All,
OK, now for round 2. :)
I've re-written the dissector to remove the use of the flags_to_str functions (as per Ronnie's suggestion). The proto_item_append_text function worked OK to replace the functionality offered by the older routine.
I've cleaned up a few more things in the code, added a couple more objects (more captures came in!), and I now have a diff to submit that was generated using a svn tool, against what should be (I hope, it was downloaded a few days ago) a current SVN tree.
Let me know if this .diff is acceptable, I'd like for this work to be included in the next Ethereal release.
Thanks,
Chris
----- Original Message -----
From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>
Date: Tuesday, June 21, 2005 4:12 am
Subject: [Ethereal-dev] Re: DNP3 Dissector Additions
> the patch does not apply to current svn
>
> functions such as flags_to_str16() does not check for writing beyond
> the end of the str buffer.
> Since flags_to_str16() are only used to populate the expansion line
> for the flag bits,
> can you not remove it and insert a
> if(flags&FLAG_VALUE)
> proto_item_append_text()
> after each of the proto_tree_add_boolean() call instead
> and avoid any potential buffer overflow?
>
>
>
>
>
> On 6/21/05, Chris Bontje <chrisbontje@xxxxxxx> wrote:
> > All,
> >
> > Here are the additions to the DNP3 dissector as promised. I
> would like to
> > submit this patch for the next version of Ethereal. These
> modifications> should be considered preliminary, here is a brief
> summary of what was
> > added:
> >
> > - Added Application Layer Object Decoding. Supports IIN bits
> and most of
> > the common objects & variations (Binary Inputs, Binary Outputs,
> Control> Relay O/P Block, Binary Counters, Analog Inputs, Class
> Data, Time Formats).
> > Support will be added for other objects/vars as captures with
> examples of
> > them can be provided.
> >
> > - Added support for more Application Layer function codes.
> Support for
> > remaining codes will be added in as captures can be provided.
> >
> > - Added UDP/IP port 20000 as a default DNP3 port (in addition to
> TCP/IP port
> > 20000), as registered with regulatory bodies.
> >
> > - Started re-write to support fragments with multiple DNP3-
> frames and frames
> > seperated between multiple fragments (both UDP & TCP).
> >
> > This dissector has been tested w/ a wide varity of DNP3 SCADA
> captures, if
> > there is a capture that generates errors or invalid output,
> please provide
> > it so appropriate fixes can be made! :) The same goes for any
> suggestions> or comments regarding the output formatting - just
> because I like this
> > output doesn't mean someone else is expected to!
> >
> > This diff file was created using the 'diff' util with the -u
> command-line
> > switch, let me know if it is not acceptable for submission. The
> testing has
> > primarily been done on the VC6 platform, please let me know if
> issues are
> > encountered w/ any *nix builds.
> >
> > Thanks goes out to Graham Bloice for his invaluable assistance
> w/ the whole
> > process of adding this support.
> >
> > Regards,
> >
> > Chris Bontje
> > Calgary, Alberta, Canada
> >
> > ----- Original Message -----
> > From: Chris Bontje <chrisbontje@xxxxxxx>
> > Date: Saturday, June 4, 2005 8:01 pm
> > Subject: DNP3 Dissector Additions
> >
> > > All,
> > >
> > > I have recently been tinkering w/ the DNP3 dissector included
> in
> > > the latest public source release of Ethereal.
> > >
> > > I've successfully added in Application Layer Decoding support
> for
> > > several objects and am planning on adding a mostly complete
> > > library. So far I have added in some of the most common
> object
> > > variations for Binary Inputs, Outputs, Analog Inputs (16-bit &
> 32-
> > > bit) and Binary Counters.
> > >
> > > I have several Ethereal captures from various SCADA networks
> w/
> > > DNP3 traffic and have been punishment-testing my work to the
> best
> > > of my abilities... so far so good!
> > >
> > > When I'm satisified w/ my code, I'll be certain to post my
> changes
> > > to the source tree so that they can (hopefully) be included in
> the
> > > official release.
> > >
> > > Here's hoping my intermediate-level coding is clean enough to
> make
> > > it into an excellent project like Ethereal!
> > >
> > > Regards,
> > >
> > > Chris Bontje
> > > Calgary, Alberta, Canada
> > >
> >
> >
>
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>
Attachment:
dnp3patch.diff
Description: Binary data
