Ethereal-dev: [Ethereal-dev] Megaco plug-in bugs ver 0.10.3

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Andrey_kotler@xxxxxxxxxxxx
Date: Mon, 19 Apr 2004 12:40:36 +0200
Hi all,

I have found two issues in MEGACO plug-in with MEGACO messages by Trillium
MEGACO stack

file paket-megaco.c in dissect_megaco_text(...) method

1. MEGACO protocol dissector doesn't determinate the MEGACO protocol if
exist some spaces before the 'MEGACO'  word or '!' symbol

line 258: next statement will be failed

     if (strncasecmp(word, "MEGACO", 6) != 0 && tvb_get_guint8(tvb, 0 ) !
= '!') return;

2. TransactionResponseAck

line 499:

      if ( transaction[20] == 'A'){

          should be

     if ( transaction[19] == 'A'){

     also may be need to correct retrieving of TransactionID...


Packet's examples

in below packet you can see one space (0x20 in third row) before MEGACO
word

0000  00 03 ba 14 5e 67 08 00 20 c2 90 88 08 00 45 00   ....^g.. .....E.
0010  00 ac 7b b9 40 00 ff 11 e3 1a 0a 14 04 41 0a 14   ..{[email protected]..
0020  04 04 0b 80 0b 80 00 98 98 e7 20 4d 45 47 41 43   .......... MEGAC
0030  4f 2f 31 0d 0a 5b 31 30 2e 32 30 2e 34 2e 36 35   O/1..[10.20.4.65
0040  5d 0d 0a 54 72 61 6e 73 61 63 74 69 6f 6e 20 3d   ]..Transaction =
0050  20 37 39 7b 43 6f 6e 74 65 78 74 20 3d 20 2d 7b    79{Context = -{
0060  53 65 72 76 69 63 65 43 68 61 6e 67 65 20 3d 20   ServiceChange =
0070  52 4f 4f 54 7b 53 65 72 76 69 63 65 73 7b 4d 65   ROOT{Services{Me
0080  74 68 6f 64 20 3d 20 44 69 73 63 6f 6e 6e 65 63   thod = Disconnec
0090  74 65 64 20 2c 20 56 65 72 73 69 6f 6e 20 3d 20   ted , Version =
00a0  31 20 2c 20 52 65 61 73 6f 6e 20 3d 20 48 65 61   1 , Reason = Hea
00b0  72 74 42 65 61 74 7d 7d 7d 7d                     rtBeat}}}}

in below packet you can see two spaces (0x20 0x20 in third row) before
MEGACO
word and also TransactionID of TerminationResponseAck

0000  00 03 ba 14 5e 67 08 00 20 c2 90 88 08 00 45 00   ....^g.. .....E.
0010  00 53 7b b8 40 00 ff 11 e3 74 0a 14 04 41 0a 14   .S{[email protected]..
0020  04 04 0b 80 0b 80 00 3f 62 58 20 20 4d 45 47 41   .......?bX  MEGA
0030  43 4f 2f 31 0d 0a 5b 31 30 2e 32 30 2e 34 2e 36   CO/1..[10.20.4.6
0040  35 5d 0d 0a 54 72 61 6e 73 61 63 74 69 6f 6e 52   5]..TransactionR
0050  65 73 70 6f 6e 73 65 41 63 6b 7b 37 38 2d 37 38   esponseAck{78-78
0060  7d                                                }


                         Thanks, Andrey