From e2c0d132e10921d997a16728ac255a09a78e862a Mon Sep 17 00:00:00 2001 From: Gerald Combs Date: Wed, 20 May 2009 15:50:40 +0000 Subject: From Jakub Zawadzki via bug 3421: e_ip->ip_ttl is currently always set to 0, in attachment fix. I also (in same patch, sorry) submit cleanup to use ep_alloc() instead of static e_ip buffers, I didn't test it, but I hope it's ok. There's note about static buffers in doc/README.tapping, which should also be updated, but I don't feel so good with my English :) From me: Rename e_ip to ws_ip. Update the static buffers note in README.tapping. svn path=/trunk/; revision=28425 --- doc/README.tapping | 17 +++++++---------- epan/dissectors/packet-ip.c | 19 ++++++------------- epan/dissectors/packet-ip.h | 4 ++-- gtk/conversations_ip.c | 2 +- gtk/hostlist_ip.c | 2 +- tap-iousers.c | 2 +- 6 files changed, 18 insertions(+), 28 deletions(-) diff --git a/doc/README.tapping b/doc/README.tapping index 0833cd69d6..f437ed71e7 100644 --- a/doc/README.tapping +++ b/doc/README.tapping @@ -173,16 +173,13 @@ same packet, you will have to make sure that each instance of tap_queue_packet() is using its own instance of private struct variable so they don't overwrite each other. -See packet-ip.c which has a simple solution to the problem. It just -uses a static struct of 4 instances of the ip header struct and -cycles through them each time the dissector is called. -4 is just a number taken out of the blue but it should be enough for most -cases. -Of course, if someone would generate a capture with IP encapsulated -over IP over IP over IP over IP, so that there would be more than 4 IP headers -in the same packet, yes then this would fail. The likelihood of this -happening in real life is probably very low. If it turns out to be a problem -we can just increase the cycle length when that happens. +See packet-ip.c which has a simple solution to the problem. It creates +a unique instance of the IP header using ep_alloc(). +Previous versions used a static struct of 4 instances of the IP header +struct and cycled through them each time the dissector was called. (4 +was just a number taken out of the blue but it should be enough for most +cases.) This would fail if there were more than 4 IP headers in the same +packet, but that was unlikely. TIPS diff --git a/epan/dissectors/packet-ip.c b/epan/dissectors/packet-ip.c index 55898d851c..58e1249288 100644 --- a/epan/dissectors/packet-ip.c +++ b/epan/dissectors/packet-ip.c @@ -1376,23 +1376,16 @@ dissect_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) tvbuff_t *next_tvb; gboolean update_col_info = TRUE; gboolean save_fragmented; - static e_ip eip_arr[4]; - static int eip_current=0; - e_ip *iph; + ws_ip *iph; const guchar *src_addr, *dst_addr; guint32 src32, dst32; - int ttl; proto_tree *tree; proto_item *item, *ttl_item; proto_tree *checksum_tree; tree=parent_tree; - eip_current++; - if(eip_current==4){ - eip_current=0; - } - iph=&eip_arr[eip_current]; + iph=ep_alloc(sizeof(ws_ip)); if (check_col(pinfo->cinfo, COL_PROTOCOL)) col_set_str(pinfo->cinfo, COL_PROTOCOL, "IP"); @@ -1526,7 +1519,7 @@ dissect_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) (iph->ip_off & IP_OFFSET)*8); } - ttl = tvb_get_guint8(tvb, offset + 8); + iph->ip_ttl = tvb_get_guint8(tvb, offset + 8); if (tree) { ttl_item = proto_tree_add_item(ip_tree, hf_ip_ttl, tvb, offset + 8, 1, FALSE); } else { @@ -1620,12 +1613,12 @@ dissect_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) * (e.g. 224.0.0.0/4). */ if (is_a_local_network_control_block_addr(dst32)) { - if (ttl != 1) { + if (iph->ip_ttl != 1) { expert_add_info_format(pinfo, ttl_item, PI_SEQUENCE, PI_NOTE, "\"Time To Live\" > 1 for a packet sent to the Local Network Control Block (see RFC 3171)"); } - } else if (!is_a_multicast_addr(dst32) && ttl < 5) { - expert_add_info_format(pinfo, ttl_item, PI_SEQUENCE, PI_NOTE, "\"Time To Live\" only %u", ttl); + } else if (!is_a_multicast_addr(dst32) && iph->ip_ttl < 5) { + expert_add_info_format(pinfo, ttl_item, PI_SEQUENCE, PI_NOTE, "\"Time To Live\" only %u", iph->ip_ttl); } if (tree) { diff --git a/epan/dissectors/packet-ip.h b/epan/dissectors/packet-ip.h index 256a414d09..4ce89d02e8 100644 --- a/epan/dissectors/packet-ip.h +++ b/epan/dissectors/packet-ip.h @@ -26,7 +26,7 @@ #ifndef __PACKET_IP_H__ #define __PACKET_IP_H__ -typedef struct _e_ip +typedef struct _ws_ip { guint8 ip_v_hl; /* combines ip_v and ip_hl */ guint8 ip_tos; @@ -38,7 +38,7 @@ typedef struct _e_ip guint16 ip_sum; address ip_src; address ip_dst; -} e_ip; +} ws_ip; void capture_ip(const guchar *, int, int, packet_counts *); diff --git a/gtk/conversations_ip.c b/gtk/conversations_ip.c index 3a6f79860c..2a47be9291 100644 --- a/gtk/conversations_ip.c +++ b/gtk/conversations_ip.c @@ -48,7 +48,7 @@ static int ip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip) { - const e_ip *iph=vip; + const ws_ip *iph=vip; add_conversation_table_data((conversations_table *)pct, &iph->ip_src, &iph->ip_dst, 0, 0, 1, pinfo->fd->pkt_len, &pinfo->fd->rel_ts, SAT_NONE, PT_NONE); diff --git a/gtk/hostlist_ip.c b/gtk/hostlist_ip.c index 29923ba63d..a5a18758eb 100644 --- a/gtk/hostlist_ip.c +++ b/gtk/hostlist_ip.c @@ -51,7 +51,7 @@ static int ip_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip) { hostlist_table *hosts=(hostlist_table *)pit; - const e_ip *iph=vip; + const ws_ip *iph=vip; /* Take two "add" passes per packet, adding for each direction, ensures that all packets are counted properly (even if address is sending to itself) diff --git a/tap-iousers.c b/tap-iousers.c index d347fd39fa..21d5af761a 100644 --- a/tap-iousers.c +++ b/tap-iousers.c @@ -253,7 +253,7 @@ static int iousers_ip_packet(void *arg, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip) { io_users_t *iu=arg; - const e_ip *iph=vip; + const ws_ip *iph=vip; const address *addr1, *addr2; io_users_item_t *iui; -- cgit v1.2.3