Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 2824] New: Patch adds SCM Advertise header to WLCCP dissec

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 21 Aug 2008 13:18:59 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2824

           Summary: Patch adds SCM Advertise header to WLCCP dissector
           Product: Wireshark
           Version: SVN
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Medium
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: jochen.bartl@xxxxxxxxx



Jochen Bartl <jochen.bartl@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2175|                            |review_for_checkin?
               Flag|                            |


Created an attachment (id=2175)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2175)
SCM Advertise header patch for packet-wlccp.c

Build Information:
wireshark 1.0.99 (SVN Rev 26052)

Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.9, with GLib 2.16.4, with libpcap 0.9.8, with libz
1.2.3.3, with POSIX capabilities (Linux), with libpcre 7.4, without SMI,
without
c-ares, with ADNS, without Lua, with GnuTLS 2.0.4, with Gcrypt 1.2.4, with MIT
Kerberos, with PortAudio V19-devel (built Mar 12 2008), without AirPcap.

Running on Linux 2.6.24-20-generic, with libpcap version 0.9.8.

Built using gcc 4.2.3 (Ubuntu 4.2.3-2ubuntu7).
--
I have added the SCM header to the wlccp dissector. This header is present in
packets of base message type 0x01. You can find the specification in the
following document, when you search for "The table below shows the fields for
an SCM Advertisement Reply Message.":

http://www.freepatentsonline.com/y2005/0220054.html

It seems like the header structure in the document is wrong regarding the "SCM
Node ID" (MAC address) field. From looking at the hexdumps I found out that the
node id shows up in the header before the "Instance Age" field. There is also a
2 byte field between the node id and the instance age, which is always zero. I
have named this field  wlccp.scm_unknown_short, because I don't know what it is
for.

- Patch created via svn diff today (2008-08-21)
- Compiled / Tested with SVN version on Ubuntu 8.04 Hardy (x86)
- Pcap file with WLCCP SCM packets:
http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=ciscowl_version_0xc1.pcap.gz
- Fuzz Test: tools/fuzz-test.sh, passed 1000 iterations without an error


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube