"If the bitstring is empty, there shall be no subsequent octets, and the initial octet shall be zero."
The BER dissector marked empty bitstrings as "Padding", but they are now marked as "Empty".
http://www.wireshark.org/lists/wireshark-dev/200702/msg00574.html
svn path=/trunk/; revision=20834
The problem was that when dissecting the set, if a sub-dissector didn't consume any bytes it was assumed that the correct field hadn't been matched.
This fix matches the field if the sub-dissector consumes no bytes and we know that the length of the field is zero. This is only allowed on the first pass when we are not matching ANYs.
I think this is a fairly safe fix - I've tried it with some other ASN.1
I've also changed dissect_ber_octet_string() to show the zero length fields in the dissection. This shows the fields as "<MISSING>" which is not quite the right explanation as the field is definitely present. Something like "<EMPTY>" or "<ZERO LENGTH>" may be better - but I'm not sure of the reasoning behind "<MISSING>".
svn path=/trunk/; revision=20429
Generally found within a file (.p12 or .pfx) or as a directory attribute (userPKCS12 from iNetOrgPerson).
Wiki page and sample file to follow.
svn path=/trunk/; revision=20416
A BER-encoded file can be dissected as one of a number of registered syntaxes (registered using register_ber_syntax_dissector()).
Syntaxes may also be associated with OIDs (or other strings) using register_ber_oid_syntax().
A default syntax with which to dissect a BER-encoded file is determined from its filename (extension). For example, ".cer" and ".crt" files will be dissected as "Certificate".
svn path=/trunk/; revision=20414
Handle the following type of construct
CDMATargetMAHOInformation ::= SEQUENCE {
targetCellID [3] IMPLICIT TargetCellID,
cdmaPilotStrength [65] IMPLICIT CDMAPilotStrength,
cdmaTargetOneWayDelay [61] IMPLICIT CDMATargetOneWayDelay
}
CDMATargetMAHOList ::= SEQUENCE OF [135] IMPLICIT CDMATargetMAHOInformation
ansi_map:
- Correct an Enummeration
- add Missing OPTIONAL to Tags
- Handle parameter if it's one or two octets long.
svn path=/trunk/; revision=20386
Introduce the support for "expert info" in the BER decoding module.
It is usefull if you have to analyze long capture files, containing few malformed messages.
With changes to make it compile with MSVC6.
svn path=/trunk/; revision=20152
*) Remove maximum LDAP PDU size check - they can get large with either large attributes (e.g. CRLs, SPIFs) or with lots of results (see http://www.wireshark.org/lists/wireshark-users/200610/msg00197.html). The max size preference is also removed.
*) Support for dissecting LDAP controls including server side sorting and paged results. A new BER function is introduced to see if there is a dissector for a given OID.
*) Remove reference to removed BER preference in the LDAP reassembly preference.
*) Mark a LDAPURL as a URL
svn path=/trunk/; revision=19792
Fix a bug introduced recently in packet-rpc.c.
Replace DISSECTOR_ASSERT() with THROW(ReportedBoundsError) in my recent
checkins, since fuzz-test.sh sets WIRESHARK_ABORT_ON_DISSECTOR_BUG.
svn path=/trunk/; revision=18693
ldap and ldap+sasl
remove a recent ber length validation in packet-ber.c that cant work and breaks reassembly and also makes all ber pacvket sspanning multiple segments show up as malformed packets.
svn path=/trunk/; revision=18465
use proto_tree_add_[u]int[8,16,24,32,64]() instread of proto_tree_add_item()
since BER integers may well be encoded in less bytes than the type requires.
(i do not think the old code with proto_tree_add_item() could have handleded negative values very well or at all.)
svn path=/trunk/; revision=17425
the choice dissector didnt sometimes use the correct next_tvb.
based on a bogus variable 'first_pass' that was added as a qad solution to some weird CMIP problem.
svn path=/trunk/; revision=17142
packet-ntp.c: Rather confused and incorrect use of g_snprintf return value
packet-pim.c: whitespace change
packet-icmpv6.c: g_snprintf takes trailing \0 into account, fix off by 1 error
packet-clnp.c: Fix incorrect use of g_snprintf return value
packet-isakmp.c: g_snprintf takes trailing \0 into account
packet-tr.c: Fix incorrect use of g_snprintf return value
packet-radius.c: Fix incorrect use of g_snprintf return value
packet-radius.h: constify a string variable
packet-ldap.c: The return value isn't needed, so don't use it incorrectly
packet-tcp.c: Fix incorrect use of g_snprintf return value
packet-windows-common.c: Remove unneeded DISSECTOR_ASSERT
packet-smb-sidsnooping.c: g_snprintf takes trailing \0 into account
packet-pvfs2.c: g_snprintf takes trailing \0 into account
packet-ptp.c: Remove #include snprintf
packet-ppp.c: Fix incorrect use of g_snprintf return value
packet-ospf.c: Fix incorrect use of g_snprintf return value
packet-mip6.c: snprintf -> g_snprintf
packet-bootp.c: Remove a commented out bad use of g_snprintf
packet-ber.c: snprintf -> g_snprintf, g_snprintf takes trailing \0 into account
2do:
52 packet-ieee80211.c: 2DO
2 packet-nfs.c: 2DO - too many side effects
33 packet-bgp.c: 2DO
18 packet-dns.c: 2DO
14 packet-dcm.c: 2DO
13 packet-x11.c: 2DO
11 packet-kerberos.c: 2DO
10 packet-diameter.c: 2DO
9 packet-snmp.c: 2DO
9 packet-pgm.c: 2DO
7 packet-nbns.c: 2DO
6 packet-fcswils.c: 2DO
5 packet-wccp.c: 2DO
5 packet-cops.c: 2DO
4 packet-wtp.c: 2DO
svn path=/trunk/; revision=17038
For OID fields of type FT_STRING, put back the code to append the OID
name. (Ultimately, we should probably convert them all to type FT_OID.)
svn path=/trunk/; revision=16734
Update a comment, and get rid of a commented-out unused variable.
Use "get_ber_identifier()" and "get_ber_length()", rather than
"dissect_ber_identifier()" and "dissect_ber_length()", if we're just
fetching the values, rather than dissecting them. As we're just
fetching the values, if we get an error, put the identifer and length
into the protocol tree (if we've enabled that) with
"dissect_ber_identifier()" and "dissect_ber_length()".
Properly declare class and tag variables as signed.
svn path=/trunk/; revision=16602
"call_ber_oid_callback()". (Arguably, the caller of
"call_ber_oid_callback()" should check for that, and report that a
presumably-required field is missing.)
svn path=/trunk/; revision=16544