diff options
author | gerald <gerald@f5534014-38df-0310-8fa8-9805f1628bb7> | 2005-10-17 16:12:24 +0000 |
---|---|---|
committer | gerald <gerald@f5534014-38df-0310-8fa8-9805f1628bb7> | 2005-10-17 16:12:24 +0000 |
commit | b7eb01550fa0077fef7ae9ade18eb75055ff281b (patch) | |
tree | a838583c9e0b7153f22387a44331214c048fc759 /epan/dissectors/packet-acse.c | |
parent | 5051403528afefda2a30131d2a83b2430dbd2d7d (diff) |
When dissecting an ACSE APDU make sure our OID isn't for an ACSE APDU
(which would make us recurse until we crashed).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16252 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'epan/dissectors/packet-acse.c')
-rw-r--r-- | epan/dissectors/packet-acse.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/epan/dissectors/packet-acse.c b/epan/dissectors/packet-acse.c index 6b486abe7d..57b04dd0e0 100644 --- a/epan/dissectors/packet-acse.c +++ b/epan/dissectors/packet-acse.c @@ -9,7 +9,7 @@ There is a bug in asn2eth that it can not yet handle tagged assignments such as EXTERNAL ::= [UNIVERSAL 8] IMPLICIT SEQUENCE { - This bug is workedaround by some .cnf magic but this should be cleaned up + This bug is workedaround by some .cnf magic but this should be cleaned up once asn2eth learns how to deal with tagged assignments */ @@ -18,7 +18,7 @@ * Ronnie Sahlberg 2005 * dissect_acse() based original handwritten dissector by Sid * Yuriy Sidelnikov <YSidelnikov@hotmail.com> - * + * * * $Id$ * @@ -63,6 +63,8 @@ #define PSNAME "ACSE" #define PFNAME "acse" +#define ACSE_APDU_OID "2.2.1.0.1" + /* Initialize the protocol and registered fields */ int proto_acse = -1; @@ -328,7 +330,7 @@ dissect_acse_T_indirect_reference(gboolean implicit_tag _U_, tvbuff_t *tvb, int /* look up the indirect reference */ if((oid = find_oid_by_pres_ctx_id(pinfo, indir_ref)) != NULL) { - g_snprintf(object_identifier_id, MAX_OID_STR_LEN, "{'FN_VARIANT': '', 'VAL_PTR': 'NULL', 'TREE': 'tree', 'DEFAULT_BODY': ' offset = dissect_ber_integer(implicit_tag, pinfo, tree, tvb, offset, hf_index,\n NULL);\n', 'HF_INDEX': 'hf_index', 'PINFO': 'pinfo', 'CREATED_ITEM_PTR': 'NULL', 'OFFSET': 'offset', 'TNAME': 'T_indirect_reference', 'TVB': 'tvb', 'IMPLICIT_TAG': 'implicit_tag', 'ER': 'ber'}", oid); + g_snprintf(object_identifier_id, MAX_OID_STR_LEN, "{'DEFAULT_BODY': ' offset = dissect_ber_integer(implicit_tag, pinfo, tree, tvb, offset, hf_index,\n NULL);\n', 'VAL_PTR': 'NULL', 'TREE': 'tree', 'FN_VARIANT': '', 'HF_INDEX': 'hf_index', 'PINFO': 'pinfo', 'CREATED_ITEM_PTR': 'NULL', 'OFFSET': 'offset', 'TNAME': 'T_indirect_reference', 'ER': 'ber', 'IMPLICIT_TAG': 'implicit_tag', 'TVB': 'tvb'}", oid); } if(session) @@ -1857,7 +1859,7 @@ dissect_acse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) /* first, try to check length */ /* do we have at least 2 bytes */ if (!tvb_bytes_exist(tvb, 0, 2)){ - proto_tree_add_text(parent_tree, tvb, offset, + proto_tree_add_text(parent_tree, tvb, offset, tvb_reported_length_remaining(tvb,offset), "User data"); return; /* no, it isn't a ACSE PDU */ @@ -1866,7 +1868,7 @@ dissect_acse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) if( !pinfo->private_data ){ if(parent_tree){ REPORT_DISSECTOR_BUG("Can't get SPDU type from session dissector."); - } + } return ; } else { session = ( (struct SESSION_DATA_STRUCTURE*)(pinfo->private_data) ); @@ -1891,7 +1893,11 @@ dissect_acse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) break; case SES_DATA_TRANSFER: oid=find_oid_by_pres_ctx_id(pinfo, indir_ref); - if(oid){ + if(strcmp(oid, ACSE_APDU_OID) == 0){ + proto_tree_add_text(parent_tree, tvb, offset, -1, + "Invalid OID: %s", ACSE_APDU_OID); + THROW(ReportedBoundsError); + } else if(oid){ call_ber_oid_callback(oid, tvb, offset, pinfo, parent_tree); } else { proto_tree_add_text(parent_tree, tvb, offset, -1, @@ -2422,7 +2428,7 @@ void proto_reg_handoff_acse(void) { /*#include "packet-acse-dis-tab.c"*/ register_ber_oid_name("2.2.3.1.1","aCSE-id"); - register_ber_oid_dissector("2.2.1.0.1", dissect_acse, proto_acse, "acse-as-id"); + register_ber_oid_dissector(ACSE_APDU_OID, dissect_acse, proto_acse, "acse-as-id"); } |