Bug ID |
10109
|
Summary |
Fix MP2T dissector reassembly
|
Classification |
Unclassified
|
Product |
Wireshark
|
Version |
Git
|
Hardware |
x86
|
OS |
All
|
Status |
UNCONFIRMED
|
Severity |
Normal
|
Priority |
Low
|
Component |
Dissection engine (libwireshark)
|
Assignee |
[email protected]
|
Reporter |
[email protected]
|
Created attachment 12762 [details]
Fix MP2T reassembly
Build Information:
Version 1.11.4 (v1.11.4-rc1-407-g2197a08 from master)
--
There are currently a few issues with mp2t reassembly.
When a subpacket is entierly contained in an MP2T packet, the frag_id is not
incremented. The consequence is that the length of the subpacket is not
calculated correctly on the second pass because mp2t_get_packet_length(). This
function will find a fragment when calling fragment_get() and return the wrong
length. The fix is to increment frag_id when we encounter such self-contained
subpacket. This prevents fragment_get() to return an invalid frag.
Secondly, if an MP2T packet contains a full subpacket and a fragment of another
one, it happens that the first subpacket contains an ethernet frame
(encapsulated in DOCSIS). This makes pinfo->{src,dst} contain an address. This
is then re-used to calculate the hash in fragment_add_check().
It is of course invalid and should be reset to NULL.
The macro SET_ADDRESS_HF() was found to be incorrect and fixed as well.
Lastly, the comment about the adaptation field control being invalid for DOCSIS
is wrong. The AFC is only invalid if it's != 1 (which means contains a payload
but no adaptation field).
The attached patch fixes all those issues.
You are receiving this mail because:
- You are watching all bug changes.