Ethereal-dev: Re: [Ethereal-dev] Possible etherreal bug
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Guy Harris <gharris@xxxxxxxxx>
Date: Tue, 15 Jan 2002 02:13:52 -0800
On Mon, Jan 14, 2002 at 06:37:25PM +0900, Sapariya Manish wrote: > I dont know whether this is the correct place to report/discuss a bug, It is; see the "How to Report a Bug" section of the README file in the Ethereal source tree. > I am working on BGP4 and have one capture file which I think ethereal > is not interpreting properly. Yes, there's a bug in the BGP dissector; I've checked in a fix. I've attached to this mail a patch for the change I checked in.
Index: packet-bgp.c
===================================================================
RCS file: /usr/local/cvsroot/ethereal/packet-bgp.c,v
retrieving revision 1.50
diff -c -r1.50 packet-bgp.c
*** packet-bgp.c 2001/12/10 00:25:26 1.50
--- packet-bgp.c 2002/01/15 10:11:49
***************
*** 840,849 ****
"bytes");
break;
case BGPTYPE_AS_PATH:
! /* (o + i + 3) =
! (o + current attribute + 3 bytes to first tuple) */
! end = o + alen + i + 3;
! q = o + i + 3;
/* must be freed by second switch! */
/* "alen * 6" (5 digits + space) should be a good estimate
of how long the AS path string could be */
--- 840,849 ----
"bytes");
break;
case BGPTYPE_AS_PATH:
! /* (o + i + aoff) =
! (o + current attribute + aoff bytes to first tuple) */
! q = o + i + aoff;
! end = q + alen;
/* must be freed by second switch! */
/* "alen * 6" (5 digits + space) should be a good estimate
of how long the AS path string could be */
***************
*** 950,959 ****
if (alen % 4 != 0)
goto default_attribute_top;
! /* (o + i + 3) =
! (o + current attribute + 3 bytes to first tuple) */
! end = o + alen + i + 3;
! q = o + i + 3;
/* must be freed by second switch! */
/* "alen * 12" (5 digits, a :, 5 digits + space ) should be
a good estimate of how long the communities string could
--- 950,959 ----
if (alen % 4 != 0)
goto default_attribute_top;
! /* (o + i + aoff) =
! (o + current attribute + aoff bytes to first tuple) */
! q = o + i + aoff;
! end = q + alen;
/* must be freed by second switch! */
/* "alen * 12" (5 digits, a :, 5 digits + space ) should be
a good estimate of how long the communities string could
***************
*** 1004,1013 ****
if (alen % 4 != 0)
goto default_attribute_top;
! /* (o + i + 3) =
! (o + current attribute + 3 bytes to first tuple) */
! end = o + alen + i + 3;
! q = o + i + 3;
/* must be freed by second switch! */
/* "alen * 16" (12 digits, 3 dots + space ) should be
a good estimate of how long the cluster_list string could
--- 1004,1013 ----
if (alen % 4 != 0)
goto default_attribute_top;
! /* (o + i + aoff) =
! (o + current attribute + aoff bytes to first tuple) */
! q = o + i + aoff;
! end = q + alen;
/* must be freed by second switch! */
/* "alen * 16" (12 digits, 3 dots + space ) should be
a good estimate of how long the cluster_list string could
***************
*** 1036,1060 ****
case BGPTYPE_EXTENDED_COMMUNITY:
if (alen %8 != 0)
goto default_attribute_top;
! q = o + i + aoff ;
! end = o + i + aoff + alen ;
! ext_com_str = malloc((alen / 8)*MAX_SIZE_OF_EXT_COM_NAMES) ;
! if (ext_com_str == NULL) break ;
! ext_com_str[0] = '\0' ;
while (q < end) {
! ext_com = tvb_get_ntohs(tvb,q) ;
snprintf(junk_buf, sizeof(junk_buf), "%s", val_to_str(ext_com,bgpext_com_type,"Unknown"));
! strncat(ext_com_str,junk_buf,sizeof(junk_buf));
! q = q + 8 ;
! if (q<end) strncat(ext_com_str,",",1);
}
ti = proto_tree_add_text(subtree,tvb,o+i,alen+aoff,
"%s : %s (%u %s)",
val_to_str(bgpa.bgpa_type,bgpattr_type,"Unknown"),
ext_com_str,
alen,
! (alen ==1 ) ? "byte" : "bytes");
! free(ext_com_str) ;
break;
default:
--- 1036,1063 ----
case BGPTYPE_EXTENDED_COMMUNITY:
if (alen %8 != 0)
goto default_attribute_top;
!
! /* (o + i + aoff) =
! (o + current attribute + aoff bytes to first tuple) */
! q = o + i + aoff;
! end = q + alen;
! ext_com_str = malloc((alen / 8)*MAX_SIZE_OF_EXT_COM_NAMES);
! if (ext_com_str == NULL) break;
! ext_com_str[0] = '\0';
while (q < end) {
! ext_com = tvb_get_ntohs(tvb, q);
snprintf(junk_buf, sizeof(junk_buf), "%s", val_to_str(ext_com,bgpext_com_type,"Unknown"));
! strncat(ext_com_str, junk_buf, sizeof(junk_buf));
! q = q + 8;
! if (q < end) strncat(ext_com_str, ",", 1);
}
ti = proto_tree_add_text(subtree,tvb,o+i,alen+aoff,
"%s : %s (%u %s)",
val_to_str(bgpa.bgpa_type,bgpattr_type,"Unknown"),
ext_com_str,
alen,
! (alen == 1) ? "byte" : "bytes");
! free(ext_com_str);
break;
default:
***************
*** 1152,1161 ****
"AS path: %s", as_path_str);
as_paths_tree = proto_item_add_subtree(ti, ett_bgp_as_paths);
! /* (o + i + 3) =
! (o + current attribute + 3 bytes to first tuple) */
! end = o + alen + i + 3;
><MANGLED_ON_PURPOSE.12810 ! q = o + i + 3;
/* snarf each AS path tuple, we have to step through each one
again to make a separate subtree so we can't just reuse
--- 1155,1164 ----
"AS path: %s", as_path_str);
as_paths_tree = proto_item_add_subtree(ti, ett_bgp_as_paths);
! /* (o + i + aoff) =
! (o + current attribute + aoff bytes to first tuple) */
! q = o + i + aoff;
! end = q + alen;
/* snarf each AS path tuple, we have to step through each one
again to make a separate subtree so we can't just reuse
***************
*** 1293,1302 ****
communities_tree = proto_item_add_subtree(ti,
ett_bgp_communities);
! /* (o + i + 3) =
! (o + current attribute + 3 bytes to first tuple) */
! end = o + alen + i + 3;
! q = o + i + 3;
/* snarf each community */
while (q < end) {
--- 1296,1305 ----
communities_tree = proto_item_add_subtree(ti,
ett_bgp_communities);
! /* (o + i + aoff) =
! (o + current attribute + aoff bytes to first tuple) */
! q = o + i + aoff;
! end = q + alen;
/* snarf each community */
while (q < end) {
***************
*** 1468,1477 ****
cluster_list_tree = proto_item_add_subtree(ti,
ett_bgp_cluster_list);
! /* (p + i + 3) =
! (p + current attribute + 3 bytes to first tuple) */
! end = o + alen + i + 3;
! q = o + i + 3;
/* snarf each cluster identifier */
while (q < end) {
--- 1471,1480 ----
cluster_list_tree = proto_item_add_subtree(ti,
ett_bgp_cluster_list);
><MANGLED_ON_PURPOSE.12811
! /* (o + i + aoff) =
! (o + current attribute + aoff bytes to first tuple) */
! q = o + i + aoff;
! end = q + alen;
/* snarf each cluster identifier */
while (q < end) {
This message has been 'sanitized'. This means that potentially
dangerous content has been rewritten or removed. The following
log describes which actions were taken.
Sanitizer (start="1011089639"):
Part (pos="1539"):
SanitizeFile (filename="unnamed.txt", mimetype="text/plain"):
Match (rule="2"):
Enforced policy: accept
Part (pos="2098"):
SanitizeFile (filename="patch", mimetype="text/plain"):
Match (rule="default"):
Enforced policy: accept
Split really long tag (over 2k):
>>_end) strncat(ext_com_str ... end = o + alen + i + 3;<<
Split really long tag (over 2k):
>>_MANGLED_ON_PURPOSE.12810 ... , ett_bgp_cluster_list);<<
Total modifications so far: 2
Anomy 0.0.0 : Sanitizer.pm
$Id: Sanitizer.pm,v 1.32 2001/10/11 19:27:15 bre Exp $
- References:
- [Ethereal-dev] Possible etherreal bug
- From: Sapariya Manish
- [Ethereal-dev] Possible etherreal bug
- Prev by Date: Re: [Ethereal-dev] nfs : patch to snoop fhandle to filenames
- Next by Date: [Ethereal-dev] Ethereal 0.9.0 fails to build on Solaris 8 IA32
- Previous by thread: [Ethereal-dev] Possible etherreal bug
- Next by thread: [Ethereal-dev] Ethereal 0.9.0 fails to build on Solaris 8 IA32
- Index(es):