Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 8290] New: RRC RadioBearerSetup message decoding issue

[bugzilla-daemon@xxxxxxxxxxxxx]

Bug ID	8290
Summary	RRC RadioBearerSetup message decoding issue
Classification	Unclassified
Product	Wireshark
Version	1.8.5
Hardware	x86
OS	Windows XP
Status	UNCONFIRMED
Severity	Major
Priority	Low
Component	Dissection engine (libwireshark)
Assignee	bugzilla-admin@wireshark.org
Reporter	jerome.coutant@stericsson.com

Created attachment 9918 [details]
Message decoding is wrong

Build Information:

--
Hi

I attached the message to decode where I found the issue.

Here is the decoding result I got :

    [Protocols in frame: user_dlt:rrc]
 DLT: 147
 DL-DCCH-Message
     integrityCheckInfo
         messageAuthenticationCode: 0a966871 [bit length 32, 0000 1010  1001
0110  0110 1000  0111 0001 decimal value 177629297]
         rrc-MessageSequenceNumber: 1
     message: radioBearerSetup (14)
         radioBearerSetup: later-than-r3 (1)
             later-than-r3
                 rrc-TransactionIdentifier: 1
                 criticalExtensions: criticalExtensions (1)
                     criticalExtensions: criticalExtensions (1)
                         criticalExtensions: criticalExtensions (1)
                             criticalExtensions: criticalExtensions (1)
                                 criticalExtensions: r8 (0)
                                     r8
                                         radioBearerSetup-r8
                                             cipheringModeInfo
                                                 cipheringModeCommand
                                                     startRestart: uea2 (2)
                                                 activationTimeForDPCH: 170
                                             sr-vcc-Info
                                                 nonce:
555540000b8e2da77b92f935ff3d886b [bit length 128]
                                             activationTime: 32
                                             new-U-RNTI
                                                 srnc-Identity: a040 [bit
length 12, 4 LSB pad bits, 1010 0000  0100 .... decimal value 2564]
                                                 s-RNTI: 2e6400 [bit length 20,
4 LSB pad bits, 0010 1110  0110 0100  0000 .... decimal value 190016]
                                             new-C-RNTI: 0803 [bit length 16,
0000 1000  0000 0011 decimal value 2051]
                                             new-DSCH-RNTI: 4081 [bit length
16, 0100 0000  1000 0001 decimal value 16513]
                                             new-H-RNTI: 0100 [bit length 16,
0000 0001  0000 0000 decimal value 256]
                                             rrc-StateIndicator: cell-FACH (1)

etc...



Information is wrong. Here is the decoding coming from another ASN1 tool:

DL-DCCH-Message
{
    integrityCheckInfo {
        messageAuthenticationCode = '00001010100101100110100001110001'B,
        rrc-MessageSequenceNumber = 1
    },
    message radioBearerSetup later-than-r3 {
        rrc-TransactionIdentifier = 1,
        criticalExtensions criticalExtensions criticalExtensions
criticalExtensions criticalExtensions r8 {
            radioBearerSetup-r8 {
                integrityProtectionModeInfo (not defined),
                cipheringModeInfo (not defined),
                sr-vcc-Info (not defined),
                activationTime (not defined),
                new-U-RNTI (not defined),
                new-C-RNTI (not defined),
                new-DSCH-RNTI (not defined),
                new-H-RNTI = '1010101010101010'B,
                newPrimary-E-RNTI = '1010101010101010'B,
                newSecondary-E-RNTI (not defined),
                rrc-StateIndicator cell-DCH,
etc...

---

      You are receiving this mail because:

• You are watching all bug changes.