diff options
| author | Anthony Coddington <anthony.coddington@endace.com> | 2016-04-05 18:19:59 +1200 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2016-05-12 01:46:31 +0000 |
| commit | 5b61e9e4846971655c475b15d4e662b4d59c1f16 (patch) | |
| tree | a5bbbd9bc9c7589809c9d9b56076b7c5fadbb296 /wiretap/pcap-common.c | |
| parent | 790dab15681ed75f21f470be693aad831a6af768 (diff) | |
pcap-common: Fix several serious ENCAP_ERF extension header writing issues
Write ERF subheader after extension headers, especially important for Ethernet
(other types predate extension headers for the most part).
Add missing ERF_TYPE_MC_AAL2 and ERF_TYPE_COLOR_HASH_ETH.
Truncate final ERF extension header when too many. Rlen is not currently
adjusted so may be incorrect (see followup patch). Existing tools generally
check against PCAP incl_len anyway as there are other scenarios where this can
happen like naive snapping or Wireshark ERF-to-PCAP.
Properly fixing this will involve getting rid of the ERF pseudoheader.
Consistent with the ERF wiretap (except for different padding behaviour).
Bug: 3606
Change-Id: I6086cbc3fef948586fbad6f585f648d99adfff4f
Reviewed-on: https://code.wireshark.org/review/15358
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'wiretap/pcap-common.c')
| -rw-r--r-- | wiretap/pcap-common.c | 37 |
1 files changed, 29 insertions, 8 deletions
diff --git a/wiretap/pcap-common.c b/wiretap/pcap-common.c index 297387af07..252672acd6 100644 --- a/wiretap/pcap-common.c +++ b/wiretap/pcap-common.c @@ -1487,6 +1487,7 @@ pcap_read_erf_subheader(FILE_T fh, union wtap_pseudo_header *pseudo_header, case ERF_TYPE_MC_ATM: case ERF_TYPE_MC_RAW_CHANNEL: case ERF_TYPE_MC_AAL5: + case ERF_TYPE_MC_AAL2: case ERF_TYPE_COLOR_MC_HDLC_POS: /* Extract the Multi Channel header to include it in the pseudo header part */ if (!wtap_read_bytes(fh, erf_subhdr, sizeof(erf_mc_header_t), err, err_info)) @@ -1494,7 +1495,7 @@ pcap_read_erf_subheader(FILE_T fh, union wtap_pseudo_header *pseudo_header, pseudo_header->erf.subhdr.mc_hdr = pntoh32(&erf_subhdr[0]); *psize = sizeof(erf_mc_header_t); break; - case ERF_TYPE_MC_AAL2: + case ERF_TYPE_AAL2: /* Extract the AAL2 header to include it in the pseudo header part */ if (!wtap_read_bytes(fh, erf_subhdr, sizeof(erf_aal2_header_t), err, err_info)) return FALSE; @@ -1504,6 +1505,7 @@ pcap_read_erf_subheader(FILE_T fh, union wtap_pseudo_header *pseudo_header, case ERF_TYPE_ETH: case ERF_TYPE_COLOR_ETH: case ERF_TYPE_DSM_COLOR_ETH: + case ERF_TYPE_COLOR_HASH_ETH: /* Extract the Ethernet additional header to include it in the pseudo header part */ if (!wtap_read_bytes(fh, erf_subhdr, sizeof(erf_eth_header_t), err, err_info)) return FALSE; @@ -1936,10 +1938,14 @@ pcap_get_phdr_size(int encap, const union wtap_pseudo_header *pseudo_header) case ERF_TYPE_COLOR_MC_HDLC_POS: hdrsize += (int)sizeof(struct erf_mc_hdr); break; + case ERF_TYPE_AAL2: + hdrsize += (int)sizeof(struct erf_aal2_hdr); + break; case ERF_TYPE_ETH: case ERF_TYPE_COLOR_ETH: case ERF_TYPE_DSM_COLOR_ETH: + case ERF_TYPE_COLOR_HASH_ETH: hdrsize += (int)sizeof(struct erf_eth_hdr); break; @@ -1998,11 +2004,13 @@ pcap_write_phdr(wtap_dumper *wdh, int encap, const union wtap_pseudo_header *pse guint8 mtp2_hdr[MTP2_HDR_LEN]; guint8 sita_hdr[SITA_HDR_LEN]; guint8 erf_hdr[ sizeof(struct erf_mc_phdr)]; + guint8 erf_subhdr[sizeof(union erf_subhdr)]; struct i2c_file_hdr i2c_hdr; struct libpcap_bt_phdr bt_hdr; struct libpcap_bt_monitor_phdr bt_monitor_hdr; struct libpcap_ppp_phdr ppp_hdr; size_t size; + size_t subhdr_size = 0; switch (encap) { @@ -2122,19 +2130,21 @@ pcap_write_phdr(wtap_dumper *wdh, int encap, const union wtap_pseudo_header *pse case ERF_TYPE_MC_ATM: case ERF_TYPE_MC_RAW_CHANNEL: case ERF_TYPE_MC_AAL5: + case ERF_TYPE_MC_AAL2: case ERF_TYPE_COLOR_MC_HDLC_POS: - phtonl(&erf_hdr[16], pseudo_header->erf.subhdr.mc_hdr); - size += (int)sizeof(struct erf_mc_hdr); + phtonl(&erf_subhdr[0], pseudo_header->erf.subhdr.mc_hdr); + subhdr_size += (int)sizeof(struct erf_mc_hdr); break; - case ERF_TYPE_MC_AAL2: - phtonl(&erf_hdr[16], pseudo_header->erf.subhdr.aal2_hdr); - size += (int)sizeof(struct erf_aal2_hdr); + case ERF_TYPE_AAL2: + phtonl(&erf_subhdr[0], pseudo_header->erf.subhdr.aal2_hdr); + subhdr_size += (int)sizeof(struct erf_aal2_hdr); break; case ERF_TYPE_ETH: case ERF_TYPE_COLOR_ETH: case ERF_TYPE_DSM_COLOR_ETH: - memcpy(&erf_hdr[16], &pseudo_header->erf.subhdr.eth_hdr, sizeof pseudo_header->erf.subhdr.eth_hdr); - size += (int)sizeof(struct erf_eth_hdr); + case ERF_TYPE_COLOR_HASH_ETH: + memcpy(&erf_subhdr[0], &pseudo_header->erf.subhdr.eth_hdr, sizeof pseudo_header->erf.subhdr.eth_hdr); + subhdr_size += (int)sizeof(struct erf_eth_hdr); break; default: break; @@ -2154,12 +2164,23 @@ pcap_write_phdr(wtap_dumper *wdh, int encap, const union wtap_pseudo_header *pse do { phtonll(erf_exhdr, pseudo_header->erf.ehdr_list[i].ehdr); type = erf_exhdr[0]; + /* Clear more extension headers bit if > 8 */ + if(i == max-1) + erf_exhdr[0] = erf_exhdr[0] & 0x7F; + if (!wtap_dump_file_write(wdh, erf_exhdr, 8, err)) return FALSE; wdh->bytes_dumped += 8; i++; } while (type & 0x80 && i < max); } + + /* + * Now write out the subheader. + */ + if(!wtap_dump_file_write(wdh, erf_subhdr, subhdr_size, err)) + return FALSE; + wdh->bytes_dumped += subhdr_size; break; case WTAP_ENCAP_I2C: |