osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

GSM over IP: Require a valid message type for dissection. 

Protects against some false positives because by default GSM over IP
claims some "frequently used" ports.

Change-Id: I94736ecef8ac1422bb330a364a3f77edd9a52a2b
Reviewed-on: https://code.wireshark.org/review/31265
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
Michael Mann 2018-12-30 11:19:13 -05:00 committed by Anders Broman
parent a88d60509d
commit 080ff63a00
1 changed files with 24 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
epan/dissectors/packet-gsm_ipa.c
View File

@ -112,12 +112,12 @@ static dissector_table_t osmo_dissector_table;
static const value_string ipa_protocol_vals[] = { static const value_string ipa_protocol_vals[] = {
{ 0x00, "RSL" }, { 0x00, "RSL" },
{ 0xdd, "HSL Debug" }, { HSL_DEBUG, "HSL Debug" },
{ 0xee, "OSMO EXT" }, { OSMO_EXT, "OSMO EXT" },
{ 0xfc, "MGCP (old)" }, { IPA_MGCP, "MGCP (old)" },
{ 0xfd, "SCCP" }, { AIP_SCCP, "SCCP" },
{ 0xfe, "IPA" }, { ABISIP_IPACCESS, "IPA" },
{ 0xff, "OML" }, { ABISIP_OML, "OML" },
{ 0, NULL } { 0, NULL }
}; };
@ -259,12 +259,22 @@ dissect_osmo(tvbuff_t *tvb, packet_info *pinfo, proto_tree *ipatree, proto_tree
/* Code to actually dissect the packets */ /* Code to actually dissect the packets */
static void static gboolean
dissect_ipa(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolean is_udp) dissect_ipa(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolean is_udp)
{ {
gint remaining; gint remaining;
gint header_length = 3; gint header_length = 3;
int offset = 0; int offset = 0;
guint16 len, msg_type;
if (tvb_reported_length(tvb) < 4)
return FALSE;
//sanity check the message type
msg_type = tvb_get_guint8(tvb, 2);
if ((try_val_to_str(msg_type, ipa_protocol_vals) == NULL) &&
(msg_type >= ABISIP_RSL_MAX))
return FALSE;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "IPA"); col_set_str(pinfo->cinfo, COL_PROTOCOL, "IPA");
col_clear(pinfo->cinfo, COL_INFO); col_clear(pinfo->cinfo, COL_INFO);
@ -272,7 +282,6 @@ dissect_ipa(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolean is_udp
while ((remaining = tvb_reported_length_remaining(tvb, offset)) > 0) { while ((remaining = tvb_reported_length_remaining(tvb, offset)) > 0) {
proto_item *ti; proto_item *ti;
proto_tree *ipa_tree = NULL; proto_tree *ipa_tree = NULL;
guint16 len, msg_type;
tvbuff_t *next_tvb; tvbuff_t *next_tvb;
len = tvb_get_ntohs(tvb, offset); len = tvb_get_ntohs(tvb, offset);
@ -345,19 +354,24 @@ dissect_ipa(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolean is_udp
} }
offset += len + header_length; offset += len + header_length;
} }
return TRUE;
} }
static int static int
dissect_ipa_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) dissect_ipa_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
{ {
dissect_ipa(tvb, pinfo, tree, FALSE); if (!dissect_ipa(tvb, pinfo, tree, FALSE))
return 0;
return tvb_captured_length(tvb); return tvb_captured_length(tvb);
} }
static int static int
dissect_ipa_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) dissect_ipa_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
{ {
dissect_ipa(tvb, pinfo, tree, TRUE); if (!dissect_ipa(tvb, pinfo, tree, TRUE))
return 0;
return tvb_captured_length(tvb); return tvb_captured_length(tvb);
} }