-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tim Jansen reported a bug to me concerning the SRVLOC dissector. The problem is when you have a SrvTypeRqst for all naming authorities.
RFC2608, Section 10.1 states: " If the Naming Authority string is absent, the IANA registered service types will be returned. If the length of the Naming Authority is set to 0xFFFF, the Naming Authority string is omitted and ALL Service Types are returned, regardless of Naming Authority." That chokes the current dissector, which uses the length to read the subsequent 65535 bytes, only to come up short. There is a sample capture that shows this. I have no idea how I missed this case when I did my original testing - I certainly have a SrvTypeRqst test case, but it has a length of 0 (ie, the IANA case), not 65535 (the all authorities case). The only way I can see to fix this up is to special case this. Please review the attached patch, and apply if OK. MD5 sum patch of patch: a03fc3572daa142a8c3ce7bb60efbaa1 srvloc-ffff-fix.patch Brad -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE+L7pHW6pHgIdAuOMRAiUYAJ9Z7OTxLrllJUGe+X50TpdnXEk6ywCfSHw7 PP6CKkLiQESDwYZNRmh5Xts= =Kwmb -----END PGP SIGNATURE-----
no-authority.cap
Description: Binary data
diff -Naur -x register.c -x register-static.c -x ps.c clean/ethereal-0.9.8/packet-srvloc.c ethereal-0.9.8/packet-srvloc.c
--- clean/ethereal-0.9.8/packet-srvloc.c Sat Oct 5 13:47:38 2002
+++ ethereal-0.9.8/packet-srvloc.c Thu Jan 23 18:12:33 2003
@@ -109,6 +109,7 @@
static int hf_srvloc_srvtypereq_prlistlen = -1;
static int hf_srvloc_srvtypereq_prlist = -1;
static int hf_srvloc_srvtypereq_authlistlen = -1;
+static int hf_srvloc_srvtypereq_authlistlenall = -1;
static int hf_srvloc_srvtypereq_authlist = -1;
static int hf_srvloc_srvtypereq_scopelistlen = -1;
static int hf_srvloc_srvtypereq_scopelist = -1;
@@ -884,10 +885,15 @@
proto_tree_add_item(srvloc_tree, hf_srvloc_srvtypereq_prlist, tvb, offset, length, TRUE);
offset += length;
length = tvb_get_ntohs(tvb, offset);
- proto_tree_add_uint(srvloc_tree, hf_srvloc_srvtypereq_authlistlen, tvb, offset, 2, length);
- offset += 2;
- proto_tree_add_item(srvloc_tree, hf_srvloc_srvtypereq_authlist, tvb, offset, length, TRUE);
- offset += length;
+ if (0xFFFF == length) {
+ proto_tree_add_uint(srvloc_tree, hf_srvloc_srvtypereq_authlistlenall, tvb, offset, 2, length);
+ offset += 2;
+ } else {
+ proto_tree_add_uint(srvloc_tree, hf_srvloc_srvtypereq_authlistlen, tvb, offset, 2, length);
+ offset += 2;
+ proto_tree_add_item(srvloc_tree, hf_srvloc_srvtypereq_authlist, tvb, offset, length, TRUE);
+ offset += length;
+ }
length = tvb_get_ntohs(tvb, offset);
proto_tree_add_uint(srvloc_tree, hf_srvloc_srvtypereq_scopelistlen, tvb, offset, 2, length);
offset += 2;
@@ -1270,6 +1276,10 @@
{ "Naming Authority List Length", "srvloc.srvtypereq.nameauthlistlen", FT_UINT16, BASE_DEC, NULL, 0x0,
"Length of the Naming Authority List", HFILL}
},
+ { &hf_srvloc_srvtypereq_authlistlenall,
+ { "Naming Authority List Length (All Naming Authorities)", "srvloc.srvtypereq.nameauthlistlen", FT_UINT16, BASE_DEC, NULL, 0x0,
+ "Length of the Naming Authority List", HFILL}
+ },
{ &hf_srvloc_srvtypereq_authlist,
{ "Naming Authority List", "srvloc.srvtypereq.nameauthlist", FT_STRING, BASE_DEC, NULL, 0x0,
"", HFILL}
