Sorry for not including the Bug Number: 3733
--- On Wed, 7/15/09, Sean <yunjnz@xxxxxxxxx> wrote:
> From: Sean <yunjnz@xxxxxxxxx>
> Subject: Re: [Wireshark-dev] Problem of packet-per.c on ASN.1 PER Encoding
> To: "Developer support list for Wireshark" <wireshark-dev@xxxxxxxxxxxxx>
> Date: Wednesday, July 15, 2009, 9:44 AM
>
> Additional information for this issue:
>
> Source code version: wireshark-1.2.0.tar.gz
>
> Build on Windows XP Pro with MSVC2008EE
>
>
>
> --- On Wed, 7/15/09, Sean <yunjnz@xxxxxxxxx>
> wrote:
>
> > From: Sean <yunjnz@xxxxxxxxx>
> > Subject: [Wireshark-dev] Problem of packet-per.c on
> ASN.1 PER Encoding
> > To: wireshark-dev@xxxxxxxxxxxxx
> > Date: Wednesday, July 15, 2009, 9:36 AM
> > Hi,
> >
> > We're using the LTE RRC dissector(packet-lte-rrc.c)
> > recently and we find a
> > problem while parsing the RRC Connection Request,
> > Following is the definition of the RRC Connection
> Request:
> >
> > -- ASN1START
> >
> > RRCConnectionRequest ::=
> > SEQUENCE {
> > criticalExtensions
> >
> >
> > CHOICE {
> >
> > rrcConnectionRequest-r8
> >
> > RRCConnectionRequest-r8-IEs,
> >
> > criticalExtensionsFuture
> > SEQUENCE
> > {}
> > }
> > }
> >
> > RRCConnectionRequest-r8-IEs ::=
> > SEQUENCE {
> > ue-Identity
> >
> >
> >
> > InitialUE-Identity,
> > establishmentCause
> >
> >
> >
> > EstablishmentCause,
> > spare
> >
> >
> >
> > BIT
> > STRING (SIZE (1))
> > }
> >
> > InitialUE-Identity ::=
> >
> > CHOICE {
> > s-TMSI
> >
> >
> >
> > S-TMSI,
> > randomValue
> >
> >
> >
> > BIT
> > STRING (SIZE (40))
> > }
> >
> > EstablishmentCause ::=
> >
> > ENUMERATED {
> >
> >
> >
> >
> >
> >
> > emergency, highPriorityAccess, mt-Access,
> mo-Signalling,
> >
> >
> >
> >
> >
> >
> > mo-Data, spare3, spare2, spare1}
> >
> > -- ASN1STOP
> >
> > Totally there are 6 bytes in the encoded packet, but
> the
> > dissector indicates
> > "Malformed Packet" even the 6 bytes data is present.
> > It seems that the packet-per.c wants to read 2 more
> > bytes(line 226 in
> > packet-per.c "word = tvb_get_ntohs(tvb,boffset+i)
> <<
> > shift1;") for the single
> > bit "spare" field and thus not enough data available.
> > Attached is the patch for the file and it works fine
> for
> > this packet.
> > Would anyone have a look and confirm if the patch
> properly
> > corrects the
> > issue?
> > Or is there any existing patch on this and/or any
> other
> > issues?
> >
> > Thanks,
> > Sean
> >
> >
> >
> > -----Inline Attachment Follows-----
> >
> >
> ___________________________________________________________________________
> > Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> > Archives: http://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >
> > mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
>
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>
