Wireshark-bugs: [Wireshark-bugs] [Bug 3946] New: Incorrect station identifier parsing in Kingfis

Date: Wed, 26 Aug 2009 03:47:13 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3946

           Summary: Incorrect station identifier parsing in Kingfisher
                    dissector
           Product: Wireshark
           Version: 1.2.1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: robc@xxxxxxxxxxxxxxxxx



Rob Casey <robc@xxxxxxxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #3571|                            |review_for_checkin?
               Flag|                            |


Created an attachment (id=3571)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3571)
Patch to correct station identifier parsing in Kingfisher dissector

Build Information:
Version 1.2.1 (SVN Rev 29141)

Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.16.2, with GLib 2.20.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8,
with c-ares 1.6.0, with Lua 5.1, with GnuTLS 2.8.1, with Gcrypt 1.4.4, with MIT
Kerberos, with GeoIP, with PortAudio V19-devel (built Jul 19 2009), with
AirPcap.

Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.1
beta5
(packet.dll version 4.1.0.1452), based on libpcap version 1.0.0, GnuTLS 2.8.1,
Gcrypt 1.4.4, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 30729

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
The parsing of station identifiers in the Kingfisher packet dissector is
incorrect where 16-bit Kingfisher identifiers are employed (Kingfisher protocol
version 3).  

The errant dissection code can be found in epan/dissectors/packet-kingfisher.c:

Line 266:    if(kfp->version == 2){
Line 267:        kfp->target = tvb_get_guint8(tvb, 1);
Line 268:        kfp->from = tvb_get_guint8(tvb, 3);
Line 269:        kfp->via = tvb_get_guint8(tvb, 4);
Line 270:    } else {
Line 271:        kfp->target |= (tvb_get_guint8(tvb, 7) << 8);
Line 272:        kfp->from   |= (tvb_get_guint8(tvb, 8) << 8);
Line 273:        kfp->via    |= (tvb_get_guint8(tvb, 9) << 8);
Line 274:    }

In this dissector code, kfp->target, kfp->from and kfp->via are not assigned
with any parsed values when the bit-wise OR is performed with MSB parsed from
the protocol message.  Accordingly, the attached patch is submitted to ensure
the correct parsing of Kingfisher protocol messages where 16-bit Kingfisher
identifiers are employed.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.