[Chris Bontje <chrisbontje@xxxxxxx>]

All,

OK, now for round 2.  :)

I've re-written the dissector to remove the use of the flags_to_str functions (as per Ronnie's suggestion).  The proto_item_append_text function worked OK to replace the functionality offered by the older routine.

I've cleaned up a few more things in the code, added a couple more objects (more captures came in!), and I now have a diff to submit that was generated using a svn tool, against what should be (I hope, it was downloaded a few days ago) a current SVN tree.

Let me know if this .diff is acceptable, I'd like for this work to be included in the next Ethereal release.

Thanks,

Chris

----- Original Message -----
From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>
Date: Tuesday, June 21, 2005 4:12 am
Subject: [Ethereal-dev] Re: DNP3 Dissector Additions

> the patch does not apply to current svn
> 
> functions such as flags_to_str16() does not check for writing beyond
> the end of the str buffer.
> Since flags_to_str16() are only used to populate the expansion line
> for the flag bits,
> can you not remove it and insert a
> if(flags&FLAG_VALUE)
> 	proto_item_append_text()
> after each of the proto_tree_add_boolean() call instead
> and avoid any potential buffer overflow?
> 
> 
> 
> 
> 
> On 6/21/05, Chris Bontje <chrisbontje@xxxxxxx> wrote:
> > All,
> > 
> > Here are the additions to the DNP3 dissector as promised.  I 
> would like to
> > submit this patch for the next version of Ethereal.  These 
> modifications> should be considered preliminary, here is a brief 
> summary of what was
> > added:
> > 
> > - Added Application Layer Object Decoding.  Supports IIN bits 
> and most of
> > the common objects & variations (Binary Inputs, Binary Outputs, 
> Control> Relay O/P Block, Binary Counters, Analog Inputs, Class 
> Data, Time Formats). 
> > Support will be added for other objects/vars as captures with 
> examples of
> > them can be provided.
> > 
> > - Added support for more Application Layer function codes.  
> Support for
> > remaining codes will be added in as captures can be provided.
> > 
> > - Added UDP/IP port 20000 as a default DNP3 port (in addition to 
> TCP/IP port
> > 20000), as registered with regulatory bodies.
> > 
> > - Started re-write to support fragments with multiple DNP3-
> frames and frames
> > seperated between multiple fragments (both UDP & TCP).
> > 
> > This dissector has been tested w/ a wide varity of DNP3 SCADA 
> captures, if
> > there is a capture that generates errors or invalid output, 
> please provide
> > it so appropriate fixes can be made! :)  The same goes for any 
> suggestions> or comments regarding the output formatting - just 
> because I like this
> > output doesn't mean someone else is expected to!
> > 
> > This diff file was created using the 'diff' util with the -u 
> command-line
> > switch, let me know if it is not acceptable for submission.  The 
> testing has
> > primarily been done on the VC6 platform, please let me know if 
> issues are
> > encountered w/ any *nix builds.
> > 
> > Thanks goes out to Graham Bloice for his invaluable assistance 
> w/ the whole
> > process of adding this support.
> > 
> > Regards,
> > 
> > Chris Bontje
> > Calgary, Alberta, Canada
> > 
> > ----- Original Message -----
> > From: Chris Bontje <chrisbontje@xxxxxxx>
> > Date: Saturday, June 4, 2005 8:01 pm
> > Subject: DNP3 Dissector Additions
> > 
> > > All,
> > > 
> > > I have recently been tinkering w/ the DNP3 dissector included 
> in 
> > > the latest public source release of Ethereal.
> > > 
> > > I've successfully added in Application Layer Decoding support 
> for 
> > > several objects and am planning on adding a mostly complete 
> > > library.  So far I have added in some of the most common 
> object 
> > > variations for Binary Inputs, Outputs, Analog Inputs (16-bit & 
> 32-
> > > bit) and Binary Counters.
> > > 
> > > I have several Ethereal captures from various SCADA networks 
> w/ 
> > > DNP3 traffic and have been punishment-testing my work to the 
> best 
> > > of my abilities...  so far so good!
> > > 
> > > When I'm satisified w/ my code, I'll be certain to post my 
> changes 
> > > to the source tree so that they can (hopefully) be included in 
> the 
> > > official release.
> > > 
> > > Here's hoping my intermediate-level coding is clean enough to 
> make 
> > > it into an excellent project like Ethereal!
> > > 
> > > Regards,
> > > 
> > > Chris Bontje
> > > Calgary, Alberta, Canada
> > > 
> > 
> >
> 
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>

Attachment: dnp3patch.diff
Description: Binary data