Re: patching ASN.1 dissectors

[Pascal Quantin <pascal.quantin () gmail com>]

Le jeu. 31 janv. 2019 à 14:56, Dario Lombardo <lomato () gmail com> a écrit :

> Sure you may.
> I started from bug
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464.
> In dissect_UniDialoguePDU_PDU, the asn1_ctx context is created. But later,
> in dissect_tcap_AARQ_application_context_name, actx->value_ptr is casted
> and used.
> I figured out that the right way to patch the code was to init the
> asn1_ctx with a proper value_ptr, when created.

It is already properly initialized: the dissect_UniDialoguePDU_PDU calls
asn1_ctx_init() which properly sets the structure to 0.

Maybe that's not the right fix: if that's the case which patch do you
> suggest?

An exported PDU can be called from another dissector (presumably the
registered OID in this case). IMHO the right fix is to modify the tcap.cnf
file so as to check that p_tcap_private is not NULL before deferencing it
(it is properly set when decoding a TCP message thanks to the
dissect_tcap() function, but not when decoding a subset of a TCAP message
called from another dissector). This needs to be done for all instances of
p_tcap_private use.

Regards,
Pascal.


> On Thu, Jan 31, 2019 at 2:29 PM Pascal Quantin <pascal.quantin () gmail com>
> wrote:
>
> > Hi Dario,
> >
> > Le jeu. 31 janv. 2019 à 14:24, Dario Lombardo <lomato () gmail com> a
> > écrit :
> >
> > > Hi
> > > I want to fix a bug in the tcap dissector, specifically in the
> > > function dissect_UniDialoguePDU_PDU. This is a generated dissector,
> > > therefore I've looked for the generating code, but I got lost in the maze
> > > of the generation of this dissector.
> > > Any help on which code in the tree I should change for this specific
> > > function?
> >
> > This function is auto-generated by asn2wrs.py based on the EXPORTS
> > directive found in tcap.cnf.
> > May I ask you what you want to fix? I hardly see what could be buggy in
> > the function itself (all the EXPORTS functions assume that you have a byte
> > aligned buffer; if this not the case for this specific payload then the
> > EXPORTS directive should not be used and some manual code should  be
> > written in the template file instead).
> >
> > Best regards,
> > Pascal.
> >
> > ___________________________________________________________________________
> > Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> > Archives:    https://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
> >              mailto:wireshark-dev-request () wireshark org
> > ?subject=unsubscribe
>
>
>
> --
>
> Naima is online.
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
> ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe