Catch ReportedBoundsError exceptions when dissecting an RPC-over-TCP

call/reply, and report the error but don't re-throw the exception; that way, we can continue to dissect additional RPC messages in the frame or reassembled chunk of data, even if one of them happens to be too short for what's in it. svn path=/trunk/; revision=4491
2002-01-07 00:59:26 +00:00 · 2002-01-07 00:59:26 +00:00 · 7849c3c4f9
parent 56a9c7ba63
commit 7849c3c4f9
1 changed files with 39 additions and 8 deletions
--- a/packet-rpc.c
+++ b/packet-rpc.c
@ -2,7 +2,7 @@
 * Routines for rpc dissection
 * Copyright 1999, Uwe Girlich <Uwe.Girlich@philosys.de>
 * 
- * $Id: packet-rpc.c,v 1.78 2001/12/28 20:18:45 guy Exp $
+ * $Id: packet-rpc.c,v 1.79 2002/01/07 00:59:26 guy Exp $
 * 
 * Ethereal - Network traffic analyzer
 * By Gerald Combs <gerald@ethereal.com>
@ -40,6 +40,7 @@
 #include "packet.h"
 #include "conversation.h"
 #include "packet-rpc.h"
+#include "packet-frame.h"
 #include "prefs.h"

 /*
@ -1464,7 +1465,7 @@ dissect_rpc_message(tvbuff_t *tvb, int offset, packet_info *pinfo,
 		   We already have the message type.
 		   Check whether an RPC version number of 2 is in the
 		   location where it would be, and that an RPC program
-		   number we know about is in the locaton where it would be. */
+		   number we know about is in the location where it would be. */
 		rpc_prog_key.prog = tvb_get_ntohl(tvb, offset + 12);
 		if (tvb_get_ntohl(tvb, offset + 8) != 2 ||
 		    ((rpc_prog = g_hash_table_lookup(rpc_progs, &rpc_prog_key))
@ -2104,12 +2105,14 @@ static rpc_tcp_return_t
 dissect_rpc_tcp_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
    gboolean is_heur)
 {
-	int offset = 0;
+	volatile int offset = 0;
 	guint32 rpc_rm;
-	gboolean saw_rpc = FALSE;
-	gint32 len, seglen;
+	volatile gboolean saw_rpc = FALSE;
+	volatile gint32 len;
+	gint32 seglen;
 	gint tvb_len, tvb_reported_len;
 	tvbuff_t *msg_tvb;
+	const char *saved_proto;

 	while (tvb_reported_length_remaining(tvb, offset) != 0) {
 		/*
@ -2177,9 +2180,37 @@ dissect_rpc_tcp_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
 			tvb_reported_len = len;
 		msg_tvb = tvb_new_subset(tvb, offset, tvb_len,
 		    tvb_reported_len);
-		if (!dissect_rpc_message(msg_tvb, 4, pinfo, tree,
-		    TRUE, rpc_rm))
-			break;
+
+		/*
+		 * Catch the ReportedBoundsError exception; if this
+		 * particular message happens to get a ReportedBoundsError
+		 * exception, that doesn't mean that we should stop
+		 * dissecting RPC messages within this frame or chunk
+		 * of reassembled data.
+		 *
+		 * If it gets a BoundsError, we can stop, as there's
+		 * nothing more to see, so we just re-throw it.
+		 */
+		saved_proto = pinfo->current_proto;
+		TRY {
+			if (!dissect_rpc_message(msg_tvb, 4, pinfo, tree,
+			    TRUE, rpc_rm))
+				break;
+		}
+		CATCH(BoundsError) {
+			RETHROW;
+		}
+		CATCH(ReportedBoundsError) {
+			if (check_col(pinfo->cinfo, COL_INFO)) {
+				col_append_str(pinfo->cinfo, COL_INFO,
+				    "[Malformed Packet]");
+			}
+			proto_tree_add_protocol_format(tree, proto_malformed,
+			    tvb, 0, 0, "[Malformed Packet: %s]",
+			    pinfo->current_proto );
+			pinfo->current_proto = saved_proto;
+		}
+		ENDTRY;
 		offset += len;
 		saw_rpc = TRUE;
 	}