Yes, thanks.
OK, to summarize:
1. the snoop trace has M2UA from an older draft, the data 1 parameter is
0x000e
2. the ISUP is ANSI and thus has no trailing 0x00 indicating "no optional
parameters"
The end result (aside from me causing confusion) is that the ANSI RLC will
show up as [Malformed Packet: ISUP].
My patch prevents the malformed by not consuming the extra octet.
But thanks to Jeff I now know that the patch is NOT correct.
It is an ANSI/ITU problem, for the ANSI RLC no optional parameters are
allowed and
therefore the fix would have to occur further up in the function where the
"opt_part_possible" boolean was set.
Thanks, sorry for the mess.
I will make it up.
-----Original Message-----
From: Jeff Morriss [mailto:morriss@xxxxxxxxx]
Sent: Wednesday, August 20, 2003 6:44 AM
To: Guy Harris
Cc: Michael Lum; ethereal-dev@xxxxxxxxxxxx
Subject: Re: [Ethereal-dev] ISUP patch
Guy Harris wrote:
> On Fri, Aug 15, 2003 at 11:31:37AM -0700, Michael Lum wrote:
>
>>I believe the ISUP dissector has a bug when decoding the
>>optional parameter pointer.
>
>
> So what is the added check doing? It looks as if it's checking whether
> the optional parameter pointer is present in the packet.
It depends. I think I read that this was an ANSI RLC. The ISUP
dissector as it stands now was written for ITU ISUP. (It appears to
"mostly work" for ANSI, though.)
In ITU ISUP, the RLC message can have optional parameters (and thus a
pointer to optional).
In ANSI ISUP, the RLC message does not have any optional parameters (and
thus no pointer to optional).
(Porting the ISUP dissector to also do ANSI ISUP has been on my hit-list
for a very long time...)
