ieee802.11: Add some expert infos when Phy Capabilities are short.

This helps developers know they are missing bits of data that should be there by adding an expert info rather than showing a malformed packet. Bug: 15861 Change-Id: Iacd85be228c60e4e3dcef344a38506568172e0da Reviewed-on: https://code.wireshark.org/review/33691 Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
author: Richard Sharpe <realrichardsharpe@gmail.com> 2019-06-20 20:30:14 -0400
committer: Alexis La Goutte <alexis.lagoutte@gmail.com> 2019-06-21 08:37:19 +0000
commit: e50ba8e8b93549b1cf3e14987c15d98f8a0cf774 (patch)
tree: 25af2ee142074725dd24d24ca9e8bed0d5600777 /epan
parent: 0d150d241f96970653db1212039aa18f6e3b1622 (diff)
1 files changed, 37 insertions, 1 deletions
diff --git a/epan/dissectors/packet-ieee80211.c b/epan/dissectors/packet-ieee80211.c
index 682e42409f..2ba775ad05 100644
--- a/epan/dissectors/packet-ieee80211.c
+++ b/epan/dissectors/packet-ieee80211.c
@@ -20444,7 +20444,7 @@ dissect_he_capabilities(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree,
 
   /* Get and isolate the phy channel witdth set */
   phy_channel_width_set = tvb_get_guint8(tvb, offset) >> 1;
-  phy_cap_tree = proto_tree_add_subtree(tree, tvb, offset, 9, ett_he_phy_capabilities,
+  phy_cap_tree = proto_tree_add_subtree(tree, tvb, offset, 11, ett_he_phy_capabilities,
                         NULL,
                         "HE Phy Capabilities Information");
   proto_tree_add_bitmask_with_flags(phy_cap_tree, tvb, offset,
@@ -20475,6 +20475,13 @@ dissect_he_capabilities(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree,
                         he_phy_b72_to_b87_headers, ENC_LITTLE_ENDIAN, BMT_NO_APPEND);
   offset += 2;
 
+  if (tvb_reported_length_remaining(tvb, offset) < 2) {
+    expert_add_info_format(pinfo, phy_cap_tree, &ei_ieee80211_tag_length,
+                           "Insufficient bytes for Phy Capabilities "
+                           "Rx and Tx Maps 80MHz!");
+    return;
+  }
+
   /* Need the length first */
   if (phy_channel_width_set & HE_CHANNEL_WIDTH_SET_B2)
     he_mcs_and_nss_len += 4;
@@ -20493,6 +20500,14 @@ dissect_he_capabilities(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree,
                         ett_he_rx_mcs_map_lte_80, he_mcs_map_80_rx_headers,
                         ENC_LITTLE_ENDIAN, BMT_NO_APPEND);
   offset += 2;
+
+  if (tvb_reported_length_remaining(tvb, offset) < 2) {
+    expert_add_info_format(pinfo, phy_cap_tree, &ei_ieee80211_tag_length,
+                           "Insufficient bytes for Phy Capabilities "
+                           "Tx Maps 80MHz!");
+    return;
+  }
+
   proto_tree_add_bitmask_with_flags(rx_tx_he_mcs_map_80, tvb, offset,
                         hf_he_tx_he_mcs_map_lte_80,
                         ett_he_tx_mcs_map_lte_80, he_mcs_map_80_tx_headers,
@@ -20500,6 +20515,12 @@ dissect_he_capabilities(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree,
   offset += 2;
 
   if (phy_channel_width_set & HE_CHANNEL_WIDTH_SET_B2) {
+    if (tvb_reported_length_remaining(tvb, offset) < 2) {
+      expert_add_info_format(pinfo, phy_cap_tree, &ei_ieee80211_tag_length,
+                             "Insufficient bytes for Phy Capabilities "
+                             "Rx and Tx MCS Maps 160MHz!");
+      return;
+    }
     rx_tx_he_mcs_map_160 = proto_tree_add_subtree(sup_he_mcs_and_nss_tree,
                         tvb, offset, 4, ett_he_rx_tx_he_mcs_map_160, NULL,
                         "Rx and Tx MCS Maps 160 MHz");
@@ -20508,6 +20529,14 @@ dissect_he_capabilities(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree,
                         ett_he_rx_mcs_map_160, he_mcs_map_160_rx_headers,
                         ENC_LITTLE_ENDIAN, BMT_NO_APPEND);
     offset += 2;
+
+    if (tvb_reported_length_remaining(tvb, offset) < 2) {
+      expert_add_info_format(pinfo, phy_cap_tree, &ei_ieee80211_tag_length,
+                             "Insufficient bytes for Phy Capabilities "
+                             "Tx MCS Maps 160MHz!");
+      return;
+    }
+
     proto_tree_add_bitmask_with_flags(rx_tx_he_mcs_map_160, tvb, offset,
                         hf_he_tx_he_mcs_map_160,
                         ett_he_tx_mcs_map_160, he_mcs_map_160_tx_headers,
@@ -20516,6 +20545,13 @@ dissect_he_capabilities(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree,
   }
 
   if (phy_channel_width_set & HE_CHANNEL_WIDTH_SET_B3) {
+    if (tvb_reported_length_remaining(tvb, offset) < 2) {
+      expert_add_info_format(pinfo, phy_cap_tree, &ei_ieee80211_tag_length,
+                             "Insufficient bytes for Phy Capabilities "
+                             "Rx and Tx MCS Maps 80+80 MHz!");
+      return;
+    }
+
     rx_tx_he_mcs_map_80_80 = proto_tree_add_subtree(sup_he_mcs_and_nss_tree,
                         tvb, offset, 4, ett_he_rx_tx_he_mcs_map_80_80, NULL,
                         "Rx and Tx MCS Maps 80+80 MHz");
author	Richard Sharpe <realrichardsharpe@gmail.com>	2019-06-20 20:30:14 -0400
committer	Alexis La Goutte <alexis.lagoutte@gmail.com>	2019-06-21 08:37:19 +0000
commit	e50ba8e8b93549b1cf3e14987c15d98f8a0cf774 (patch)
tree	25af2ee142074725dd24d24ca9e8bed0d5600777 /epan
parent	0d150d241f96970653db1212039aa18f6e3b1622 (diff)