From 7146999963e0e8baadf5cbe339f71836c43749bc Mon Sep 17 00:00:00 2001 From: AndersBroman Date: Tue, 19 Aug 2014 23:00:57 +0200 Subject: Use dissect_e212_imsi() to dissect IMSI Fix dissection when MCC starts in the high nibble. Replace deprecated APIs Change-Id: Ic08a1db9ee7ebb535bf7914191807304e9f88981 Reviewed-on: https://code.wireshark.org/review/3736 Reviewed-by: Anders Broman --- epan/dissectors/packet-e212.c | 94 +++++++++++++++++++++++++++++++++++++++- epan/dissectors/packet-nas_eps.c | 56 +++--------------------- 2 files changed, 100 insertions(+), 50 deletions(-) diff --git a/epan/dissectors/packet-e212.c b/epan/dissectors/packet-e212.c index 30a07aa52a..c23027d362 100644 --- a/epan/dissectors/packet-e212.c +++ b/epan/dissectors/packet-e212.c @@ -2783,6 +2783,94 @@ dissect_e212_mcc_mnc_in_address(tvbuff_t *tvb, packet_info *pinfo, proto_tree *t return 5; } +/* + * MNC of length 2: + * + * 8 7 6 5 4 3 2 1 + * +---+---+---+---+---+---+---+---+ + * | MCC digit 1 | Other data | octet x + * +---------------+---------------+ + * | MNC digit 1 | MCC digit 2 | octet x+1 + * +---------------+---------------+ + * | MNC digit 3 | MNC digit 2 | octet x+2 + * +---------------+---------------+ + * + * MNC of length 3: + * + * 8 7 6 5 4 3 2 1 + * +---+---+---+---+---+---+---+---+ + * | MCC digit 1 | Other data | octet x + * +---------------+---------------+ + * | MCC digit 3 | MCC digit 2 | octet x+1 + * +---------------+---------------+ + * | MNC digit 2 | MNC digit 1 | octet x+2 + * +---------------+---------------+ + * | ..... | MNC digit 3 | octet x+3 + * +---------------+---------------+ + */ +static int +dissect_e212_mcc_mnc_high_nibble(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset) +{ + + guint32 start_offset; + guint8 octet; + guint16 mcc, mnc; + guint8 mcc1, mcc2, mcc3, mnc1, mnc2, mnc3; + proto_item *item; + gboolean long_mnc; + + long_mnc = FALSE; + start_offset = offset; + + /* MCC digits 1 */ + octet = tvb_get_guint8(tvb,offset); + mcc1 = octet >> 4; + offset++; + + /* MCC digits 1 and 2 */ + octet = tvb_get_guint8(tvb,offset); + mcc2 = octet & 0x0f; + mcc3 = octet >> 4; + offset++; + + /* MNC digit 1 and MNC digit 2 */ + octet = tvb_get_guint8(tvb,offset); + mnc1 = octet & 0x0f; + mnc2 = octet >> 4; + offset++; + + /* MNC digits 3 */ + octet = tvb_get_guint8(tvb,offset); + mnc3 = octet & 0x0f; + + mcc = 100 * mcc1 + 10 * mcc2 + mcc3; + mnc = 10 * mnc1 + mnc2; + + /* Try to match the MCC and 2 digits MNC with an entry in our list of operators */ + if (!try_val_to_str_ext(mcc * 1000 + 10 * mnc, &mcc_mnc_codes_ext)) { + mnc = 10 * mnc + mnc3; + long_mnc = TRUE; + } + + item = proto_tree_add_uint(tree, hf_E212_mcc , tvb, start_offset, 2, mcc ); + + if (long_mnc) + item = proto_tree_add_uint_format_value(tree, hf_E212_mnc , tvb, start_offset + 1, 2, mnc, + "%s (%03u)", + val_to_str_ext_const(mcc * 1000 + mnc, &mcc_mnc_codes_ext, "Unknown"), + mnc); + else + item = proto_tree_add_uint_format_value(tree, hf_E212_mnc , tvb, start_offset + 1, 2, mnc, + "%s (%02u)", + val_to_str_ext_const(mcc * 1000 + 10 * mnc, &mcc_mnc_codes_ext, "Unknown"), + mnc); + + if (long_mnc) + return 7; + else + return 5; + +} const gchar * dissect_e212_imsi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, int length, gboolean skip_first) { @@ -2799,7 +2887,11 @@ dissect_e212_imsi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offse subtree = proto_item_add_subtree(item, ett_e212_imsi); - dissect_e212_mcc_mnc_in_address(tvb, pinfo, subtree, offset); + if(skip_first){ + dissect_e212_mcc_mnc_high_nibble(tvb, pinfo, subtree, offset); + }else{ + dissect_e212_mcc_mnc_in_address(tvb, pinfo, subtree, offset); + } return imsi_str; } diff --git a/epan/dissectors/packet-nas_eps.c b/epan/dissectors/packet-nas_eps.c index 8ad5e7fbf4..c21e4db532 100644 --- a/epan/dissectors/packet-nas_eps.c +++ b/epan/dissectors/packet-nas_eps.c @@ -1009,47 +1009,6 @@ static const value_string nas_eps_emm_eps_att_type_vals[] = { /* * 9.9.3.12 EPS mobile identity */ -static char * -unpack_eps_mid_digits(tvbuff_t *tvb) { - - int length; - guint8 octet; - int i = 0; - int offset = 0; - char *digit_str; - - length = tvb_length(tvb); - - digit_str = (char *)wmem_alloc(wmem_packet_scope(), length*2); - - /* Get identity digit 1 */ - octet = tvb_get_guint8(tvb,offset); - digit_str[i++] = (((octet>>4) & 0x0f) + '0'); - offset++; - - /* Loop on following octets to retrieve other identity digits */ - while ( offset < length ) { - - octet = tvb_get_guint8(tvb,offset); - digit_str[i] = ((octet & 0x0f) + '0'); - i++; - - /* - * unpack second value in byte - */ - octet = octet >> 4; - - if (octet == 0x0f) /* odd number bytes - hit filler */ - break; - - digit_str[i] = ((octet & 0x0f) + '0'); - i++; - offset++; - - } - digit_str[i]= '\0'; - return digit_str; -} static const value_string nas_eps_emm_type_of_id_vals[] = { { 0, "reserved"}, @@ -1069,7 +1028,7 @@ de_emm_eps_mid(tvbuff_t *tvb, proto_tree *tree, packet_info *pinfo, { guint32 curr_offset; guint8 octet; - char *digit_str; + const char *digit_str; tvbuff_t *new_tvb; curr_offset = offset; @@ -1082,13 +1041,12 @@ de_emm_eps_mid(tvbuff_t *tvb, proto_tree *tree, packet_info *pinfo, case 1: /* IMSI */ new_tvb = tvb_new_subset_length(tvb, curr_offset, len); - digit_str = unpack_eps_mid_digits(new_tvb); - proto_tree_add_string(tree, hf_nas_eps_emm_imsi, new_tvb, 0, -1, digit_str); + dissect_e212_imsi(new_tvb, pinfo, tree, 0, len, TRUE); break; case 3: /* IMEI */ new_tvb = tvb_new_subset_length(tvb, curr_offset, len); - digit_str = unpack_eps_mid_digits(new_tvb); + digit_str = tvb_bcd_dig_to_wmem_packet_str(new_tvb, 0, len, NULL, TRUE); proto_tree_add_string(tree, hf_nas_eps_emm_imei, new_tvb, 0, -1, digit_str); break; case 6: @@ -4671,7 +4629,7 @@ disect_nas_eps_esm_msg(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int void (*msg_fcn_p)(tvbuff_t *tvb, proto_tree *tree, packet_info *pinfo, guint32 offset, guint len); guint8 oct; - len = tvb_length(tvb); + len = tvb_reported_length(tvb); /* * EPS bearer identity 9.3.2 */ @@ -4736,7 +4694,7 @@ dissect_nas_eps_emm_msg(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int void (*msg_fcn_p)(tvbuff_t *tvb, proto_tree *tree, packet_info *pinfo, guint32 offset, guint len); guint8 security_header_type, oct; - len = tvb_length(tvb); + len = tvb_reported_length(tvb); /* 9.3.1 Security header type */ if (second_header) { @@ -4820,7 +4778,7 @@ dissect_nas_eps_plain(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) /* Protocol discriminator Protocol discriminator 9.2 M V 1/2 */ proto_tree_add_item(nas_eps_tree, hf_gsm_a_L3_protocol_discriminator, tvb, 0, 1, ENC_BIG_ENDIAN); offset++; - nas_emm_service_req(tvb, nas_eps_tree, pinfo, offset, tvb_length(tvb)-offset); + nas_emm_service_req(tvb, nas_eps_tree, pinfo, offset, tvb_reported_length(tvb)-offset); return; } @@ -4897,7 +4855,7 @@ dissect_nas_eps(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) guint32 len; guint32 msg_auth_code; - len = tvb_length(tvb); + len = tvb_reported_length(tvb); /* The protected NAS message header is 6 octets long, and the NAS message header is at least 2 octets long. */ /* If the length of the tvbuffer is less than 8 octets, we can safely conclude the message is not protected. */ if (len < 8) { -- cgit v1.2.1