Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PATCH] wireshark: can't decode callback if didn't caught CREATE_SESSION and SETCLIENTID packets before

From: fanchaoting <fanchaoting () cn fujitsu com>
Date: Mon, 14 Jan 2013 13:16:44 +0800
Guy Harris 写道:

On Jan 11, 2013, at 1:44 AM, fanchaoting <fanchaoting () cn fujitsu com> wrote:


now i found that nfs kernel use 0x40000000 as callback program number.


Which "nfs kernel"?  The one in OS X uses 0x4E465343, at least in Mountain Lion.

The NFSv4 specification (RFC 3530) does *NOT* say "0x40000000 is the callback program number", it says "There is no 
predefined RPC program number for the NFS4_CALLBACK program.", so Wireshark *MUST NOT* assume that it is 0x40000000.

It's probably OK for it to assume that it is *one of the possible* callback program numbers, although it would 
probably be better if it were to have the callback program number as a preference that defaults to 0x40000000 (which 
Solaris also appears to use), but it is *NOT* OK to get rid of the code that sets up the callback when it dissects a 
packet that gives the callback program number:



thanks , but i think maybe it have some other ways to solve this problem.



diff --git a/epan/dissectors/packet-nfs.c b/epan/dissectors/packet-nfs.c
index 63d1019..7b5ec88 100644
--- a/epan/dissectors/packet-nfs.c
+++ b/epan/dissectors/packet-nfs.c
@@ -7979,10 +7979,7 @@ dissect_nfs_cb_client4(tvbuff_t *tvb, int offset, proto_tree *tree)
{
     proto_tree *cb_location = NULL;
     proto_item *fitem = NULL;
-    int cbprog;

-    cbprog = tvb_get_ntohl(tvb, offset);
-    reg_callback(cbprog);
     offset = dissect_rpc_uint32(tvb, tree, hf_nfs_cb_program, offset);
     fitem = proto_tree_add_text(tree, tvb, offset, 0, "cb_location");

@@ -8991,7 +8988,6 @@ dissect_nfs_argop4(tvbuff_t *tvb, int offset, packet_info *pinfo,
     proto_tree *ftree = NULL;
     proto_tree *newftree = NULL;
     guint32 string_length;
-    int cbprog;
     const char *name = NULL, *source_name = NULL, *dest_name=NULL;
     const char *opname=NULL;
     guint32 last_fh_hash=0;


      ...


     if (ops > MAX_NFSV4_OPS) {
@@ -9469,8 +9469,6 @@ dissect_nfs_argop4(tvbuff_t *tvb, int offset, packet_info *pinfo,
                     offset = dissect_nfs_create_session_flags(tvb, offset, newftree, 
hf_nfs_create_session_flags_csa);
                     offset = dissect_rpc_chanattrs4(tvb, offset, newftree, "csa_fore_chan_attrs");
                     offset = dissect_rpc_chanattrs4(tvb, offset, newftree, "csa_back_chan_attrs");
-                    cbprog = tvb_get_ntohl(tvb, offset);
-                    reg_callback(cbprog);
                     offset = dissect_rpc_uint32(tvb, newftree, hf_nfs_cb_program, offset);
                     offset = dissect_rpc_secparms4(tvb, offset, newftree);
                     break;


so the changes shown above *MUST NOT* be made to the NFS dissector.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe






___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: