Wireshark-bugs: [Wireshark-bugs] [Bug 9622] New: sendRoutingInfoForSMResp Phase 1 decode problem

Date: Tue, 07 Jan 2014 13:17:29 +0000
Bug ID 9622
Summary sendRoutingInfoForSMResp Phase 1 decode problem (GSM MAP)
Classification Unclassified
Product Wireshark
Version unspecified
Hardware x86
OS Windows 7
Status UNCONFIRMED
Severity Normal
Priority Low
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected]

Created attachment 12432 [details]
example of decode issue

Build Information:
Version 1.11.3-SVN-54548 (SVN Rev 54548 from /trunk)

Copyright 1998-2014 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 3.4.4, with Cairo 1.10.2, with Pango 1.30.1, with
GLib 2.32.4, with WinPcap (4_1_3), with libz 1.2.5, with SMI 0.4.8, with c-ares
1.9.1, with Lua 5.1, without Python, with GnuTLS 2.12.18, with Gcrypt 1.4.6,
with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Jan  1 2014),
with AirPcap.

Running on 32-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap.
       Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz, with 3240MB of physical
memory.


Built using Microsoft Visual C++ 10.0 build 40219

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
See the wireshark dump below (which I will also attach as a pcap to the bug). 
I believe that wireshark is indicating a "BER error" incorrectly.

(*) The absence of a dialogue portion indicates that a phase 1 SRI response has
been received

(*) See here for GSM Phase 1 MAP specification (after a google on GSM Phase 1
MAP specification)
     
http://www.etsi.org/deliver/etsi_gts/09/0902/03.11.00_60/gsmts_0902sv031100p.pdf

-- Page 423: SRISM-RSP shown here:
RESULT SEQUENCE {
    imsi IMSI,
    CHOICE {
            [0] IMPLICIT SEQUENCE {
    locationInfo LocationInfo
    IMsId    LMsId OPTIONAL },
    forwardingData    [1] IMPLICIT ForwardingData },
    mwd-Set [2] IMPLICIT BOOLEAN OPTIONAL }

(*) ASN#1 definition from the wireshark source shown below
      <>/asn1/gsm_map/MAP-SM-DataTypes.asn

RoutingInfoForSM-Res ::= SEQUENCE {
    imsi            IMSI,
    locationInfoWithLMSI    [0] LocationInfoWithLMSI,
    extensionContainer  [4] ExtensionContainer  OPTIONAL,
    ...,
    ip-sm-gwGuidance    [5] IP-SM-GW-Guidance   OPTIONAL }

(*) Wireshark definition missing "forwardingData" and "mwd-Set" ??

(*) Perhaps possible to amend the wireshark ASN#1 definiton as shown ??

        CHOICE {
          locationInfoWithLMSI [0] LocationInfoWithLMSI,
          forwardingData [1] IMPLICIT ForwardingData
          },
          mwd-Set [2] BOOLEAN OPTIONAL,


-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

No.     Time        Source                Destination           Protocol Length
Info
      1 0.000000    65793                 131586                GSM MAP  162   
returnResultLast sendRoutingInfoForSM 

Frame 1: 162 bytes on wire (1296 bits), 162 bytes captured (1296 bits)
Ethernet II, Src: 0a:01:01:01:01:01 (0a:01:01:01:01:01), Dst: 0a:02:02:02:02:02
(0a:02:02:02:02:02)
Internet Protocol Version 4, Src: 10.1.1.1 (10.1.1.1), Dst: 10.2.2.2 (10.2.2.2)
Stream Control Transmission Protocol, Src Port: 4901 (4901), Dst Port: 4901
(4901)
MTP 3 User Adaptation Layer
Signalling Connection Control Part
    Message Type: Unitdata (0x09)
    .... 0000 = Class: 0x00
    1000 .... = Message handling: Return message on error (0x08)
    Pointer to first Mandatory Variable parameter: 3
    Pointer to second Mandatory Variable parameter: 14
    Pointer to third Mandatory Variable parameter: 25
    Called Party address (11 bytes)
        Address Indicator
        SubSystem Number: MSC (Mobile Switching Center) (8)
        [Linked to TCAP, TCAP SSN linked to GSM_MAP]
        Global Title 0x4 (9 bytes)
            Translation Type: 0x00
            0001 .... = Numbering Plan: ISDN/telephony (0x01)
            .... 0010 = Encoding Scheme: BCD, even number of digits (0x02)
            .000 0100 = Nature of Address Indicator: International number
(0x04)
            Called Party Digits: 353104070325
                Called or Calling GT Digits: 353104070325
                Number of Called Party Digits: 12
                Country Code: 353 Ireland (length 3)
    Calling Party address (11 bytes)
        Address Indicator
        SubSystem Number: HLR (Home Location Register) (6)
        [Linked to TCAP, TCAP SSN linked to GSM_MAP]
        Global Title 0x4 (9 bytes)
            Translation Type: 0x00
            0001 .... = Numbering Plan: ISDN/telephony (0x01)
            .... 0010 = Encoding Scheme: BCD, even number of digits (0x02)
            .000 0100 = Nature of Address Indicator: International number
(0x04)
            Calling Party Digits: 353104063593
Transaction Capabilities Application Part
    end
        Destination Transaction ID
            dtid: 0617ab1f
        components: 1 item
            Component: returnResultLast (2)
                returnResultLast
                    invokeID: 0
                    resultretres
                        opCode: localValue (0)
                            localValue: 45
                        CONSTRUCTOR
                            CONSTRUCTOR Tag
                            Tag: 0x00
                            Length: 24
                            Parameter (0x04)
                                Tag: 0x04
                                Length: 8
                            Data: 72
                            CONSTRUCTOR
                                CONSTRUCTOR Tag
                                Tag: 0x02
                                Length: 9
                                Parameter (0x01)
                                    Tag: 0x01
                                    Length: 7
                                Data: 91
                            Parameter (0x02)
                                Tag: 0x02
                                Length: 1
                            Data: 00
GSM Mobile Application
    Component: returnResultLast (2)
        returnResultLast
            invokeID: 0
            resultretres
                opCode: localValue (0)
                    localValue: sendRoutingInfoForSM (45)
                imsi: 72025116309409f6
                TBCD digits: 272015610349906
                locationInfoWithLMSI
                    networkNode-Number: 91531340301312
                        1... .... = Extension: No Extension
                        .001 .... = Nature of number: International Number
(0x01)
                        .... 0001 = Number plan: ISDN/Telephony Numbering (Rec
ITU-T E.164) (0x01)
                        Address digits: 353104033121
                        Country Code: 353 Ireland (length 3)
                BER Error: This field lies beyond the end of the known sequence
definition.
                    [Expert Info (Warn/Malformed): BER Error: Unknown field in
Sequence]

0000  0a 02 02 02 02 02 0a 01 01 01 01 01 08 00 45 00   ..............E.
0010  00 94 12 34 00 00 ff 84 91 ac 0a 01 01 01 0a 02   ...4............
0020  02 02 13 25 13 25 00 00 00 00 57 e7 75 12 00 03   ...%.%....W.u...
0030  00 74 00 00 00 00 00 00 00 00 00 00 00 03 01 00   .t..............
0040  01 01 00 00 00 64 02 10 00 5c 00 01 01 01 00 02   .....d...\......
0050  02 02 03 03 00 00 09 80 03 0e 19 0b 52 08 00 12   ............R...
0060  04 53 13 40 70 30 52 0b 12 06 00 12 04 53 13 40   [email protected].@
0070  60 53 39 2e 64 2c 49 04 06 17 ab 1f 6c 24 a2 22   `S9.d,I.....l$."
0080  02 01 00 30 1d 02 01 2d 30 18 04 08 72 02 51 16   ...0...-0...r.Q.
0090  30 94 09 f6 a0 09 81 07 91 53 13 40 30 13 12 82   0........S.@0...
00a0  01 00


You are receiving this mail because:
  • You are watching all bug changes.