Wireshark · Ethereal-dev: [Ethereal-dev] packet-gtp.patch

[Pasi Paakala <pasi.paakala@xxxxxxxxx>]

Hi,
this is my first try to contribute code. I do not have access to
subversion so I hope I got this right (patch done with diff).

I noticed that the decoder of the "Authentication Quintuplet"  (3GPP
29.060 - 7.7.35) information element did not work. Field's "XRES Length"
and "AUTN Length" were defined as 16 bits when in reality they are 8
bit's, this caused decoder to fail.

Fixed mentioned fields 16bits --> 8bits and adjusted all "magic numbers"
point to correct places and now it works.

Also noticed that decoder of the "MM Context" uses this same function
and it is doomed to fail, because when the Quintuplet(s) are passed
inside Mm Ctxt the length is now length of the whole Quintuplet part not
the length of one Quintuplet like Quintuplet-decoder (quite correctly)
assumes. Well, it might work (did not try) if there is only one
Quintuplet passed inside MmCtxt but usually this is not the case. Also
the Mm Ctxt decoder is missing completely few length fields plus it
tries to open field "Container" that can contain basically any L3 stuff
--> not really GTP level job to open it + huge job to do (contains both
TLV and TV IE's). I will correct MM Context (with Quintuplets) decoder
next if I have time & interest ;-)

-Pasi

--- original_packet-gtp.c	2005-06-01 09:38:48.000000000 +0300
+++ packet-gtp.c	2005-06-01 09:41:59.000000000 +0300
@@ -2863,10 +2863,10 @@
  */
 static int
 decode_quintuplet(tvbuff_t *tvb, int offset, proto_tree *tree, guint16 count, guint8 adjust) {
-
 	proto_tree	*ext_tree_quint;
 	proto_item	*te_quint;
-	guint16		q_len, xres_len, auth_len, q_offset, i;
+	guint16		q_len, q_offset, i;
+	guint8          xres_len, auth_len;
 
 	q_offset = 0;
 
@@ -2881,19 +2881,20 @@
 
 		proto_tree_add_text(ext_tree_quint, tvb, offset, 2, "Length: %x", q_len);
 		proto_tree_add_text(ext_tree_quint, tvb, offset+2, 16, "RAND: %s", tvb_bytes_to_str(tvb, offset+2, 16));
-		xres_len = tvb_get_ntohs(tvb, offset+18);
-		proto_tree_add_text(ext_tree_quint, tvb, offset+18, 2, "XRES length: %u", xres_len);
-		proto_tree_add_text(ext_tree_quint, tvb, offset+20, xres_len, "XRES: %s", tvb_bytes_to_str(tvb, offset+20, xres_len));
-		proto_tree_add_text(ext_tree_quint, tvb, offset+20+xres_len, 16, "Quintuplet ciphering key: %s", tvb_bytes_to_str(tvb, offset+20+xres_len, 16));
-		proto_tree_add_text(ext_tree_quint, tvb, offset+36+xres_len, 16, "Quintuplet integrity key: %s", tvb_bytes_to_str(tvb, offset+36+xres_len, 16));
-		auth_len = tvb_get_ntohs(tvb, offset+52+xres_len);
-		proto_tree_add_text(ext_tree_quint, tvb, offset+52+xres_len, 2, "Authentication length: %u", auth_len);
-		proto_tree_add_text(ext_tree_quint, tvb, offset+54+xres_len, auth_len, "AUTH: %s", tvb_bytes_to_str(tvb, offset+54+xres_len, auth_len));
+		xres_len = tvb_get_guint8(tvb, offset+18);
+		proto_tree_add_text(ext_tree_quint, tvb, offset+18, 1, "XRES length: %u", xres_len);
+		proto_tree_add_text(ext_tree_quint, tvb, offset+19, xres_len, "XRES: %s", tvb_bytes_to_str(tvb, offset+19, xres_len));
+		proto_tree_add_text(ext_tree_quint, tvb, offset+19+xres_len, 16, "Quintuplet Ciphering Key: %s", tvb_bytes_to_str(tvb, offset+20+xres_len, 16));
+		proto_tree_add_text(ext_tree_quint, tvb, offset+19+xres_len, 16, "Quintuplet Integrity Key: %s", tvb_bytes_to_str(tvb, offset+36+xres_len, 16));
+		auth_len = tvb_get_guint8(tvb, offset+51+xres_len);
+		proto_tree_add_text(ext_tree_quint, tvb, offset+51+xres_len, 1, "Authentication length: %u", auth_len);
+		proto_tree_add_text(ext_tree_quint, tvb, offset+52+xres_len, auth_len, "AUTH: %s", tvb_bytes_to_str(tvb, offset+52+xres_len, auth_len));
 
 		q_offset = q_offset + q_len + 2;
 	}
 
 	return q_offset;
+
 }
 
 /* GPRS:	9.60 v7.6.0, chapter 7.9.19 page