Wireshark · Ethereal-dev: [Ethereal-dev] Re: DNP3 Dissector Additions

[ronnie sahlberg <ronniesahlberg@xxxxxxxxx>]

Can you also make the following changes :

1,   remove all these  */   inside comments.
many compilers do not allow /* or */  to occur inside a comment.

2, check REAMDE.developer for how to handle 64bit integers,    one
format string for snprintf is using  %03d to print a 64bit integer.  
Use PRIu64

3,  dont cast to __int64   it doesnt exist on my machine, cast to gint64


4,   some functions take a pointer to offset and update it through the pointer.
this is confusing and inconsistent with the rest of the code.
for these functions that modify offset,
please make it take offset as a parameter and have it return int : 
new offset   as all other dissectors.



these changes are all very minor and shouldnt take you very long to fix.




On 6/26/05, Chris Bontje <chrisbontje@xxxxxxx> wrote:
> All,
> 
> OK, now for round 2.  :)
> 
> I've re-written the dissector to remove the use of the flags_to_str
> functions (as per Ronnie's suggestion).  The proto_item_append_text function
> worked OK to replace the functionality offered by the older routine.
> 
> I've cleaned up a few more things in the code, added a couple more objects
> (more captures came in!), and I now have a diff to submit that was generated
> using a svn tool, against what should be (I hope, it was downloaded a few
> days ago) a current SVN tree.
> 
> Let me know if this .diff is acceptable, I'd like for this work to be
> included in the next Ethereal release.
> 
> Thanks,
> 
> Chris
> 
> ----- Original Message -----
> From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>
> Date: Tuesday, June 21, 2005 4:12 am
> Subject: [Ethereal-dev] Re: DNP3 Dissector Additions
> 
> > the patch does not apply to current svn
> > 
> > functions such as flags_to_str16() does not check for writing beyond
> > the end of the str buffer.
> > Since flags_to_str16() are only used to populate the expansion line
> > for the flag bits,
> > can you not remove it and insert a
> > if(flags&FLAG_VALUE)
> >  proto_item_append_text()
> > after each of the proto_tree_add_boolean() call instead
> > and avoid any potential buffer overflow?
> > 
> > 
> > 
> > 
> > 
> > On 6/21/05, Chris Bontje <chrisbontje@xxxxxxx> wrote:
> > > All,
> > > 
> > > Here are the additions to the DNP3 dissector as promised.  I 
> > would like to
> > > submit this patch for the next version of Ethereal.  These 
> > modifications> should be considered preliminary, here is a brief 
> > summary of what was
> > > added:
> > > 
> > > - Added Application Layer Object Decoding.  Supports IIN bits 
> > and most of
> > > the common objects & variations (Binary Inputs, Binary Outputs, 
> > Control> Relay O/P Block, Binary Counters, Analog Inputs, Class 
> > Data, Time Formats). 
> > > Support will be added for other objects/vars as captures with 
> > examples of
> > > them can be provided.
> > > 
> > > - Added support for more Application Layer function codes.  
> > Support for
> > > remaining codes will be added in as captures can be provided.
> > > 
> > > - Added UDP/IP port 20000 as a default DNP3 port (in addition to 
> > TCP/IP port
> > > 20000), as registered with regulatory bodies.
> > > 
> > > - Started re-write to support fragments with multiple DNP3-
> > frames and frames
> > > seperated between multiple fragments (both UDP & TCP).
> > > 
> > > This dissector has been tested w/ a wide varity of DNP3 SCADA 
> > captures, if
> > > there is a capture that generates errors or invalid output, 
> > please provide
> > > it so appropriate fixes can be made! :)  The same goes for any 
> > suggestions> or comments regarding the output formatting - just 
> > because I like this
> > > output doesn't mean someone else is expected to!
> > > 
> > > This diff file was created using the 'diff' util with the -u 
> > command-line
> > > switch, let me know if it is not acceptable for submission.  The 
> > testing has
> > > primarily been done on the VC6 platform, please let me know if 
> > issues are
> > > encountered w/ any *nix builds.
> > > 
> > > Thanks goes out to Graham Bloice for his invaluable assistance 
> > w/ the whole
> > > process of adding this support.
> > > 
> > > Regards,
> > > 
> > > Chris Bontje
> > > Calgary, Alberta, Canada
> > > 
> > > ----- Original Message -----
> > > From: Chris Bontje <chrisbontje@xxxxxxx>
> > > Date: Saturday, June 4, 2005 8:01 pm
> > > Subject: DNP3 Dissector Additions
> > > 
> > > > All,
> > > > 
> > > > I have recently been tinkering w/ the DNP3 dissector included 
> > in 
> > > > the latest public source release of Ethereal.
> > > > 
> > > > I've successfully added in Application Layer Decoding support 
> > for 
> > > > several objects and am planning on adding a mostly complete 
> > > > library.  So far I have added in some of the most common 
> > object 
> > > > variations for Binary Inputs, Outputs, Analog Inputs (16-bit & 
> > 32-
> > > > bit) and Binary Counters.
> > > > 
> > > > I have several Ethereal captures from various SCADA networks 
> > w/ 
> > > > DNP3 traffic and have been punishment-testing my work to the 
> > best 
> > > > of my abilities...  so far so good!
> > > > 
> > > > When I'm satisified w/ my code, I'll be certain to post my 
> > changes 
> > > > to the source tree so that they can (hopefully) be included in 
> > the 
> > > > official release.
> > > > 
> > > > Here's hoping my intermediate-level coding is clean enough to 
> > make 
> > > > it into an excellent project like Ethereal!
> > > > 
> > > > Regards,
> > > > 
> > > > Chris Bontje
> > > > Calgary, Alberta, Canada
> > > > 
> > > 
> > >
> > 
> > _______________________________________________
> > Ethereal-dev mailing list
> > Ethereal-dev@xxxxxxxxxxxx
> > http://www.ethereal.com/mailman/listinfo/ethereal-dev
> > 
> 
>