diff options
author | Guy Harris <guy@alum.mit.edu> | 2014-11-27 16:07:16 -0800 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2014-11-28 00:07:47 +0000 |
commit | 8839d7b4526656a04ef563651bbd03ac001c3a66 (patch) | |
tree | 5361228ea4ca47a64dc92ab500ca779c31c28e65 /epan/dissectors/packet-enttec.c | |
parent | a30f3d5ebcf1cd3ee1fbce8b3b3d424ab578e0f5 (diff) |
Make the ENTTEC dissector reject packets that don't look like ENTTEC packets.
This should avoid questions like
https://ask.wireshark.org/questions/38198/what-is-enttec-in-a-pcap-file
It also splits DMX-over-UDP and DMX-over-TCP into separate dissectors,
as
1) DMX-over-TCP has only config packets, DMX-over-UDP has the
others;
2) that would let us do reassembly, if necessary, for
DMX-over-TCP.
Change-Id: I2606c814693028c7ba2bbc458e45c853372baaf3
Reviewed-on: https://code.wireshark.org/review/5522
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'epan/dissectors/packet-enttec.c')
-rw-r--r-- | epan/dissectors/packet-enttec.c | 100 |
1 files changed, 80 insertions, 20 deletions
diff --git a/epan/dissectors/packet-enttec.c b/epan/dissectors/packet-enttec.c index 4c0509b228..fef54d6c86 100644 --- a/epan/dissectors/packet-enttec.c +++ b/epan/dissectors/packet-enttec.c @@ -326,13 +326,6 @@ dissect_enttec_dmx_data(tvbuff_t *tvb, guint offset, proto_tree *tree) } static gint -dissect_enttec_config(tvbuff_t *tvb _U_, guint offset, proto_tree *tree _U_) -{ - - return offset; -} - -static gint dissect_enttec_reset(tvbuff_t *tvb _U_, guint offset, proto_tree *tree _U_) { @@ -340,16 +333,40 @@ dissect_enttec_reset(tvbuff_t *tvb _U_, guint offset, proto_tree *tree _U_) } static int -dissect_enttec(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) +dissect_enttec_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) { gint offset = 0; guint32 head = 0; proto_tree *ti,*enttec_tree=NULL; - /* Set the protocol column */ - col_set_str(pinfo->cinfo, COL_PROTOCOL, "ENTTEC"); + /* + * If not enough bytes for the header word, not an ENTTEC packet. + */ + if (!tvb_bytes_exist(tvb, offset, 4)) + return 0; head = tvb_get_ntohl(tvb, offset); + switch (head) { + + case ENTTEC_HEAD_ESPR: + case ENTTEC_HEAD_ESPP: + case ENTTEC_HEAD_ESAP: + case ENTTEC_HEAD_ESDD: + case ENTTEC_HEAD_ESZZ: + /* + * Valid packet type. + */ + break; + + default: + /* + * Not a known DMX-over-UDP packet type, so probably not ENTTEC. + */ + return 0; + } + + /* Set the protocol column */ + col_set_str(pinfo->cinfo, COL_PROTOCOL, "ENTTEC"); /* Clear out stuff in the info column */ col_add_fstr(pinfo->cinfo, COL_INFO, "%s", @@ -382,10 +399,6 @@ dissect_enttec(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ offset = dissect_enttec_dmx_data( tvb, offset, enttec_tree); break; - case ENTTEC_HEAD_ESNC: - offset = dissect_enttec_config( tvb, offset, enttec_tree); - break; - case ENTTEC_HEAD_ESZZ: offset = dissect_enttec_reset( tvb, offset, enttec_tree); break; @@ -395,6 +408,52 @@ dissect_enttec(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _ return offset; } +static int +dissect_enttec_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) +{ + gint offset = 0; + guint32 head = 0; + proto_tree *ti,*enttec_tree=NULL; + + /* + * If not enough bytes for the header word, don't try to + * reassemble to get 4 bytes of header word, as we don't + * know whether this will be an ENTTEC Config packet. + */ + if (!tvb_bytes_exist(tvb, offset, 4)) + return 0; + + head = tvb_get_ntohl(tvb, offset); + if (head != ENTTEC_HEAD_ESNC) { + /* + * Not a config packet, so probably not ENTTEC. + */ + return 0; + } + + /* XXX - reassemble to end of connection? */ + + /* Set the protocol column */ + col_set_str(pinfo->cinfo, COL_PROTOCOL, "ENTTEC"); + + /* Clear out stuff in the info column */ + col_add_fstr(pinfo->cinfo, COL_INFO, "%s", + val_to_str(head, enttec_head_vals, "Unknown (0x%08x)")); + + if (tree) { + ti = proto_tree_add_item(tree, proto_enttec, tvb, offset, -1, ENC_NA); + enttec_tree = proto_item_add_subtree(ti, ett_enttec); + } + + if (enttec_tree) { + proto_tree_add_item(enttec_tree, hf_enttec_head, tvb, + offset, 4, ENC_BIG_ENDIAN ); + + /* XXX - dissect the rest of the packet */ + } + return tvb_captured_length(tvb); +} + void proto_register_enttec(void) { @@ -537,23 +596,24 @@ proto_register_enttec(void) void proto_reg_handoff_enttec(void) { static gboolean enttec_initialized = FALSE; - static dissector_handle_t enttec_handle; + static dissector_handle_t enttec_udp_handle, enttec_tcp_handle; static guint udp_port_enttec; static guint tcp_port_enttec; if(!enttec_initialized) { - enttec_handle = new_create_dissector_handle(dissect_enttec,proto_enttec); + enttec_udp_handle = new_create_dissector_handle(dissect_enttec_udp,proto_enttec); + enttec_tcp_handle = new_create_dissector_handle(dissect_enttec_tcp,proto_enttec); enttec_initialized = TRUE; } else { - dissector_delete_uint("udp.port",udp_port_enttec,enttec_handle); - dissector_delete_uint("tcp.port",tcp_port_enttec,enttec_handle); + dissector_delete_uint("udp.port",udp_port_enttec,enttec_udp_handle); + dissector_delete_uint("tcp.port",tcp_port_enttec,enttec_tcp_handle); } udp_port_enttec = global_udp_port_enttec; tcp_port_enttec = global_tcp_port_enttec; - dissector_add_uint("udp.port",global_udp_port_enttec,enttec_handle); - dissector_add_uint("tcp.port",global_tcp_port_enttec,enttec_handle); + dissector_add_uint("udp.port",global_udp_port_enttec,enttec_udp_handle); + dissector_add_uint("tcp.port",global_tcp_port_enttec,enttec_tcp_handle); } /* |