date:20110920

[Wireshark-dev] Reassembling Packets need some help plz

2011-09-20 Thread Marcel Haas


Hello,

im just writeing my first dissector and i have some problems with the 
reassembling
My prtocoll contain some fields for Snode =ID ,Packetnumber and total 
packets

i get them with
snode =tvb_get_guint8(tvb,offset);offset +=1;
pnum =tvb_get_guint8(tvb,offset);offset +=1;
totalp =tvb_get_guint8(tvb,offset);

Example for a packet split into 3 :

Snode=12
pnum=1
total=3

Sonde=12
pnum=2
total=3

Snode=12
pnum=3
total=3

the packet consists of an Trans Header, a App Header and Data.
IF its fragmented only the frist packet consists auf tran,app and data
the other fragments consists only of trans and data.
For the reassembled tvb only the data are importent. the lengh of the 
trans-header r given in a field loh.
I think my fragment_add_seq_check function doesnt work right cause 
everytime i get a 0 returned

thx.

Code:
  save_fragmented = pinfo-fragmented;

if (totalp  1  pnum=totalp){//check if it has to be 
reassembled

if(pnum==1){
offset2=loh+20;// First packet, Packet with 
Tran + App Header ,App Header =20 Byte

}
else{
offset2=loh;  // Not First Packet only 
trans header

}
   if(totalp==pnum){ more_frag=FALSE;}//Total Packet == 
pnum =Last Packet set more_frags =FALSE
   else {more_frag=TRUE;}   // Not Last Packet 
=set more_frags=TRUE


msg_seqid =snode;
msg_num = pnum-1;
pinfo-fragmented = TRUE;
frag_msg = fragment_add_seq_check(tvb, offset2, pinfo,
msg_seqid, // ID for fragments belonging together
msg_fragment_table, // list of message fragments
msg_reassembled_table, // list of reassembled messages
msg_num, // fragment sequence number
tvb_length_remaining(tvb, offset2), //fragment length - 
to the end

more_frag); // More Frag

printf(%d,(int)frag_msg);// PRINTF wieder raus
new_tvb = process_reassembled_data(tvb, offset2, pinfo,
Reassembled Message, frag_msg, msg_frag_items,
NULL,nos_tree);

if (frag_msg) { // Reassembled
col_append_str(pinfo-cinfo, COL_INFO,
 (Message Reassembled));
} else { // Not last packet of reassembled Short Message
col_append_fstr(pinfo-cinfo, COL_INFO,
 (Message fragment %u), msg_num);
col_append_fstr(pinfo-cinfo, COL_INFO,
  (Frag:  %u), pinfo-fragmented);
col_append_fstr(pinfo-cinfo, COL_INFO,
   (Visit:  %u), pinfo-fd-flags.visited);
col_append_fstr(pinfo-cinfo, COL_INFO,
   (Fragmsg:  %d), (int)frag_msg);

}

if (new_tvb) { // take it all
col_append_str(pinfo-cinfo, COL_INFO,
(NEW TVB));
//offset=0;
//proto_tree_add_item(nos_tree, hf_nos_data, new_tvb, 
offset, -1, FALSE);

 next_tvb = new_tvb;
} else { // make a new subset
next_tvb = tvb_new_subset(tvb, offset2, -1, -1);
}

}

else { // Not fragmented
next_tvb = tvb_new_subset(tvb, offset2, -1, -1);
}

pinfo-fragmented = save_fragmented;


___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] OpenSafety bug - how to fix?

2011-09-20 Thread Chris Maynard

Coverity reports the following in CID 1204 against the OpenSafety dissector:

1466firstByte = ( tvb_get_guint8(message_tvb, 0)  1 );
Event missing_parentheses: !firstByte  0x40 is always 0 regardless of the
values of its operands (non-specific value). Did you intend to apply '' to
firstByte and 64? If so, parentheses would be required to force this 
interpretation.
1467if ( ( (!firstByte)  0x40 ) != 0x40 )
1468{
1469result = 
opensafety_package_dissector(openSAFETY/SercosIII, sercosiii,
1470FALSE, FALSE, message_tvb, pinfo, tree);
1471}

So, should line 1467 read something like this instead?:

1467if ( !((firstByte  0x40) == 0x40) )

Can someone with knowledge of the OpenSafety dissector confirm if this is the
right fix?

- Chris


___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] OpenSafety bug - how to fix?

2011-09-20 Thread Roland Knall

The fix is correct. Are there any other Coverty hits for openSafety,
or just the one?

Regards, Roland



Am 20.09.2011 um 15:53 schrieb Chris Maynard chris.mayn...@gtech.com:

 Coverity reports the following in CID 1204 against the OpenSafety dissector:

 1466firstByte = ( tvb_get_guint8(message_tvb, 0)  1 );
 Event missing_parentheses: !firstByte  0x40 is always 0 regardless of the
 values of its operands (non-specific value). Did you intend to apply '' to
 firstByte and 64? If so, parentheses would be required to force this
 interpretation.
 1467if ( ( (!firstByte)  0x40 ) != 0x40 )
 1468{
 1469result =
 opensafety_package_dissector(openSAFETY/SercosIII, sercosiii,
 1470FALSE, FALSE, message_tvb, pinfo, tree);
 1471}

 So, should line 1467 read something like this instead?:

 1467if ( !((firstByte  0x40) == 0x40) )

 Can someone with knowledge of the OpenSafety dissector confirm if this is the
 right fix?

 - Chris


 ___
 Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
 Archives:http://www.wireshark.org/lists/wireshark-dev
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] OpenSafety bug - how to fix?

2011-09-20 Thread Chris Maynard

Roland Knall rknall@... writes:

 
 The fix is correct. Are there any other Coverty hits for openSafety,
 or just the one?

Hi Roland,
There are 6 in total.  Besides 1204, there are these 5 more reported:

CID 1215: NULL RETURNS:
In stringToBytes(), strtok() could return NULL at line 418, but the return value
is not checked against NULL as it is in other places, even further down in the
same function at line 427.

CID 1224: SIZEOF MISMATCH (2 instances):
In dissect_opensafety_ssdo_message() at lines 932 and 951, Coverity reports, 
suspicious_sizeof: Passing argument sizeof (guint8 *) /*8*/ * payloadSize to 
function ep_alloc and then casting the return value to guint8 * is 
suspicious.

These 2 seem benign to me and can probably be ignored?

CID 1246/1247: FORWARD NULL/REVERSE INULL:
In opensafety_package_dissector(), pinfo is checked for being non-NULL at line
1374, implying that it could be NULL; yet it is passed to functions that
dereference it before checking against NULL (such as add_new_data_source() at
lines 1278 and 1284, call_dissector() at line 1370, etc.)

Can pinfo really ever be NULL?  If not, the easiest thing to do might be just to
remove the check at line 1374.


If you could submit a patch fixing all these, it would be appreciated.
Thanks,
- Chris



___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Reassembling Packets need some help plz

[Wireshark-dev] OpenSafety bug - how to fix?

Re: [Wireshark-dev] OpenSafety bug - how to fix?

Re: [Wireshark-dev] OpenSafety bug - how to fix?

4 matches

Site Navigation

Mail list logo

Footer information