aboutsummaryrefslogtreecommitdiffstats
path: root/epan/dissectors/packet-mpeg-descriptor.c
diff options
context:
space:
mode:
authorMichael Mann <mmann78@netscape.net>2016-12-22 17:54:35 -0500
committerMichael Mann <mmann78@netscape.net>2017-01-29 04:10:36 +0000
commit4de1983b6db70dfba9edac08aef8df67641ac4eb (patch)
tree7ffcc82536554ba6651305d50490078acc8f9caa /epan/dissectors/packet-mpeg-descriptor.c
parent55703ad80dfed25db348796c7257827e0765779b (diff)
Bugfix MPEG descriptor Logon Initialize Descriptor tag.
Do length checks in case not all fields are present to prevent malformed packets. Bug: 13237 Change-Id: Ie7cc3006fa33f1dedeffb09a4f35adb8dee8e9f6 Ping-Bug: 13238 Reviewed-on: https://code.wireshark.org/review/19390 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Martin Kaiser <wireshark@kaiser.cx> Reviewed-by: Michael Mann <mmann78@netscape.net>
Diffstat (limited to 'epan/dissectors/packet-mpeg-descriptor.c')
-rw-r--r--epan/dissectors/packet-mpeg-descriptor.c118
1 files changed, 65 insertions, 53 deletions
diff --git a/epan/dissectors/packet-mpeg-descriptor.c b/epan/dissectors/packet-mpeg-descriptor.c
index 73d8b8c4fc..9dc1df46fa 100644
--- a/epan/dissectors/packet-mpeg-descriptor.c
+++ b/epan/dissectors/packet-mpeg-descriptor.c
@@ -2664,75 +2664,87 @@ proto_mpeg_descriptor_dissect_logon_initialize(tvbuff_t *tvb, guint offset, guin
guint8 flags;
guint16 flags2;
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_group_id, tvb, offset, 1, ENC_BIG_ENDIAN);
- offset += 1;
+ if (len >= 1)
+ {
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_group_id, tvb, offset, 1, ENC_BIG_ENDIAN);
+ offset += 1;
+ }
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_logon_id, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
+ if (len >= 3)
+ {
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_logon_id, tvb, offset, 2, ENC_BIG_ENDIAN);
+ offset += 2;
+ }
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_continuous_carrier_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_continuous_carrier, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_security_handshake_required, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_prefix_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_data_unit_labelling_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_mini_slot_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_contention_based_mini_slot_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
- offset += 1;
+ if (len >= 4)
+ {
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_continuous_carrier_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_continuous_carrier, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_security_handshake_required, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_prefix_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_data_unit_labelling_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_mini_slot_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_contention_based_mini_slot_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
+ offset += 1;
+ }
- flags = tvb_get_guint8(tvb, offset);
+ if (len >= 5)
+ {
+ flags = tvb_get_guint8(tvb, offset);
+
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_capacity_type_flag_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_capacity_type_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_traffic_burst_type, tvb, offset, 1, ENC_BIG_ENDIAN);
+ if (flags & MPEG_DESCR_LOGON_INITIALIZE_TRAFFIC_BURST_TYPE_MASK) {
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_connectivity, tvb, offset, 2, ENC_BIG_ENDIAN);
+ flags2 = tvb_get_ntohs(tvb, offset);
+ if (flags2 & MPEG_DESCR_LOGON_INITIALIZE_CONNECTIVITY_MASK) {
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_signalling_vpi_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_signalling_vpi, tvb, offset, 1, ENC_BIG_ENDIAN);
+ offset += 1;
+
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_signalling_vci, tvb, offset, 2, ENC_BIG_ENDIAN);
+ offset += 2;
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_capacity_type_flag_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_capacity_type_flag, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_traffic_burst_type, tvb, offset, 1, ENC_BIG_ENDIAN);
- if (flags & MPEG_DESCR_LOGON_INITIALIZE_TRAFFIC_BURST_TYPE_MASK) {
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_connectivity, tvb, offset, 2, ENC_BIG_ENDIAN);
- flags2 = tvb_get_ntohs(tvb, offset);
- if (flags2 & MPEG_DESCR_LOGON_INITIALIZE_CONNECTIVITY_MASK) {
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_signalling_vpi_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_signalling_vpi, tvb, offset, 1, ENC_BIG_ENDIAN);
- offset += 1;
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_forward_signalling_vpi_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_forward_signalling_vpi, tvb, offset, 1, ENC_BIG_ENDIAN);
+ offset += 1;
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_signalling_vci, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_forward_signalling_vci, tvb, offset, 2, ENC_BIG_ENDIAN);
+ offset += 2;
+ } else {
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_vpi_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_vpi, tvb, offset, 1, ENC_BIG_ENDIAN);
+ offset += 1;
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_forward_signalling_vpi_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_forward_signalling_vpi, tvb, offset, 1, ENC_BIG_ENDIAN);
- offset += 1;
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_vci, tvb, offset, 2, ENC_BIG_ENDIAN);
+ offset += 2;
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_forward_signalling_vci, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
+ }
} else {
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_vpi_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_vpi, tvb, offset, 1, ENC_BIG_ENDIAN);
- offset += 1;
-
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_vci, tvb, offset, 2, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_trf_pid, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_ctrl_mngm_pid_reserved, tvb, offset, 2, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_ctrl_mngm_pid, tvb, offset, 2, ENC_BIG_ENDIAN);
+ offset += 2;
}
- } else {
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_trf_pid, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_ctrl_mngm_pid_reserved, tvb, offset, 2, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_return_ctrl_mngm_pid, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
- }
-
- if ((offset < end) && (flags & MPEG_DESCR_LOGON_INITIALIZE_CAPACITY_TYPE_FLAG_MASK)) {
+ if ((offset < end) && (flags & MPEG_DESCR_LOGON_INITIALIZE_CAPACITY_TYPE_FLAG_MASK)) {
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_cra_level, tvb, offset, 3, ENC_BIG_ENDIAN);
- offset += 3;
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_cra_level, tvb, offset, 3, ENC_BIG_ENDIAN);
+ offset += 3;
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_vbdc_max_reserved, tvb, offset, 2, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_vbdc_max, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_vbdc_max_reserved, tvb, offset, 2, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_vbdc_max, tvb, offset, 2, ENC_BIG_ENDIAN);
+ offset += 2;
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_rbdc_max, tvb, offset, 3, ENC_BIG_ENDIAN);
- offset += 3;
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_rbdc_max, tvb, offset, 3, ENC_BIG_ENDIAN);
+ offset += 3;
- proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_rbdc_timeout, tvb, offset, 2, ENC_BIG_ENDIAN);
- /*offset += 2;*/
+ proto_tree_add_item(tree, hf_mpeg_descr_logon_initialize_rbdc_timeout, tvb, offset, 2, ENC_BIG_ENDIAN);
+ /*offset += 2;*/
+ }
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-28 02:47:42 +0000