https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8004
--- Comment #3 from Vineeth <vineethvijaysv@xxxxxxxxx> 2012-11-21 01:31:17 PST ---
(In reply to comment #2)
> It looks to me like there is
> Frame 1
> Transaction Capabilities Application Part
>
> 0000 67 2c 49 04 28 0d 00 01 6b 24 28 22 06 07 00 11 g,I.(...k$("....
> 0010 86 05 01 01 01 a0 17 64 15 80 01 00 be 10 28 0e .......d......(.
> 0020 06 07 04 00 00 01 01 01 01 a0 03 a4 01 80 ..............
>
> The last byte 0x80 is map-userAbort (CHOICE tag 4)
>
> MAP-DialoguePDU ::= CHOICE {
> map-open [0] MAP-OpenInfo,
> map-accept [1] MAP-AcceptInfo,
> map-close [2] MAP-CloseInfo,
> map-refuse [3] MAP-RefuseInfo,
> map-userAbort [4] MAP-UserAbortInfo,
> map-providerAbort [5] MAP-ProviderAbortInfo}
>
> MAP-UserAbortInfo is missing from the buffer.
I think the packet is complete. Its last 5 digit should be decoded as:
0xa0 -> MAP-Dialogue-PDU
0x03 -> length: 3 bytes
0xa4 -> map-UserAbortInfo
0x01 -> length: 1 byte
0x80 -> userSpecificReason
The decode itself is happening fine if following changes are made in
packet-ber.c, but the residual buffer (which doesn't exist) is attempted to be
decoded as GSM-MAP decoder, and an exception for packet limitation occurs :(
@@ -1147,7 +1146,7 @@
THROW(ReportedBoundsError);
}
- oct = (tvb_length(tvb) == 1)?0:tvb_get_guint8(tvb, offset);
+ oct = tvb_get_guint8(tvb, offset);
offset += 1;
if(!(oct&0x80)) {
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.