diff options
| author | Anders Broman <anders.broman@ericsson.com> | 2012-04-27 14:13:06 +0000 |
|---|---|---|
| committer | Anders Broman <anders.broman@ericsson.com> | 2012-04-27 14:13:06 +0000 |
| commit | 8a4268505be06aea5a5a419ff8ec780801c5d0ca (patch) | |
| tree | 5fca20181603922be001dd607bc7224bdd997744 /plugins/ethercat/packet-ams.c | |
| parent | 31f6e7e35d68778c58b2ce6a3a45a04f6271f7ac (diff) | |
Fix Malformed packet AMS for Read Device Info Read State Request.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6710
check if data exists.
svn path=/trunk/; revision=42292
Diffstat (limited to 'plugins/ethercat/packet-ams.c')
| -rw-r--r-- | plugins/ethercat/packet-ams.c | 28 |
1 files changed, 25 insertions, 3 deletions
diff --git a/plugins/ethercat/packet-ams.c b/plugins/ethercat/packet-ams.c index 228c4e6d12..d78ba56905 100644 --- a/plugins/ethercat/packet-ams.c +++ b/plugins/ethercat/packet-ams.c @@ -361,6 +361,26 @@ static const value_string AdsErrorMode[] = { 0, NULL } }; + +/* AMS Command Id + * http://infosys.beckhoff.com/english.php?content=../content/1033/tcadsamsspec/html/tcadsamsspec_adscmd_readstate.htm&id=10652 + */ +static const value_string AMS_CommandId_vals[] = +{ + { ADSSRVID_INVALID, "Invalid", }, + { ADSSRVID_READDEVICEINFO, "ADS Read Device Info", }, + { ADSSRVID_READ, "ADS Read", }, + { ADSSRVID_WRITE, "ADS Write", }, + { ADSSRVID_READSTATE, "ADS Read State", }, + { ADSSRVID_WRITECTRL, "ADS Write Control", }, + { ADSSRVID_ADDDEVICENOTE, "ADS Add Device Notification", }, + { ADSSRVID_DELDEVICENOTE, "ADS Delete Device Notification", }, + { ADSSRVID_DEVICENOTE, "ADS Device Notification", }, + { ADSSRVID_READWRITE, "ADS Read Write", }, + { 0, NULL } +}; + + static void NetIdFormater(tvbuff_t *tvb, guint offset, char *szText, gint nMax) { g_snprintf ( szText, nMax, "%d.%d.%d.%d.%d.%d", tvb_get_guint8(tvb, offset), @@ -383,6 +403,7 @@ static gint dissect_ams(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) guint ams_length = tvb_reported_length(tvb); guint16 stateflags = 0; guint16 cmdId = 0; + guint32 cbdata = 0; char szText[200]; int nMax = sizeof(szText)-1; @@ -441,6 +462,7 @@ static gint dissect_ams(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) offset+=sizeof(guint16); proto_tree_add_item(ams_tree, hf_ams_cbdata, tvb, offset, sizeof(guint32), ENC_LITTLE_ENDIAN); + cbdata = tvb_get_letohl(tvb,offset); offset+=sizeof(guint32); proto_tree_add_item(ams_tree, hf_ams_errorcode, tvb, offset, sizeof(guint32),ENC_LITTLE_ENDIAN); @@ -539,7 +561,7 @@ static gint dissect_ams(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { col_append_str(pinfo->cinfo, COL_INFO, "ADS Read State Request"); - if( tree ) + if( tree && cbdata !=0 ) { anItem = proto_tree_add_item(ams_tree, hf_ams_adsreadstaterequest, tvb, offset, ams_length-offset, ENC_NA); if( ams_length-offset >= TAdsReadStateReq_Len ) @@ -578,7 +600,7 @@ static gint dissect_ams(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { col_append_str(pinfo->cinfo, COL_INFO, "ADS Read Device Info Request"); - if( tree ) + if( tree && cbdata !=0 ) { anItem = proto_tree_add_item(ams_tree, hf_ams_adsreaddinforequest, tvb, offset, ams_length-offset, ENC_NA); if( ams_length-offset >= TAdsReadDeviceInfoReq_Len ) @@ -865,7 +887,7 @@ void proto_register_ams(void) }, { &hf_ams_cmdid, { "CmdId", "ams.cmdid", - FT_UINT16, BASE_DEC, NULL, 0x0, + FT_UINT16, BASE_DEC, VALS(AMS_CommandId_vals), 0x0, NULL, HFILL } }, { &hf_ams_stateflags, |