Wireshark-bugs: [Wireshark-bugs] [Bug 1669] New: bacapp.c: Wrong decoding of BACnet ComplexACK t

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 28 Jun 2007 08:00:14 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1669

           Summary: bacapp.c: Wrong decoding of BACnet ComplexACK to
                    readProperty
           Product: Wireshark
           Version: 0.99.5
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: Medium
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: rudolf.weidmann@xxxxxxxxxxx


Build Information:
wireshark 0.99.5 (SVN Rev 20677)

Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.10.7, with GLib 2.12.7, with WinPcap (version unknown),
with libz 1.2.3, with libpcre 6.4, with Net-SNMP 5.4, with ADNS, with Lua 5.1,
with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT Kerberos, with PortAudio
PortAudio V19-devel, with AirPcap.

Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0
(packet.dll version 4.0.0.755), based on libpcap version 0.9.5, without
AirPcap.


Built using Microsoft Visual C++ 6.0 build 8804
--
The capture of BACnet ComplexAck of a ReadProperty for properties member-of and
zone-members seems to be decoded incorrect.

The resolution of BACnet AbstractSyntax&Type for properties of type
BACnetDeviceObjectReference seems not to be correct. The same coding sequence
is interpreted twice, first correctly as BACnetObjectIdentifier and second as
BACnetPropertyIdentifier.

Probable solution:
The following code snippet shows a part out of bacapp.c where this decoding is
done. Might there be a missing "offset =" next to fDeviceObjectReference (tvb,
tree, offset) to update the actual offset?

static guint
fAbstractSyntaxNType (tvbuff_t *tvb, proto_tree *tree, guint offset)
{
        .
        .
        while ((tvb_length_remaining(tvb, offset) > 0)&&(offset>lastoffset)) { 
/* exit loop if nothing happens inside */
                lastoffset = offset;
                .
                .

                /* Application Tags */
                switch (propertyIdentifier) {
                        case 2: /* BACnetActionList */
                                offset = fActionList (tvb,tree,offset);
                                break;
                        .
                        .

                        case 159: /* member-of */
                        case 165: /* zone-members */
---->                           fDeviceObjectReference (tvb, tree, offset);     
                                break;
                        .
                        .

                }
        }
}


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.