Ethereal-dev: [Ethereal-dev] NCP over IP problem, patch

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: David Eisner <cradle@xxxxxxxxxxxx>
Date: Wed, 11 Jul 2001 17:24:13 -0400 (EDT)
Hi.  I believe I've found a bug in packet-ncp.c, involving NCP over
IP packets.

Before I discuss the bug, let me say *thank you* for the 
README.developer and README.tvbuff files.  It made life so much
easier.  I wish other projects had such good developer documentation.

OK, now for the bug:  dissect_ncp() calls dissect_ncp_request() 
and dissect_ncp_reply() when appropriate.  These routines are passed the 
same tvbuff that dissect_ncp() receives as its first arg, and they know 
about the NCP header length.

The problem is that when the NCP packet is enclosed in an IP packet
(rather than inside an IPX packet), there are additional bytes 
of header (NCP over IP signature, length, and potentially version
and reply buffer size information).  The current code doesn't
handle this correctly.

I'm attaching a patch which fixes the problem by passing to the reply
and request dissectors a subset of the tvbuff.  The subset contains
only the NCP header.   The patch is against the 2001-07-10 nightly.

-David 


-----------------------------------------------------
David Eisner            | E-mail: cradle@xxxxxxxxxxx |
CALCE EPSC              | Phone:  301-405-5341       |
University of Maryland  | Fax:    301-314-9269       |
-----------------------------------------------------

diff -urN ethereal-2001-07-10/packet-ncp.c ethereal-2001-07-10-new/packet-ncp.c
--- ethereal-2001-07-10/packet-ncp.c	Sun Jun 17 22:17:49 2001
+++ ethereal-2001-07-10-new/packet-ncp.c	Wed Jul 11 14:13:11 2001
@@ -259,6 +259,7 @@
 	guint16				nw_connection;
 	int				hdr_offset = 0;
 	int				commhdr;
+	tvbuff_t       			*next_tvb;
 
 	if (check_col(pinfo->fd, COL_PROTOCOL))
 		col_set_str(pinfo->fd, COL_PROTOCOL, "NCP");
@@ -307,11 +308,13 @@
 
 
 	if (header.type == 0x1111 || header.type == 0x2222) {
-		dissect_ncp_request(tvb, pinfo, nw_connection,
+		next_tvb = tvb_new_subset( tvb, hdr_offset, -1, -1 );
+		dissect_ncp_request(next_tvb, pinfo, nw_connection,
 			header.sequence, header.type, ncp_tree, tree);
 	}
 	else if (header.type == 0x3333) {
-		dissect_ncp_reply(tvb, pinfo, nw_connection,
+		next_tvb = tvb_new_subset( tvb, hdr_offset, -1, -1 );
+		dissect_ncp_reply(next_tvb, pinfo, nw_connection,
 			header.sequence, ncp_tree, tree);
 	}
 	else if (	header.type == 0x5555 ||