Wireshark-bugs: [Wireshark-bugs] [Bug 8849] Buggy IEC104 dissector caused by commit r48958

Date: Thu, 27 Jun 2013 19:50:41 +0000

Comment # 14 on bug 8849 from
(In reply to comment #13)
> 
> Few questions:
> 1. Do the individual time fields really need to be there?  I like the
> bugfixed time correction, but I'm not sure if hour/minute/etc fields are
> necessary.
No they needn't but DayOfWeek, SU and IV flags should be kept, so I decide to
split the time structure to all fields. Here
http://www.scribd.com/doc/150049361/IEC-870-5-101-0 on page 75 is described
CP56Time2a structure. 

> 2. Does the "root item" really need to display many of the fields in it's
> subtree? Again, seems excessive.
Do you mean multiple "IEC 60870-5-104 ACPI" and "IEC 60870-5-104 ASDU" (may be 
shorten to ACPI and ASDU)? If so - yes. Each ACPI-ASDU pair represents one IEC
104 frame and one TCP packet can contain up to 12 IEC 104 frames. That is why
they are detailly described.  

> > Changed tree item "Object[<index>] value" to "IOA: <value>"
> 
> This seems to result in "duplicative trees".  Your provided traces show
> IOA: <value>
>   IOA: <value>
> 
> Can that second one be removed?  Or if the second one can be different
> fields, perhaps "Object[<index>] value" is more appropriate for the parent
> tree?
Yes it's duplicate but if someone expand ASDU tree, all IOA's numbers are
directly visible. If you look at DNS dissector output, it's the same

Queries
|_ www.foo.ba: type A, class IN
|    Name: www.foo.ba
|    Type: A (Host address)
|    Class: IN (0x0001)
|_ www.bar.fo: 
|    Name: www.bar.fo
....

Perhaps the second one may be removed. 

Jiri


You are receiving this mail because:
  • You are watching all bug changes.