diff options
-rw-r--r-- | packet-q931.c | 28 | ||||
-rw-r--r-- | packet-tpkt.c | 24 | ||||
-rw-r--r-- | packet-tpkt.h | 8 | ||||
-rw-r--r-- | plugins/plugin_table.h | 4 |
4 files changed, 40 insertions, 24 deletions
diff --git a/packet-q931.c b/packet-q931.c index d793e0b859..c14329a7f0 100644 --- a/packet-q931.c +++ b/packet-q931.c @@ -2,7 +2,7 @@ * Routines for Q.931 frame disassembly * Guy Harris <guy@alum.mit.edu> * - * $Id: packet-q931.c,v 1.42 2002/03/25 20:23:17 guy Exp $ + * $Id: packet-q931.c,v 1.43 2002/05/13 21:18:25 guy Exp $ * * Modified by Andreas Sikkema for possible use with H.323 * @@ -2503,8 +2503,13 @@ dissect_q931_tpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) /* * Check whether this looks like a TPKT-encapsulated * Q.931 packet. + * + * The minimum length of a Q.931 message is 3: + * 1 byte for the protocol discriminator, + * 1 for the call_reference length, + * and one for the message type. */ - lv_tpkt_len = is_tpkt(tvb); + lv_tpkt_len = is_tpkt(tvb, 3); if (lv_tpkt_len == -1) { /* * It's not a TPKT packet; reject it. @@ -2533,24 +2538,17 @@ dissect_q931_tpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) * check whether it looks like the beginning of a * Q.931 message. * - * The minimum length of a Q.931 message is 3: - * 1 byte for the protocol discriminator, - * 1 for the call_reference length, - * and one for the message type. + * The minimum length of a Q.931 message is 3, as per the + * above. * - * Check that we have that many bytes past the - * TPKT header. + * Check that we have that many bytes past the TPKT header in + * the tvbuff; we already know that the TPKT header says we + * have that many bytes (as we passed 3 as the "min_len" argument + * to "is_tpkt()"). */ if (!tvb_bytes_exist(tvb, 4, 3)) return FALSE; - /* - * And check that we have that many bytes in the TPKT - * packet. - */ - if (lv_tpkt_len < 3) - return FALSE; - /* Check the protocol discriminator */ if (tvb_get_guint8(tvb, 4) != NLPID_Q_931) { /* Doesn't look like Q.931 inside TPKT */ diff --git a/packet-tpkt.c b/packet-tpkt.c index faa956e0d2..cdf944f76a 100644 --- a/packet-tpkt.c +++ b/packet-tpkt.c @@ -7,7 +7,7 @@ * Routine to dissect RFC 1006 TPKT packet containing OSI TP PDU * Copyright 2001, Martin Thomas <Martin_A_Thomas@yahoo.com> * - * $Id: packet-tpkt.c,v 1.18 2002/03/25 20:17:09 guy Exp $ + * $Id: packet-tpkt.c,v 1.19 2002/05/13 21:18:25 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -71,10 +71,16 @@ static dissector_handle_t osi_tp_handle; * Check whether this could be a TPKT-encapsulated PDU. * Returns -1 if it's not, and the PDU length from the TPKT header * if it is. + * + * "min_len" is the minimum length of the PDU; the length field in the + * TPKT header must be at least "4+min_len" in order for this to be a + * valid TPKT PDU for the protocol in question. */ int -is_tpkt(tvbuff_t *tvb) +is_tpkt(tvbuff_t *tvb, int min_len) { + guint16 pkt_len; + /* * If TPKT is disabled, don't dissect it, just return -1, meaning * "this isn't TPKT". @@ -92,12 +98,20 @@ is_tpkt(tvbuff_t *tvb) * always be the case.... */ if (!(tvb_get_guint8(tvb, 0) == 3 && tvb_get_guint8(tvb, 1) == 0)) - return -1; /* They're not */ + return -1; /* they're not */ + + /* + * Get the length from the TPKT header. Make sure it's large + * enough. + */ + pkt_len = tvb_get_ntohs(tvb, 2); + if (pkt_len < 4 + min_len) + return -1; /* it's not */ /* - * Return the length from the TPKT header. + * Return the length from the header. */ - return tvb_get_ntohs(tvb, 2); + return pkt_len; } /* diff --git a/packet-tpkt.h b/packet-tpkt.h index d4671b2367..cac6a7a085 100644 --- a/packet-tpkt.h +++ b/packet-tpkt.h @@ -5,7 +5,7 @@ * Copyright 2000, Philips Electronics N.V. * Andreas Sikkema <andreas.sikkema@philips.com> * - * $Id: packet-tpkt.h,v 1.7 2002/02/23 02:30:15 guy Exp $ + * $Id: packet-tpkt.h,v 1.8 2002/05/13 21:18:25 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -30,8 +30,12 @@ * Check whether this could be a TPKT-encapsulated PDU. * Returns -1 if it's not, and the PDU length from the TPKT header * if it is. + * + * "min_len" is the minimum length of the PDU; the length field in the + * TPKT header must be at least "4+min_len" in order for this to be a + * valid TPKT PDU for the protocol in question. */ -extern int is_tpkt(tvbuff_t *tvb); +extern int is_tpkt(tvbuff_t *tvb, int min_len); /* * Dissect TPKT-encapsulated data in a TCP stream. diff --git a/plugins/plugin_table.h b/plugins/plugin_table.h index c5ba8763fd..9175f96d9b 100644 --- a/plugins/plugin_table.h +++ b/plugins/plugin_table.h @@ -1,7 +1,7 @@ /* plugin_table.h * Table of exported addresses for Ethereal plugins. * - * $Id: plugin_table.h,v 1.47 2002/05/05 22:30:39 guy Exp $ + * $Id: plugin_table.h,v 1.48 2002/05/13 21:18:26 guy Exp $ * * Ethereal - Network traffic analyzer * Copyright 2000 by Gilbert Ramirez <gram@alumni.rice.edu> @@ -223,7 +223,7 @@ typedef gint8 (*addr_get_CDR_wchar)(tvbuff_t *, gchar **, int *, typedef guint32 (*addr_get_CDR_wstring)(tvbuff_t *, gchar **, int *, gboolean, int, MessageHeader *); -typedef int (*addr_is_tpkt)(tvbuff_t *); +typedef int (*addr_is_tpkt)(tvbuff_t *, int); typedef void (*addr_dissect_tpkt_encap)(tvbuff_t *, packet_info *, proto_tree *, gboolean, dissector_handle_t); |