diff options
author | Pascal Quantin <pascal.quantin@gmail.com> | 2013-09-08 21:10:36 +0000 |
---|---|---|
committer | Pascal Quantin <pascal.quantin@gmail.com> | 2013-09-08 21:10:36 +0000 |
commit | a6ae13dee97af192794a604f348a31b505926d47 (patch) | |
tree | 06bcd607342049eda2d55dabf84f5fa72014776b | |
parent | 54adc0d2ffe70561ffbe8b38a4bc36e33ef9ae0d (diff) |
Slightly different fix for https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9117 :
Check that tvb returned by dissect_per_bit_string is not null before trying to use it
svn path=/trunk/; revision=51846
-rw-r--r-- | asn1/atn-cpdlc/atn-cpdlc.cnf | 20 | ||||
-rw-r--r-- | asn1/atn-ulcs/atn-ulcs.cnf | 130 | ||||
-rw-r--r-- | epan/dissectors/packet-atn-cpdlc.c | 20 | ||||
-rw-r--r-- | epan/dissectors/packet-atn-ulcs.c | 128 | ||||
-rw-r--r-- | epan/dissectors/packet-per.c | 20 |
5 files changed, 163 insertions, 155 deletions
diff --git a/asn1/atn-cpdlc/atn-cpdlc.cnf b/asn1/atn-cpdlc/atn-cpdlc.cnf index bf6555a028..3f7efbb4e8 100644 --- a/asn1/atn-cpdlc/atn-cpdlc.cnf +++ b/asn1/atn-cpdlc/atn-cpdlc.cnf @@ -60,15 +60,17 @@ ProtectedAircraftPDUs/startdown protectedstartDownmessage offset = dissect_per_bit_string(tvb, offset, actx, tree, hf_index, NO_BOUND, NO_BOUND, FALSE, &tvb_usr); - switch(check_heur_msg_type(actx->pinfo)){ - case dm: - dissect_atn_cpdlc_ATCDownlinkMessage(tvb_new_subset_remaining(tvb_usr, 0), 0, actx, tree, hf_index); - break; - case um: - dissect_atn_cpdlc_ATCUplinkMessage(tvb_new_subset_remaining(tvb_usr, 0), 0, actx , tree, hf_index); - break; - default: - break; + if (tvb_usr) { + switch(check_heur_msg_type(actx->pinfo)){ + case dm: + dissect_atn_cpdlc_ATCDownlinkMessage(tvb_new_subset_remaining(tvb_usr, 0), 0, actx, tree, hf_index); + break; + case um: + dissect_atn_cpdlc_ATCUplinkMessage(tvb_new_subset_remaining(tvb_usr, 0), 0, actx , tree, hf_index); + break; + default: + break; + } } #.END diff --git a/asn1/atn-ulcs/atn-ulcs.cnf b/asn1/atn-ulcs/atn-ulcs.cnf index a4ece639fe..f7b0b4735d 100644 --- a/asn1/atn-ulcs/atn-ulcs.cnf +++ b/asn1/atn-ulcs/atn-ulcs.cnf @@ -62,71 +62,73 @@ PDV-list/presentation-data-values/arbitrary pdv-list_presentation-data-values_ar FALSE, &tvb_usr); - /* call appropiate dissector for bitstring data */ - switch(ulcs_context_value){ - case 1: /* ACSE PDU*/ - ti = proto_tree_add_text( - root_tree, - tvb, - offset, - 0, - ATN_ACSE_PROTO ); - atn_ulcs_tree = proto_item_add_subtree(ti, ett_atn_acse); - - dissect_ACSE_apdu_PDU( - tvb_new_subset_remaining(tvb_usr, 0), - pinfo, - atn_ulcs_tree); - break; - case 3: /* USER data; call subdissector for CM, CPDLC ... */ - - /* using dstref for PDV-list only occurrs in DT */ - atn_cv = find_atn_conversation( - &pinfo->dst, - pinfo->clnp_dstref, - &pinfo->src); - - if(atn_cv) { - switch(atn_cv->ae_qualifier){ - case cma: /* contact management */ - call_dissector_with_data( - atn_cm_handle, - tvb_new_subset_remaining(tvb_usr, 0), - pinfo, - root_tree, - NULL); - break; - case cpdlc: /* plain old cpdlc */ - case pmcpdlc: /* protected mode cpdlc */ - call_dissector_with_data( - atn_cpdlc_handle, - tvb_new_subset_remaining(tvb_usr, 0), - pinfo, - root_tree, - NULL); - break; - default: /* unknown or unhandled datalink application */ - dissector_try_heuristic( - atn_ulcs_heur_subdissector_list, - tvb_new_subset_remaining(tvb_usr,0), - actx->pinfo, - root_tree, - NULL); - break; - } - } - else{ - dissector_try_heuristic( - atn_ulcs_heur_subdissector_list, - tvb_new_subset_remaining(tvb_usr,0), - actx->pinfo, - root_tree, - NULL); - } - break; - default: + if (tvb_usr) { + /* call appropiate dissector for bitstring data */ + switch(ulcs_context_value){ + case 1: /* ACSE PDU*/ + ti = proto_tree_add_text( + root_tree, + tvb, + offset, + 0, + ATN_ACSE_PROTO ); + atn_ulcs_tree = proto_item_add_subtree(ti, ett_atn_acse); + + dissect_ACSE_apdu_PDU( + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + atn_ulcs_tree); break; - } /* switch(ulcs_context_value) */ + case 3: /* USER data; call subdissector for CM, CPDLC ... */ + + /* using dstref for PDV-list only occurrs in DT */ + atn_cv = find_atn_conversation( + &pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src); + + if(atn_cv) { + switch(atn_cv->ae_qualifier){ + case cma: /* contact management */ + call_dissector_with_data( + atn_cm_handle, + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + root_tree, + NULL); + break; + case cpdlc: /* plain old cpdlc */ + case pmcpdlc: /* protected mode cpdlc */ + call_dissector_with_data( + atn_cpdlc_handle, + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + root_tree, + NULL); + break; + default: /* unknown or unhandled datalink application */ + dissector_try_heuristic( + atn_ulcs_heur_subdissector_list, + tvb_new_subset_remaining(tvb_usr,0), + actx->pinfo, + root_tree, + NULL); + break; + } + } + else{ + dissector_try_heuristic( + atn_ulcs_heur_subdissector_list, + tvb_new_subset_remaining(tvb_usr,0), + actx->pinfo, + root_tree, + NULL); + } + break; + default: + break; + } /* switch(ulcs_context_value) */ + } #.END diff --git a/epan/dissectors/packet-atn-cpdlc.c b/epan/dissectors/packet-atn-cpdlc.c index 400b5c1bd1..718be5ae50 100644 --- a/epan/dissectors/packet-atn-cpdlc.c +++ b/epan/dissectors/packet-atn-cpdlc.c @@ -5123,15 +5123,17 @@ dissect_atn_cpdlc_CPDLCMessage(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *ac offset = dissect_per_bit_string(tvb, offset, actx, tree, hf_index, NO_BOUND, NO_BOUND, FALSE, &tvb_usr); - switch(check_heur_msg_type(actx->pinfo)){ - case dm: - dissect_atn_cpdlc_ATCDownlinkMessage(tvb_new_subset_remaining(tvb_usr, 0), 0, actx, tree, hf_index); - break; - case um: - dissect_atn_cpdlc_ATCUplinkMessage(tvb_new_subset_remaining(tvb_usr, 0), 0, actx , tree, hf_index); - break; - default: - break; + if (tvb_usr) { + switch(check_heur_msg_type(actx->pinfo)){ + case dm: + dissect_atn_cpdlc_ATCDownlinkMessage(tvb_new_subset_remaining(tvb_usr, 0), 0, actx, tree, hf_index); + break; + case um: + dissect_atn_cpdlc_ATCUplinkMessage(tvb_new_subset_remaining(tvb_usr, 0), 0, actx , tree, hf_index); + break; + default: + break; + } } diff --git a/epan/dissectors/packet-atn-ulcs.c b/epan/dissectors/packet-atn-ulcs.c index 14a000b331..74a2f58e56 100644 --- a/epan/dissectors/packet-atn-ulcs.c +++ b/epan/dissectors/packet-atn-ulcs.c @@ -391,71 +391,73 @@ dissect_atn_ulcs_T_pdv_list_presentation_data_values_arbitrary(tvbuff_t *tvb _U_ FALSE, &tvb_usr); - /* call appropiate dissector for bitstring data */ - switch(ulcs_context_value){ - case 1: /* ACSE PDU*/ - ti = proto_tree_add_text( - root_tree, - tvb, - offset, - 0, - ATN_ACSE_PROTO ); - atn_ulcs_tree = proto_item_add_subtree(ti, ett_atn_acse); + if (tvb_usr) { + /* call appropiate dissector for bitstring data */ + switch(ulcs_context_value){ + case 1: /* ACSE PDU*/ + ti = proto_tree_add_text( + root_tree, + tvb, + offset, + 0, + ATN_ACSE_PROTO ); + atn_ulcs_tree = proto_item_add_subtree(ti, ett_atn_acse); - dissect_ACSE_apdu_PDU( - tvb_new_subset_remaining(tvb_usr, 0), - pinfo, - atn_ulcs_tree); - break; - case 3: /* USER data; call subdissector for CM, CPDLC ... */ - - /* using dstref for PDV-list only occurrs in DT */ - atn_cv = find_atn_conversation( - &pinfo->dst, - pinfo->clnp_dstref, - &pinfo->src); - - if(atn_cv) { - switch(atn_cv->ae_qualifier){ - case cma: /* contact management */ - call_dissector_with_data( - atn_cm_handle, - tvb_new_subset_remaining(tvb_usr, 0), - pinfo, - root_tree, - NULL); - break; - case cpdlc: /* plain old cpdlc */ - case pmcpdlc: /* protected mode cpdlc */ - call_dissector_with_data( - atn_cpdlc_handle, - tvb_new_subset_remaining(tvb_usr, 0), - pinfo, - root_tree, - NULL); - break; - default: /* unknown or unhandled datalink application */ - dissector_try_heuristic( - atn_ulcs_heur_subdissector_list, - tvb_new_subset_remaining(tvb_usr,0), - actx->pinfo, - root_tree, - NULL); - break; - } - } - else{ - dissector_try_heuristic( - atn_ulcs_heur_subdissector_list, - tvb_new_subset_remaining(tvb_usr,0), - actx->pinfo, - root_tree, - NULL); - } - break; - default: + dissect_ACSE_apdu_PDU( + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + atn_ulcs_tree); break; - } /* switch(ulcs_context_value) */ + case 3: /* USER data; call subdissector for CM, CPDLC ... */ + + /* using dstref for PDV-list only occurrs in DT */ + atn_cv = find_atn_conversation( + &pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src); + + if(atn_cv) { + switch(atn_cv->ae_qualifier){ + case cma: /* contact management */ + call_dissector_with_data( + atn_cm_handle, + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + root_tree, + NULL); + break; + case cpdlc: /* plain old cpdlc */ + case pmcpdlc: /* protected mode cpdlc */ + call_dissector_with_data( + atn_cpdlc_handle, + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + root_tree, + NULL); + break; + default: /* unknown or unhandled datalink application */ + dissector_try_heuristic( + atn_ulcs_heur_subdissector_list, + tvb_new_subset_remaining(tvb_usr,0), + actx->pinfo, + root_tree, + NULL); + break; + } + } + else{ + dissector_try_heuristic( + atn_ulcs_heur_subdissector_list, + tvb_new_subset_remaining(tvb_usr,0), + actx->pinfo, + root_tree, + NULL); + } + break; + default: + break; + } /* switch(ulcs_context_value) */ + } return offset; diff --git a/epan/dissectors/packet-per.c b/epan/dissectors/packet-per.c index 109dda21e7..a593d463ab 100644 --- a/epan/dissectors/packet-per.c +++ b/epan/dissectors/packet-per.c @@ -2063,10 +2063,6 @@ dissect_per_bit_string(tvbuff_t *tvb, guint32 offset, asn1_ctx_t *actx, proto_tr hfi = (hf_index==-1) ? NULL : proto_registrar_get_nth(hf_index); - /* Start with something because callers expect value_tvb to be non-NULL, - * so we need a non-NULL empty tvb for error cases. */ - out_tvb = tvb_new_subset(tvb, offset, 0, 0); - DEBUG_ENTRY("dissect_per_bit_string"); /* 15.8 if the length is 0 bytes there will be no encoding */ if(max_len==0) { @@ -2429,11 +2425,13 @@ dissect_per_T_octet_aligned(tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_t offset = dissect_per_octet_string(tvb, offset, actx, tree, hf_index, NO_BOUND, NO_BOUND, FALSE, &actx->external.octet_aligned); - if (actx->external.u.per.type_cb) { - actx->external.u.per.type_cb(actx->external.octet_aligned, 0, actx, tree, actx->external.hf_index); + if (actx->external.octet_aligned) { + if (actx->external.u.per.type_cb) { + actx->external.u.per.type_cb(actx->external.octet_aligned, 0, actx, tree, actx->external.hf_index); } else { - actx->created_item = proto_tree_add_text(tree, actx->external.octet_aligned, 0, -1, "Unknown EXTERNAL Type"); + actx->created_item = proto_tree_add_text(tree, actx->external.octet_aligned, 0, -1, "Unknown EXTERNAL Type"); } + } return offset; } @@ -2444,11 +2442,13 @@ dissect_per_T_arbitrary(tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree offset = dissect_per_bit_string(tvb, offset, actx, tree, hf_index, NO_BOUND, NO_BOUND, FALSE, &actx->external.arbitrary); - if (actx->external.u.per.type_cb) { - actx->external.u.per.type_cb(actx->external.arbitrary, 0, actx, tree, actx->external.hf_index); + if (actx->external.arbitrary) { + if (actx->external.u.per.type_cb) { + actx->external.u.per.type_cb(actx->external.arbitrary, 0, actx, tree, actx->external.hf_index); } else { - actx->created_item = proto_tree_add_text(tree, actx->external.arbitrary, 0, -1, "Unknown EXTERNAL Type"); + actx->created_item = proto_tree_add_text(tree, actx->external.arbitrary, 0, -1, "Unknown EXTERNAL Type"); } + } return offset; } |