the patch does not apply to current svn
functions such as flags_to_str16() does not check for writing beyond
the end of the str buffer.
Since flags_to_str16() are only used to populate the expansion line
for the flag bits,
can you not remove it and insert a
if(flags&FLAG_VALUE)
proto_item_append_text()
after each of the proto_tree_add_boolean() call instead
and avoid any potential buffer overflow?
On 6/21/05, Chris Bontje <chrisbontje@xxxxxxx> wrote:
> All,
>
> Here are the additions to the DNP3 dissector as promised. I would like to
> submit this patch for the next version of Ethereal. These modifications
> should be considered preliminary, here is a brief summary of what was
> added:
>
> - Added Application Layer Object Decoding. Supports IIN bits and most of
> the common objects & variations (Binary Inputs, Binary Outputs, Control
> Relay O/P Block, Binary Counters, Analog Inputs, Class Data, Time Formats).
> Support will be added for other objects/vars as captures with examples of
> them can be provided.
>
> - Added support for more Application Layer function codes. Support for
> remaining codes will be added in as captures can be provided.
>
> - Added UDP/IP port 20000 as a default DNP3 port (in addition to TCP/IP port
> 20000), as registered with regulatory bodies.
>
> - Started re-write to support fragments with multiple DNP3-frames and frames
> seperated between multiple fragments (both UDP & TCP).
>
> This dissector has been tested w/ a wide varity of DNP3 SCADA captures, if
> there is a capture that generates errors or invalid output, please provide
> it so appropriate fixes can be made! :) The same goes for any suggestions
> or comments regarding the output formatting - just because I like this
> output doesn't mean someone else is expected to!
>
> This diff file was created using the 'diff' util with the -u command-line
> switch, let me know if it is not acceptable for submission. The testing has
> primarily been done on the VC6 platform, please let me know if issues are
> encountered w/ any *nix builds.
>
> Thanks goes out to Graham Bloice for his invaluable assistance w/ the whole
> process of adding this support.
>
> Regards,
>
> Chris Bontje
> Calgary, Alberta, Canada
>
> ----- Original Message -----
> From: Chris Bontje <chrisbontje@xxxxxxx>
> Date: Saturday, June 4, 2005 8:01 pm
> Subject: DNP3 Dissector Additions
>
> > All,
> >
> > I have recently been tinkering w/ the DNP3 dissector included in
> > the latest public source release of Ethereal.
> >
> > I've successfully added in Application Layer Decoding support for
> > several objects and am planning on adding a mostly complete
> > library. So far I have added in some of the most common object
> > variations for Binary Inputs, Outputs, Analog Inputs (16-bit & 32-
> > bit) and Binary Counters.
> >
> > I have several Ethereal captures from various SCADA networks w/
> > DNP3 traffic and have been punishment-testing my work to the best
> > of my abilities... so far so good!
> >
> > When I'm satisified w/ my code, I'll be certain to post my changes
> > to the source tree so that they can (hopefully) be included in the
> > official release.
> >
> > Here's hoping my intermediate-level coding is clean enough to make
> > it into an excellent project like Ethereal!
> >
> > Regards,
> >
> > Chris Bontje
> > Calgary, Alberta, Canada
> >
>
>
