf_quic_tag_scfg_number, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
scfg_tag_number = tvb_get_letohl(tvb, tag_offset_start + tag_offset);
tag_offset += 4;
tag_len -= 4;
dissect_quic_tag(tvb, pinfo, tag_tree, tag_offset_start + tag_offset, scfg_tag_number, quic_info);
tag_offset += tag_len;
tag_len -= tag_len;
tag_offset += tag_len - 4 - 4;
}
break;
case TAG_RREJ:
while(tag_len > 0){
while(offset_end - tag_offset >= 4){
proto_tree_add_item(tag_tree, hf_quic_tag_rrej, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti_tag, ", Code %s", val_to_str_ext(tvb_get_letohl(tvb, tag_offset_start + tag_offset), &handshake_failure_reason_vals_ext, "Unknown"));
tag_offset += 4;
tag_len -= 4;
}
break;
case TAG_CRT:
proto_tree_add_item(tag_tree, hf_quic_tag_crt, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_AEAD:
while(tag_len > 0){
while(offset_end - tag_offset >= 4){
proto_tree *ti_aead;
ti_aead = proto_tree_add_item(tag_tree, hf_quic_tag_aead, tvb, tag_offset_start + tag_offset, 4, ENC_ASCII|ENC_NA);
proto_item_append_text(ti_aead, " (%s)", val_to_str(tvb_get_ntohl(tvb, tag_offset_start + tag_offset), tag_aead_vals, "Unknown"));
proto_item_append_text(ti_tag, ", %s", val_to_str(tvb_get_ntohl(tvb, tag_offset_start + tag_offset), tag_aead_vals, "Unknown"));
tag_offset += 4;
tag_len -= 4;
}
break;
case TAG_SCID:
proto_tree_add_item(tag_tree, hf_quic_tag_scid, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_PUBS:
/*TODO FIX: 24 Length + Pubs key?.. ! */
proto_tree_add_item(tag_tree, hf_quic_tag_pubs, tvb, tag_offset_start + tag_offset, 2, ENC_LITTLE_ENDIAN);
tag_offset += 2;
tag_len -= 2;
while(tag_len > 0){
while(offset_end - tag_offset >= 3){
proto_tree_add_item(tag_tree, hf_quic_tag_pubs, tvb, tag_offset_start + tag_offset, 3, ENC_LITTLE_ENDIAN);
tag_offset += 3;
tag_len -= 3;
}
break;
case TAG_KEXS:
while(tag_len > 0){
while(offset_end - tag_offset >= 4){
proto_tree *ti_kexs;
ti_kexs = proto_tree_add_item(tag_tree, hf_quic_tag_kexs, tvb, tag_offset_start + tag_offset, 4, ENC_ASCII|ENC_NA);
proto_item_append_text(ti_kexs, " (%s)", val_to_str(tvb_get_ntohl(tvb, tag_offset_start + tag_offset), tag_kexs_vals, "Unknown"));
proto_item_append_text(ti_tag, ", %s", val_to_str(tvb_get_ntohl(tvb, tag_offset_start + tag_offset), tag_kexs_vals, "Unknown"));
tag_offset += 4;
tag_len -= 4;
}
break;
case TAG_OBIT:
proto_tree_add_item(tag_tree, hf_quic_tag_obit, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_EXPY:
proto_tree_add_item(tag_tree, hf_quic_tag_expy, tvb, tag_offset_start + tag_offset, 8, ENC_LITTLE_ENDIAN);
tag_offset += 8;
tag_len -= 8;
break;
case TAG_NONC:
/*TODO: Enhance display: 32 bytes consisting of 4 bytes of timestamp (big-endian, UNIX epoch seconds), 8 bytes of server orbit and 20 bytes of random data. */
proto_tree_add_item(tag_tree, hf_quic_tag_nonc, tvb, tag_offset_start + tag_offset, 32, ENC_NA);
tag_offset += 32;
tag_len -= 32;
break;
case TAG_MSPC:
proto_tree_add_item(tag_tree, hf_quic_tag_mspc, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti_tag, ": %u", tvb_get_letohl(tvb, tag_offset_start + tag_offset));
tag_offset += 4;
tag_len -= 4;
break;
case TAG_TCID:
proto_tree_add_item(tag_tree, hf_quic_tag_tcid, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
tag_offset += 4;
tag_len -= 4;
break;
case TAG_SRBF:
proto_tree_add_item(tag_tree, hf_quic_tag_srbf, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
tag_offset += 4;
tag_len -= 4;
break;
case TAG_ICSL:
proto_tree_add_item(tag_tree, hf_quic_tag_icsl, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
tag_offset += 4;
tag_len -= 4;
break;
case TAG_SCLS:
proto_tree_add_item(tag_tree, hf_quic_tag_scls, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
tag_offset += 4;
tag_len -= 4;
break;
case TAG_COPT:
if(tag_len){
proto_tree_add_item(tag_tree, hf_quic_tag_copt, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
tag_offset += 4;
tag_len -= 4;
}
break;
case TAG_CCRT:
proto_tree_add_item(tag_tree, hf_quic_tag_ccrt, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_IRTT:
proto_tree_add_item(tag_tree, hf_quic_tag_irtt, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti_tag, ": %u", tvb_get_letohl(tvb, tag_offset_start + tag_offset));
tag_offset += 4;
tag_len -= 4;
break;
case TAG_CFCW:
proto_tree_add_item(tag_tree, hf_quic_tag_cfcw, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti_tag, ": %u", tvb_get_letohl(tvb, tag_offset_start + tag_offset));
tag_offset += 4;
tag_len -= 4;
break;
case TAG_SFCW:
proto_tree_add_item(tag_tree, hf_quic_tag_sfcw, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti_tag, ": %u", tvb_get_letohl(tvb, tag_offset_start + tag_offset));
tag_offset += 4;
tag_len -= 4;
break;
case TAG_CETV:
proto_tree_add_item(tag_tree, hf_quic_tag_cetv, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_XLCT:
proto_tree_add_item(tag_tree, hf_quic_tag_xlct, tvb, tag_offset_start + tag_offset, 8, ENC_NA);
tag_offset += 8;
tag_len -= 8;
break;
case TAG_NONP:
proto_tree_add_item(tag_tree, hf_quic_tag_nonp, tvb, tag_offset_start + tag_offset, 32, ENC_NA);
tag_offset += 32;
tag_len -= 32;
break;
case TAG_CSCT:
proto_tree_add_item(tag_tree, hf_quic_tag_csct, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
tag_offset += tag_len;
tag_len -= tag_len;
break;
case TAG_CTIM:
proto_tree_add_item(tag_tree, hf_quic_tag_ctim, tvb, tag_offset_start + tag_offset, 8, ENC_TIME_TIMESPEC);
tag_offset += 8;
tag_len -= 8;
break;
case TAG_RNON: /* Public Reset Tag */
proto_tree_add_item(tag_tree, hf_quic_tag_rnon, tvb, tag_offset_start + tag_offset, 8, ENC_LITTLE_ENDIAN);
tag_offset += 8;
tag_len -= 8;
break;
case TAG_RSEQ: /* Public Reset Tag */
proto_tree_add_item(tag_tree, hf_quic_tag_rseq, tvb, tag_offset_start + tag_offset, 8, ENC_LITTLE_ENDIAN);
tag_offset += 8;
tag_len -= 8;
break;
case TAG_CADR: /* Public Reset Tag */{
guint32 addr_type;
proto_tree_add_item_ret_uint(tag_tree, hf_quic_tag_cadr_addr_type, tvb, tag_offset_start + tag_offset, 2, ENC_LITTLE_ENDIAN, &addr_type);
tag_offset += 2;
tag_len -= 2;
switch(addr_type){
case 2: /* IPv4 */
proto_tree_add_item(tag_tree, hf_quic_tag_cadr_addr_ipv4, tvb, tag_offset_start + tag_offset, 4, ENC_NA);
tag_offset += 4;
tag_len -= 4;
break;
case 10: /* IPv6 */
proto_tree_add_item(tag_tree, hf_quic_tag_cadr_addr_ipv6, tvb, tag_offset_start + tag_offset, 16, ENC_NA);
tag_offset += 16;
tag_len -= 16;
break;
default: /* Unknown */
proto_tree_add_item(tag_tree, hf_quic_tag_cadr_addr, tvb, tag_offset_start + tag_offset, tag_len - 2 - 2, ENC_NA);
tag_offset += tag_len + 2 + 2 ;
tag_len -= tag_len - 2 - 2;
break;
}
proto_tree_add_item(tag_tree, hf_quic_tag_cadr_port, tvb, tag_offset_start + tag_offset, 2, ENC_LITTLE_ENDIAN);
tag_offset += 2;
tag_len -= 2;
}
break;
case TAG_MIDS:
proto_tree_add_item(tag_tree, hf_quic_tag_mids, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti_tag, ": %u", tvb_get_letohl(tvb, tag_offset_start + tag_offset));
tag_offset += 4;
tag_len -= 4;
break;
case TAG_FHOL:
proto_tree_add_item(tag_tree, hf_quic_tag_fhol, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti_tag, ": %u", tvb_get_letohl(tvb, tag_offset_start + tag_offset));
tag_offset += 4;
tag_len -= 4;
break;
case TAG_STTL:
proto_tree_add_item(tag_tree, hf_quic_tag_sttl, tvb, tag_offset_start + tag_offset, 8, ENC_LITTLE_ENDIAN);
tag_offset += 8;
tag_len -= 8;
break;
case TAG_SMHL:
proto_tree_add_item(tag_tree, hf_quic_tag_smhl, tvb, tag_offset_start + tag_offset, 4, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti_tag, ": %u", tvb_get_letohl(tvb, tag_offset_start + tag_offset));
tag_offset += 4;
tag_len -= 4;
break;
case TAG_TBKP:
proto_tree_add_item_ret_string(tag_tree, hf_quic_tag_tbkp, tvb, tag_offset_start + tag_offset, 4, ENC_ASCII|ENC_NA, wmem_packet_scope(), &tag_str);
proto_item_append_text(ti_tag, ": %s", tag_str);
tag_offset += 4;
tag_len -= 4;
break;
default:
proto_tree_add_item(tag_tree, hf_quic_tag_unknown, tvb, tag_offset_start + tag_offset, tag_len, ENC_NA);
@ -1667,14 +1619,12 @@ dissect_quic_tag(tvbuff_t *tvb, packet_info *pinfo, proto_tree *quic_tree, guint
" %s (%s) code not implemented, Contact"
" Wireshark developers if you want this supported", tvb_get_string_enc(wmem_packet_scope(), tvb, offset-8, 4, ENC_ASCII|ENC_NA), val_to_str(tag, tag_vals, "Unknown"));
tag_offset += tag_len;
tag_len -= tag_len;
break;
}
if(tag_len){
if(tag_offset != offset_end){
/* Wrong Tag len... */
proto_tree_add_expert(tag_tree, pinfo, &ei_quic_tag_unknown, tvb, tag_offset_start + tag_offset, tag_len);
tag_offset += tag_len;
tag_len -= tag_len;
tag_offset = offset_end;
}
tag_number--;