Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] IEEE 802.15.4 Payload IE Handling

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Graham Bloice <graham.bloice@xxxxxxxxxxxxx>
Date: Thu, 1 Sep 2016 13:21:29 +0100


On 1 September 2016 at 13:11, Klaus Hueske <Klaus.Hueske@xxxxxxxxxxx> wrote:

Hi all,

 

happy to see that recent versions of the 802.15.4 dissector support the dissection of 802.15.4 header and payload information elements.

 

However, there seem to be some issues in the current implementation, especially for unknown payload IEs:

 

1. The call of “dissect_ieee802154_payload_ie” is after setting “payload_tvb”. This leads to the issue that dissection of the next higher protocol starts after the header information elements, not after the payload information elements.

 

2. Inside “dissect_ieee802154_payload_ie” the “offset” is not incremented in the default case, a line “offset += pie_length;” seems to be missing.

 

I attached some quick fix as a workaround for the above issues, but this would only work in cases where no encryption is used.

 

Best regards,

 

Klaus

 



Thanks for your observations, please see the wiki page on submitting patches (https://wiki.wireshark.org/Development/SubmittingPatches) for info on how to submit changes to Wireshark.

--
Graham Bloice
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube