diff options
author | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2015-07-23 22:31:09 +0200 |
---|---|---|
committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2015-07-25 17:32:42 +0000 |
commit | 2874334b5993ce6ba9e40854e40f20f419ca2385 (patch) | |
tree | 95faf7e5dd22e66c534e6e29e7e7d4ef0700a40e /epan | |
parent | 38a2385222d18d6d67b04a3c5dc10d969f515943 (diff) | |
download | wireshark-2874334b5993ce6ba9e40854e40f20f419ca2385.tar.gz |
ISAKMP: The modecfg attribute type INTERNAL_IP6_ADDRESS is not decoded correctly
According to RFC7296, section 3.15.1:
"The INTERNAL_IP6_ADDRESS is made up of two fields: the first is a 16-octet IPv6 address, and the second is a one-octet prefix-length as defined in [ADDRIPV6]."
In the code, the type is declared as FT_IPv4 and the field is decoded only if it has 16 bytes. Instead, it should be declared as FT_IPv6 and the first 16 bytes should be added to the tree.
Issue reported by Andrei Cipu
Bug: 11393
Ping-Bug: 11392
Change-Id: I8dbc268e71fd6239dffa5469652345a68e0adc86
Reviewed-on: https://code.wireshark.org/review/9761
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/packet-isakmp.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/epan/dissectors/packet-isakmp.c b/epan/dissectors/packet-isakmp.c index 8e1202468b..682fc0181f 100644 --- a/epan/dissectors/packet-isakmp.c +++ b/epan/dissectors/packet-isakmp.c @@ -320,7 +320,8 @@ static int hf_isakmp_cfg_attr_internal_ip4_nbns = -1; static int hf_isakmp_cfg_attr_internal_address_expiry = -1; static int hf_isakmp_cfg_attr_internal_ip4_dhcp = -1; static int hf_isakmp_cfg_attr_application_version = -1; -static int hf_isakmp_cfg_attr_internal_ip6_address = -1; +static int hf_isakmp_cfg_attr_internal_ip6_address_ip = -1; +static int hf_isakmp_cfg_attr_internal_ip6_address_prefix = -1; static int hf_isakmp_cfg_attr_internal_ip6_netmask = -1; static int hf_isakmp_cfg_attr_internal_ip6_dns = -1; static int hf_isakmp_cfg_attr_internal_ip6_nbns = -1; @@ -4481,12 +4482,14 @@ dissect_config_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *cfg_attr case INTERNAL_IP6_ADDRESS: /* 8 */ offset_end = offset + optlen; - if (optlen%16 == 0) + if (optlen%17 == 0) { while (offset_end-offset > 0) { - proto_tree_add_item(sub_cfg_attr_type_tree, hf_isakmp_cfg_attr_internal_ip6_address, tvb, offset, 16, ENC_BIG_ENDIAN); + proto_tree_add_item(sub_cfg_attr_type_tree, hf_isakmp_cfg_attr_internal_ip6_address_ip, tvb, offset, 16, ENC_NA); offset += 16; + proto_tree_add_item(sub_cfg_attr_type_tree, hf_isakmp_cfg_attr_internal_ip6_address_prefix, tvb, offset, 1, ENC_BIG_ENDIAN); + offset += 1; } } @@ -6264,10 +6267,14 @@ proto_register_isakmp(void) { "APPLICATION VERSION", "isakmp.cfg.attr.application_version", FT_STRING, BASE_NONE, NULL, 0x00, "The version or application information of the IPsec host", HFILL }}, - { &hf_isakmp_cfg_attr_internal_ip6_address, + { &hf_isakmp_cfg_attr_internal_ip6_address_ip, { "INTERNAL IP6 ADDRESS", "isakmp.cfg.attr.internal_ip6_address", - FT_IPv4, BASE_NONE, NULL, 0x00, + FT_IPv6, BASE_NONE, NULL, 0x00, "An IPv6 address on the internal network", HFILL }}, + { &hf_isakmp_cfg_attr_internal_ip6_address_prefix, + { "INTERNAL IP6 ADDRESS (PREFIX)", "isakmp.cfg.attr.internal_ip6_address.prefix", + FT_UINT8, BASE_DEC, NULL, 0x00, + NULL, HFILL }}, { &hf_isakmp_cfg_attr_internal_ip6_netmask, { "INTERNAL IP4 NETMASK", "isakmp.cfg.attr.internal_ip6_netmask", FT_IPv6, BASE_NONE, NULL, 0x00, |