thanks, i checked in a fix, please test.
On 12/2/05, Jonathan Arnold <jdarnold@xxxxxxxxxxxx> wrote:
> ronnie sahlberg wrote:
> > On 11/29/05, Jonathan Arnold <jdarnold@xxxxxxxxxxxx> wrote:
> >> There's a bug in the rtcp dissector, when it comes to dissecting SDES
> >> PRIV entries. In searching the site, I see that Skip Hansen posted the
> >> one line fix for this May 2003, but looking at the source code, I don't
> >> see it in there. Here is Skip's fix to packet-rtcp.c:
> >>
> >> --- snip ---
> >> proto_tree_add_string( sdes_item_tree,
> >> hf_rtcp_ssrc_prefix_string, tvb, offset, prefix_len,
> >> prefix_string );
> >> free( prefix_string );
> >> offset += prefix_len;
> >> item_len -= prefix_len + 1; /* added line */
> >> }
> >> prefix_string = ( char * ) malloc( item_len + 1 );
> >> for ( counter = 0; counter < item_len; counter++ )
> >> prefix_string[ counter ] =
> >> --- snip ---
> >>
> >> I was wondering if there is any chance of getting this fix in for the
> next
> >> release?
> >
> > there have been many many changes in the dissector since then so that
> > change does not longer apply.
>
> Strange. I downloaded the latest source from the web site, and noticed
> the problem before I even searched the mailing lists and saw Skip's
> solution.
> Basically, it isn't taking into consideration the prefix length, which is
> part
> of the SDES_PRIV "packet" when it pulls it out.
>
> Looking at the source file 'packet-rtcp.c' from today's source tarball,
> this line would need to be added after line #924:
>
> item_len -= prefix_len + 1; /* added line */
>
> > can you send an example capture that illustrates the problem?
>
> I've attached a zip file containing the "malformed" package. The PRIV SDES
> type should
> end after 51 characters, leaving it at the start of the next SDES entry,
> which is a NAME
> (0x02) type.
>
> --
> Jonathan Arnold (mailto:jdarnold@xxxxxxxxxxxx)
> Jiggle The Handle, a personal blog http://jiggle.anaze.us
>
> Procrastination is the art of keeping up with yesterday.
> - Don Marquis
>
>