From a5b61c90bbcfcdf2b1201ebe0fefa9322c484048 Mon Sep 17 00:00:00 2001 From: Jeff Morriss Date: Fri, 9 Aug 2013 01:51:41 +0000 Subject: [PATCH 4/4] Copy over revisions from trunk: ------------------------------------------------------------------------ r51195 | martink | 2013-08-07 16:18:11 -0400 (Wed, 07 Aug 2013) | 4 lines Changed paths: M /trunk/asn1/nbap/nbap.cnf M /trunk/epan/dissectors/packet-nbap.c add a range check for dch_id this should fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9005 ------------------------------------------------------------------------ svn path=/trunk-1.8/; revision=51230 --- asn1/nbap/nbap.cnf | 3 +- epan/dissectors/packet-nbap.c | 71 +++++++++++++++++++++-------------------- 2 files changed, 38 insertions(+), 36 deletions(-) diff --git a/asn1/nbap/nbap.cnf b/asn1/nbap/nbap.cnf index 8626516..5c25a4f 100644 --- a/asn1/nbap/nbap.cnf +++ b/asn1/nbap/nbap.cnf @@ -625,7 +625,8 @@ guint32 payload_crc_value; #.FN_BODY DCH-Specific-FDD-Item/dCH-ID offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, - 0U, 255U, &dch_id, FALSE); + 0U, maxNrOfDCHs, &dch_id, FALSE); + if(g_num_dch_in_flow>0){ g_dchs_in_flow_list[g_num_dch_in_flow-1]=dch_id; nbap_dch_chnl_info[dch_id].next_dch = 0; diff --git a/epan/dissectors/packet-nbap.c b/epan/dissectors/packet-nbap.c index 3b86ac5..40eebb1 100644 --- a/epan/dissectors/packet-nbap.c +++ b/epan/dissectors/packet-nbap.c @@ -8555,7 +8555,7 @@ dissect_nbap_Additional_EDCH_RL_Specific_Information_To_Setup_List(tvbuff_t *tvb static int dissect_nbap_E_DCH_MACdFlow_ID(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 653 "../../asn1/nbap/nbap.cnf" +#line 654 "../../asn1/nbap/nbap.cnf" offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, 0U, maxNrOfEDCHMACdFlows_1, &e_dch_macdflow_id, FALSE); @@ -8569,7 +8569,7 @@ dissect_nbap_E_DCH_MACdFlow_ID(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *ac static int dissect_nbap_BindingID(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 659 "../../asn1/nbap/nbap.cnf" +#line 660 "../../asn1/nbap/nbap.cnf" tvbuff_t *parameter_tvb=NULL; offset = dissect_per_octet_string(tvb, offset, actx, tree, hf_index, @@ -10361,7 +10361,7 @@ dissect_nbap_BundlingModeIndicator(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t static int dissect_nbap_CommonTransportChannelID(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 648 "../../asn1/nbap/nbap.cnf" +#line 649 "../../asn1/nbap/nbap.cnf" offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, 0U, 255U, &commontransportchannelid, FALSE); @@ -11172,7 +11172,7 @@ dissect_nbap_Common_E_DCH_HSDPCCH_InfoItem(tvbuff_t *tvb _U_, int offset _U_, as static int dissect_nbap_CommonPhysicalChannelID(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 643 "../../asn1/nbap/nbap.cnf" +#line 644 "../../asn1/nbap/nbap.cnf" offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, 0U, 255U, &commonphysicalchannelid, FALSE); @@ -11917,7 +11917,7 @@ dissect_nbap_CommonMACFlow_Specific_InfoList(tvbuff_t *tvb _U_, int offset _U_, static int dissect_nbap_MACdPDU_Size(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1264 "../../asn1/nbap/nbap.cnf" +#line 1265 "../../asn1/nbap/nbap.cnf" offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, 1U, 5000U, &MACdPDU_Size, TRUE); @@ -14566,7 +14566,8 @@ dissect_nbap_T_dCH_ID(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, p #line 626 "../../asn1/nbap/nbap.cnf" offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, - 0U, 255U, &dch_id, FALSE); + 0U, maxNrOfDCHs, &dch_id, FALSE); + if(g_num_dch_in_flow>0){ g_dchs_in_flow_list[g_num_dch_in_flow-1]=dch_id; nbap_dch_chnl_info[dch_id].next_dch = 0; @@ -14584,7 +14585,7 @@ dissect_nbap_T_dCH_ID(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, p static int dissect_nbap_TransportFormatSet_NrOfTransportBlocks(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 994 "../../asn1/nbap/nbap.cnf" +#line 995 "../../asn1/nbap/nbap.cnf" guint32 NrOfTransportBlocks; offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, @@ -14627,7 +14628,7 @@ guint32 NrOfTransportBlocks; static int dissect_nbap_TransportFormatSet_TransportBlockSize(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1026 "../../asn1/nbap/nbap.cnf" +#line 1027 "../../asn1/nbap/nbap.cnf" guint32 TransportBlockSize; offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, @@ -14755,7 +14756,7 @@ static const per_sequence_t TransportFormatSet_DynamicPartList_item_sequence[] = static int dissect_nbap_TransportFormatSet_DynamicPartList_item(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 990 "../../asn1/nbap/nbap.cnf" +#line 991 "../../asn1/nbap/nbap.cnf" num_items++; @@ -14773,7 +14774,7 @@ static const per_sequence_t TransportFormatSet_DynamicPartList_sequence_of[1] = static int dissect_nbap_TransportFormatSet_DynamicPartList(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 987 "../../asn1/nbap/nbap.cnf" +#line 988 "../../asn1/nbap/nbap.cnf" num_items = 0; @@ -14944,7 +14945,7 @@ dissect_nbap_TransportFormatSet(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *a static int dissect_nbap_T_ul_TransportFormatSet(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 965 "../../asn1/nbap/nbap.cnf" +#line 966 "../../asn1/nbap/nbap.cnf" transportFormatSet_type = NBAP_DCH_UL; nbap_dch_chnl_info[dch_id].num_ul_chans = 0; @@ -14958,7 +14959,7 @@ dissect_nbap_T_ul_TransportFormatSet(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx static int dissect_nbap_T_dl_TransportFormatSet(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 969 "../../asn1/nbap/nbap.cnf" +#line 970 "../../asn1/nbap/nbap.cnf" transportFormatSet_type = NBAP_DCH_DL; nbap_dch_chnl_info[dch_id].num_dl_chans = 0; @@ -15008,14 +15009,14 @@ static const per_sequence_t DCH_Specific_FDD_Item_sequence[] = { static int dissect_nbap_DCH_Specific_FDD_Item(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 959 "../../asn1/nbap/nbap.cnf" +#line 960 "../../asn1/nbap/nbap.cnf" g_num_dch_in_flow++; offset = dissect_per_sequence(tvb, offset, actx, tree, hf_index, ett_nbap_DCH_Specific_FDD_Item, DCH_Specific_FDD_Item_sequence); -#line 962 "../../asn1/nbap/nbap.cnf" +#line 963 "../../asn1/nbap/nbap.cnf" prev_dch_id = dch_id; @@ -15029,7 +15030,7 @@ static const per_sequence_t DCH_Specific_FDD_InformationList_sequence_of[1] = { static int dissect_nbap_DCH_Specific_FDD_InformationList(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 955 "../../asn1/nbap/nbap.cnf" +#line 956 "../../asn1/nbap/nbap.cnf" g_num_dch_in_flow = 0; prev_dch_id = 0; @@ -15308,7 +15309,7 @@ dissect_nbap_DCH_TDD_Information(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t * static int dissect_nbap_T_dCH_ID_01(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 638 "../../asn1/nbap/nbap.cnf" +#line 639 "../../asn1/nbap/nbap.cnf" offset = dissect_nbap_DCH_ID(tvb, offset, actx, tree, hf_index); @@ -15323,7 +15324,7 @@ dissect_nbap_T_dCH_ID_01(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_ static int dissect_nbap_T_ul_TransportFormatSet_01(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 973 "../../asn1/nbap/nbap.cnf" +#line 974 "../../asn1/nbap/nbap.cnf" transportFormatSet_type = NBAP_DCH_UL; nbap_dch_chnl_info[dch_id].num_ul_chans = 0; @@ -15337,7 +15338,7 @@ dissect_nbap_T_ul_TransportFormatSet_01(tvbuff_t *tvb _U_, int offset _U_, asn1_ static int dissect_nbap_T_dl_TransportFormatSet_01(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 977 "../../asn1/nbap/nbap.cnf" +#line 978 "../../asn1/nbap/nbap.cnf" transportFormatSet_type = NBAP_DCH_DL; nbap_dch_chnl_info[dch_id].num_dl_chans = 0; @@ -17808,7 +17809,7 @@ dissect_nbap_E_DCH_HARQ_Combining_Capability(tvbuff_t *tvb _U_, int offset _U_, static int dissect_nbap_E_DCH_DDI_Value(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1254 "../../asn1/nbap/nbap.cnf" +#line 1255 "../../asn1/nbap/nbap.cnf" offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, 0U, 62U, &e_dch_ddi_value, FALSE); @@ -17942,7 +17943,7 @@ static const per_sequence_t E_DCH_LogicalChannelInformationItem_sequence[] = { static int dissect_nbap_E_DCH_LogicalChannelInformationItem(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1251 "../../asn1/nbap/nbap.cnf" +#line 1252 "../../asn1/nbap/nbap.cnf" num_items++; @@ -17959,7 +17960,7 @@ static const per_sequence_t E_DCH_LogicalChannelInformation_sequence_of[1] = { static int dissect_nbap_E_DCH_LogicalChannelInformation(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1244 "../../asn1/nbap/nbap.cnf" +#line 1245 "../../asn1/nbap/nbap.cnf" num_items = 0; offset = dissect_per_constrained_sequence_of(tvb, offset, actx, tree, hf_index, @@ -17992,7 +17993,7 @@ static const per_sequence_t E_DCH_MACdFlow_Specific_InfoItem_sequence[] = { static int dissect_nbap_E_DCH_MACdFlow_Specific_InfoItem(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1200 "../../asn1/nbap/nbap.cnf" +#line 1201 "../../asn1/nbap/nbap.cnf" umts_fp_conversation_info_t *p_conv_data = NULL; address null_addr; conversation_t *p_conv; @@ -22773,7 +22774,7 @@ static const value_string nbap_PICH_Mode_vals[] = { static int dissect_nbap_PICH_Mode(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 741 "../../asn1/nbap/nbap.cnf" +#line 742 "../../asn1/nbap/nbap.cnf" guint32 PICH_Mode = 0; offset = dissect_per_enumerated(tvb, offset, actx, tree, hf_index, 4, &PICH_Mode, TRUE, 0, NULL); @@ -22944,7 +22945,7 @@ dissect_nbap_HSDSCH_Common_System_Information_ResponseFDD(tvbuff_t *tvb _U_, int static int dissect_nbap_HSDSCH_MACdFlow_ID(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 656 "../../asn1/nbap/nbap.cnf" +#line 657 "../../asn1/nbap/nbap.cnf" offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, 0U, maxNrOfMACdFlows_1, &hsdsch_macdflow_id, FALSE); @@ -22966,7 +22967,7 @@ static const per_sequence_t HSDSCH_MACdFlow_Specific_InfoItem_sequence[] = { static int dissect_nbap_HSDSCH_MACdFlow_Specific_InfoItem(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1295 "../../asn1/nbap/nbap.cnf" +#line 1296 "../../asn1/nbap/nbap.cnf" address dst_addr; transportLayerAddress_ipv4 = 0; @@ -23069,7 +23070,7 @@ static const value_string nbap_RLC_Mode_vals[] = { static int dissect_nbap_RLC_Mode(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1273 "../../asn1/nbap/nbap.cnf" +#line 1274 "../../asn1/nbap/nbap.cnf" guint32 rlc_mode; offset = dissect_per_enumerated(tvb, offset, actx, tree, hf_index, @@ -23148,7 +23149,7 @@ dissect_nbap_HSDSCH_MACdFlows_Information(tvbuff_t *tvb _U_, int offset _U_, asn static int dissect_nbap_T_hSDSCH_Physical_Layer_Category(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1288 "../../asn1/nbap/nbap.cnf" +#line 1289 "../../asn1/nbap/nbap.cnf" guint32 hsdsch_physical_layer_category; offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, @@ -23216,7 +23217,7 @@ static const per_sequence_t HSDSCH_FDD_Information_sequence[] = { static int dissect_nbap_HSDSCH_FDD_Information(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1317 "../../asn1/nbap/nbap.cnf" +#line 1318 "../../asn1/nbap/nbap.cnf" /* * Collect the information about the HSDSCH MACdFlows set up conversation(s) and set the conversation data. */ @@ -27860,7 +27861,7 @@ dissect_nbap_RACH_SubChannelNumbers(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_ static int dissect_nbap_T_dCH_id(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1052 "../../asn1/nbap/nbap.cnf" +#line 1053 "../../asn1/nbap/nbap.cnf" offset = dissect_nbap_DCH_ID(tvb, offset, actx, tree, hf_index); @@ -27882,7 +27883,7 @@ static const per_sequence_t RL_Specific_DCH_Info_Item_sequence[] = { static int dissect_nbap_RL_Specific_DCH_Info_Item(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1057 "../../asn1/nbap/nbap.cnf" +#line 1058 "../../asn1/nbap/nbap.cnf" address dst_addr, null_addr; conversation_t *conversation = NULL; umts_fp_conversation_info_t *umts_fp_conversation_info; @@ -28004,7 +28005,7 @@ static const per_sequence_t RL_Specific_E_DCH_Information_Item_sequence[] = { static int dissect_nbap_RL_Specific_E_DCH_Information_Item(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1147 "../../asn1/nbap/nbap.cnf" +#line 1148 "../../asn1/nbap/nbap.cnf" address dst_addr, null_addr; conversation_t *conversation; umts_fp_conversation_info_t *umts_fp_conversation_info; @@ -31512,7 +31513,7 @@ static const per_sequence_t FACH_ParametersItem_CTCH_SetupRqstFDD_sequence[] = { static int dissect_nbap_FACH_ParametersItem_CTCH_SetupRqstFDD(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 863 "../../asn1/nbap/nbap.cnf" +#line 864 "../../asn1/nbap/nbap.cnf" address dst_addr, null_addr; conversation_t *conversation; @@ -31629,7 +31630,7 @@ dissect_nbap_FACH_ParametersListIE_CTCH_SetupRqstFDD(tvbuff_t *tvb _U_, int offs static int dissect_nbap_T_transportFormatSet(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 981 "../../asn1/nbap/nbap.cnf" +#line 982 "../../asn1/nbap/nbap.cnf" transportFormatSet_type = NBAP_PCH; nbap_dch_chnl_info[commontransportchannelid].num_dl_chans = 0; nbap_dch_chnl_info[commontransportchannelid].num_ul_chans = 0; @@ -31674,7 +31675,7 @@ static const per_sequence_t PCH_ParametersItem_CTCH_SetupRqstFDD_sequence[] = { static int dissect_nbap_PCH_ParametersItem_CTCH_SetupRqstFDD(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 762 "../../asn1/nbap/nbap.cnf" +#line 763 "../../asn1/nbap/nbap.cnf" address dst_addr, null_addr; conversation_t *conversation; @@ -31811,7 +31812,7 @@ static const per_sequence_t RACH_ParametersItem_CTCH_SetupRqstFDD_sequence[] = { static int dissect_nbap_RACH_ParametersItem_CTCH_SetupRqstFDD(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 674 "../../asn1/nbap/nbap.cnf" +#line 675 "../../asn1/nbap/nbap.cnf" address dst_addr, null_addr; conversation_t *conversation; umts_fp_conversation_info_t *umts_fp_conversation_info; -- 1.7.10.4