(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-snmp.c) |
| |
| 457 | | | extern int dissect_snmp_VarBind(gboolean implicit_tag _U_, |
| 458 | | | tvbuff_t *tvb, |
| 459 | | | int offset, |
| 460 | | | asn1_ctx_t *actx, |
| 461 | | | proto_tree *tree, |
| 462 | | | int hf_index _U_) { |
| 463 | | | int seq_offset, name_offset, value_offset, value_start; |
| 464 | | | guint32 seq_len, name_len, value_len; |
| 465 | | | gint8 ber_class; |
| 466 | | | gboolean pc; |
| 467 | | | gint32 tag; |
| 468 | | | gboolean ind; |
| 469 | | | guint32* subids; |
| 470 | | | guint8* oid_bytes; |
| 471 | | | oid_info_t* oid_info = NULL; |
| 472 | | | guint oid_matched, oid_left; |
| 473 | | | proto_item *pi_name, *pi_varbind, *pi_value = NULL; |
| 474 | | | proto_tree *pt, *pt_varbind, *pt_name, *pt_value; |
| 475 | | | char label[ITEM_LABEL_LENGTH]; |
| 476 | | | char* repr = NULL; |
| 477 | | | const char* info_oid = NULL; |
| 478 | | | char* valstr; |
| 479 | | | int hfid = -1; |
| 480 | | | int min_len = 0, max_len = 0; |
| 481 | | | gboolean oid_info_is_ok; |
| 482 | | | const char* oid_string = NULL; |
| 483 | | | enum {BER_NO_ERROR, BER_WRONG_LENGTH, BER_WRONG_TAG} format_error = BER_NO_ERROR; |
| 484 | | | |
| 485 | | | seq_offset = offset; |
| 486 | | | |
| 487 | | | |
| 488 | | | offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); |
| 489 | | | offset = get_ber_length(tvb, offset, &seq_len, &ind); |
| 490 | | | |
| 491 | | | seq_len += offset - seq_offset; |
| 492 | | | |
| 493 | | | if (!pc && ber_class==BER_CLASS_UNI && tag==BER_UNI_TAG_SEQUENCE) { |
| 494 | | | proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"VarBind must be an universal class sequence"); |
| 495 | | | pt = proto_item_add_subtree(pi,ett_decoding_error); |
| 496 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "VarBind is not an universal class sequence"); |
| 497 | | | return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt); |
| 498 | | | } |
| 499 | | | |
| 500 | | | if (ind){ |
| 501 | | | proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"Indicator must be clear in VarBind"); |
| 502 | | | pt = proto_item_add_subtree(pi,ett_decoding_error); |
| 503 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "VarBind has indicator set"); |
| 504 | | | return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt); |
| 505 | | | } |
| 506 | | | |
| 507 | | | |
| 508 | | | |
| 509 | | | offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); |
| 510 | | | name_offset = offset = get_ber_length(tvb, offset, &name_len, &ind); |
| 511 | | | |
| 512 | | | if (! ( !pc && ber_class==BER_CLASS_UNI && tag==BER_UNI_TAG_OID) ) { |
| 513 | | | proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"ObjectName must be an OID in primitive encoding"); |
| 514 | | | pt = proto_item_add_subtree(pi,ett_decoding_error); |
| 515 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "ObjectName not an OID"); |
| 516 | | | return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt); |
| 517 | | | } |
| 518 | | | |
| 519 | | | if (ind){ |
| 520 | | | proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"Indicator must be clear in ObjectName"); |
| 521 | | | pt = proto_item_add_subtree(pi,ett_decoding_error); |
| 522 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "ObjectName has indicator set"); |
| 523 | | | return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt); |
| 524 | | | } |
| 525 | | | |
| 526 | | | offset += name_len; |
| 527 | | | value_start = offset; |
| 528 | | | |
| 529 | | | |
| 530 | | | offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); |
| 531 | | | value_offset = offset = get_ber_length(tvb, offset, &value_len, &ind); |
| 532 | | | |
| 533 | | | if (! (!pc) ) { |
| 534 | | | proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"the value must be in primitive encoding"); |
| 535 | | | pt = proto_item_add_subtree(pi,ett_decoding_error); |
| 536 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "value not in primitive encoding"); |
| 537 | | | return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt); |
| 538 | | | } |
| 539 | | | |
| 540 | | | |
| 541 | | | |
| 542 | | | |
| 543 | | | |
| 544 | | | |
| 545 | | | pi_varbind = proto_tree_add_text(tree,tvb,seq_offset,seq_len,"VarBind"); |
| 546 | | | pt_varbind = proto_item_add_subtree(pi_varbind,ett_varbind); |
| 547 | | | *label = '\0'; |
| 548 | | | |
| 549 | | | pi_name = proto_tree_add_item(pt_varbind,hf_snmp_objectname,tvb,name_offset,name_len,FALSE); |
| 550 | | | pt_name = proto_item_add_subtree(pi_name,ett_name); |
| 551 | | | |
| 552 | | | |
| 553 | | | oid_bytes = ep_tvb_memdup(tvb, name_offset, name_len); |
| 554 | | | oid_info = oid_get_from_encoded(oid_bytes, name_len, &subids, &oid_matched, &oid_left); |
| 555 | | | |
| 556 | | | add_oid_debug_subtree(oid_info,pt_name); |
| 557 | | | |
| 558 | | | if (subids && oid_matched+oid_left) { |
| 559 | | | oid_string = oid_subid2string(subids,oid_matched+oid_left); |
| 560 | | | } |
| 561 | | | |
| 562 | | | if (ber_class == BER_CLASS_CON) { |
| 563 | | | |
| 564 | | | proto_item* pi; |
| 565 | | | const char* note; |
| 566 | | | |
| 567 | | | if (value_len != 0) { |
| 568 | | | min_len = max_len = 0; |
| 569 | | | format_error = BER_WRONG_LENGTH; |
| 570 | | | } |
| 571 | | | |
| 572 | | | switch (tag) { |
| 573 | | | case SERR_NSO: |
| 574 | | | hfid = hf_snmp_noSuchObject; |
| 575 | | | note = "noSuchObject"; |
| 576 | | | break; |
| 577 | | | case SERR_NSI: |
| 578 | | | hfid = hf_snmp_noSuchInstance; |
| 579 | | | note = "noSuchInstance"; |
| 580 | | | break; |
| 581 | | | case SERR_EOM: |
| 582 | | | hfid = hf_snmp_endOfMibView; |
| 583 | | | note = "endOfMibView"; |
| 584 | | | break; |
| 585 | | | default: { |
| 586 | | | pi = proto_tree_add_text(pt_varbind,tvb,0,0,"Wrong tag for Error Value: expected 0, 1, or 2 but got: %d",tag); |
| 587 | | | pt = proto_item_add_subtree(pi,ett_decoding_error); |
| 588 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong tag for SNMP VarBind error value"); |
| 589 | | | return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt); |
| 590 | | | } |
| 591 | | | } |
| 592 | | | |
| 593 | | | pi = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,FALSE); |
| 594 | | | expert_add_info_format(actx->pinfo, pi, PI_RESPONSE_CODE, PI_NOTE, "%s",note); |
| 595 | | | g_strlcpy (label, note, ITEM_LABEL_LENGTH); |
| 596 | | | goto set_label; |
| 597 | | | } |
| 598 | | | |
| 599 | | | |
| 600 | | | switch (oid_info->kind) { |
| 601 | | | case OID_KIND_SCALAR: |
| 602 | | | if (oid_left == 1) { |
| 603 | | | |
| 604 | | | proto_tree_add_uint64(pt_name,hf_snmp_scalar_instance_index,tvb,name_offset,name_len,subids[oid_matched]); |
| 605 | | | oid_info_is_ok = TRUE; |
| 606 | | | goto indexing_done; |
| 607 | | | } else if (oid_left == 0) { |
| 608 | | | if (ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) { |
| 609 | | | |
| 610 | | | pi_value = proto_tree_add_item(pt_varbind,hf_snmp_unSpecified,tvb,value_offset,value_len,FALSE); |
| 611 | | | goto set_label; |
| 612 | | | } else { |
| 613 | | | proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"A scalar should have one instance sub-id this one has none"); |
| 614 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "No instance sub-id in scalar value"); |
| 615 | | | oid_info_is_ok = FALSE; |
| 616 | | | goto indexing_done; |
| 617 | | | } |
| 618 | | | } else { |
| 619 | | | proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"A scalar should have only one instance sub-id this has: %d",oid_left); |
| 620 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong number of instance sub-ids in scalar value"); |
| 621 | | | oid_info_is_ok = FALSE; |
| 622 | | | goto indexing_done; |
| 623 | | | } |
| 624 | | | break; |
Unreachable Control Flow
The highlighted code will not execute under any circumstances. This may be because of: |
|
| 625 | | | case OID_KIND_COLUMN: |
| 626 | | | if ( oid_info->parent->kind == OID_KIND_ROW) { |
| 627 | | | oid_key_t* k = oid_info->parent->key; |
| 628 | | | guint key_start = oid_matched; |
| 629 | | | guint key_len = oid_left; |
| 630 | | | oid_info_is_ok = TRUE; |
| 631 | | | |
| 632 | | | if ( key_len == 0 && ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) { |
| 633 | | | |
| 634 | | | pi_value = proto_tree_add_item(pt_varbind,hf_snmp_unSpecified,tvb,value_offset,value_len,FALSE); |
| 635 | | | goto set_label; |
| 636 | | | } |
| 637 | | | |
| 638 | | | if (k) { |
| 639 | | | for (;k;k = k->next) { |
| 640 | | | guint suboid_len; |
| 641 | | | |
| 642 | | | if (key_start >= oid_matched+oid_left) { |
| 643 | | | proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index sub-oid shorter than expected"); |
| 644 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid shorter than expected"); |
| 645 | | | oid_info_is_ok = FALSE; |
| 646 | | | goto indexing_done; |
| 647 | | | } |
| 648 | | | |
| 649 | | | switch(k->key_type) { |
| 650 | | | case OID_KEY_TYPE_WRONG: { |
| 651 | | | proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"OID instaces not handled, if you want this implemented please contact the wireshark developers"); |
| 652 | | | expert_add_info_format(actx->pinfo, pi, PI_UNDECODED, PI_WARN, "Unimplemented instance index"); |
| 653 | | | oid_info_is_ok = FALSE; |
| 654 | | | goto indexing_done; |
| 655 | | | } |
| 656 | | | case OID_KEY_TYPE_INTEGER: { |
| 657 | | | if (IS_FT_INT(k->ft_type)) {
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/ftypes/ftypes.h |
| |
69 | #define IS_FT_INT(ft) ((ft)==FT_INT8||(ft)==FT_INT16||(ft)==FT_INT24||(ft)==FT_INT32||(ft)==FT_INT64) |
| |
|
| 658 | | | proto_tree_add_int(pt_name,k->hfid,tvb,name_offset,name_len,(guint)subids[key_start]); |
| 659 | | | } else { |
| 660 | | | proto_tree_add_uint(pt_name,k->hfid,tvb,name_offset,name_len,(guint)subids[key_start]); |
| 661 | | | } |
| 662 | | | key_start++; |
| 663 | | | key_len--; |
| 664 | | | continue; |
| 665 | | | } |
| 666 | | | case OID_KEY_TYPE_IMPLIED_OID: |
| 667 | | | suboid_len = key_len; |
| 668 | | | |
| 669 | | | goto show_oid_index; |
| 670 | | | |
| 671 | | | case OID_KEY_TYPE_OID: { |
| 672 | | | guint8* suboid_buf; |
| 673 | | | guint suboid_buf_len; |
| 674 | | | guint32* suboid; |
| 675 | | | |
| 676 | | | suboid_len = subids[key_start++]; |
| 677 | | | key_len--; |
| 678 | | | |
| 679 | | | show_oid_index: |
| 680 | | | suboid = &(subids[key_start]); |
| 681 | | | |
| 682 | | | if( suboid_len == 0 ) { |
| 683 | | | proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"an index sub-oid OID cannot be 0 bytes long!"); |
| 684 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid OID with len=0"); |
| 685 | | | oid_info_is_ok = FALSE; |
| 686 | | | goto indexing_done; |
| 687 | | | } |
| 688 | | | |
| 689 | | | if( key_len < suboid_len ) { |
| 690 | | | proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index sub-oid should not be longer than remaining oid size"); |
| 691 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid longer than remaining oid size"); |
| 692 | | | oid_info_is_ok = FALSE; |
| 693 | | | goto indexing_done; |
| 694 | | | } |
| 695 | | | |
| 696 | | | suboid_buf_len = oid_subid2encoded(suboid_len, suboid, &suboid_buf); |
| 697 | | | |
| 698 | | | DISSECTOR_ASSERT(suboid_buf_len);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
117 | #define DISSECTOR_ASSERT(expression) \ |
118 | ((void) ((expression) ? (void)0 : \ |
119 | __DISSECTOR_ASSERT (expression, __FILE__, __LINE__))) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
138 | #define __DISSECTOR_ASSERT(expression, file, lineno) \ |
139 | (REPORT_DISSECTOR_BUG( \ |
140 | ep_strdup_printf("%s:%u: failed assertion \"%s\"", \ |
141 | file, lineno, __DISSECTOR_ASSERT_STRINGIFY(expression)))) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
106 | #define REPORT_DISSECTOR_BUG(message) \ |
107 | ((getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) ? \ |
108 | abort() : \ |
109 | THROW_MESSAGE(DissectorError, message)) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/exceptions.h |
| |
226 | #define THROW_MESSAGE(x, y) \ |
227 | except_throw(XCEPT_GROUP_WIRESHARK, (x), (y)) |
| |
|
| 699 | | | |
| 700 | | | proto_tree_add_oid(pt_name,k->hfid,tvb,name_offset, suboid_buf_len, suboid_buf); |
| 701 | | | |
| 702 | | | key_start += suboid_len; |
| 703 | | | key_len -= suboid_len + 1; |
| 704 | | | continue; |
| 705 | | | } |
| 706 | | | default: { |
| 707 | | | guint8* buf; |
| 708 | | | guint buf_len; |
| 709 | | | guint32* suboid; |
| 710 | | | guint i; |
| 711 | | | |
| 712 | | | |
| 713 | | | switch (k->key_type) { |
| 714 | | | case OID_KEY_TYPE_IPADDR: |
| 715 | | | suboid = &(subids[key_start]); |
| 716 | | | buf_len = 4; |
| 717 | | | break; |
| 718 | | | case OID_KEY_TYPE_IMPLIED_STRING: |
| 719 | | | case OID_KEY_TYPE_IMPLIED_BYTES: |
| 720 | | | case OID_KEY_TYPE_ETHER: |
| 721 | | | suboid = &(subids[key_start]); |
| 722 | | | buf_len = key_len; |
| 723 | | | break; |
| 724 | | | default: |
| 725 | | | buf_len = k->num_subids; |
| 726 | | | suboid = &(subids[key_start]); |
| 727 | | | |
| 728 | | | if(!buf_len) { |
| 729 | | | buf_len = *suboid++; |
| 730 | | | key_len--; |
| 731 | | | key_start++; |
| 732 | | | } |
| 733 | | | break; |
| 734 | | | } |
| 735 | | | |
| 736 | | | if( key_len < buf_len ) { |
| 737 | | | proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index string should not be longer than remaining oid size"); |
| 738 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index string longer than remaining oid size"); |
| 739 | | | oid_info_is_ok = FALSE; |
| 740 | | | goto indexing_done; |
| 741 | | | } |
| 742 | | | |
| 743 | | | buf = ep_alloc(buf_len+1); |
| 744 | | | for (i = 0; i < buf_len; i++) |
| 745 | | | buf[i] = (guint8)suboid[i]; |
| 746 | | | buf[i] = '\0'; |
| 747 | | | |
| 748 | | | switch(k->key_type) { |
| 749 | | | case OID_KEY_TYPE_STRING: |
| 750 | | | case OID_KEY_TYPE_IMPLIED_STRING: |
| 751 | | | proto_tree_add_string(pt_name,k->hfid,tvb,name_offset,buf_len, buf); |
| 752 | | | break; |
| 753 | | | case OID_KEY_TYPE_BYTES: |
| 754 | | | case OID_KEY_TYPE_NSAP: |
| 755 | | | case OID_KEY_TYPE_IMPLIED_BYTES: |
| 756 | | | proto_tree_add_bytes(pt_name,k->hfid,tvb,name_offset,buf_len, buf); |
| 757 | | | break; |
| 758 | | | case OID_KEY_TYPE_ETHER: |
| 759 | | | proto_tree_add_ether(pt_name,k->hfid,tvb,name_offset,buf_len, buf); |
| 760 | | | break; |
| 761 | | | case OID_KEY_TYPE_IPADDR: { |
| 762 | | | guint32* ipv4_p = (void*)buf; |
| 763 | | | proto_tree_add_ipv4(pt_name,k->hfid,tvb,name_offset,buf_len, *ipv4_p); |
| 764 | | | break; |
| 765 | | | default: |
| 766 | | | DISSECTOR_ASSERT_NOT_REACHED();
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
131 | #define DISSECTOR_ASSERT_NOT_REACHED() \ |
132 | (REPORT_DISSECTOR_BUG( \ |
133 | ep_strdup_printf("%s:%u: failed assertion \"DISSECTOR_ASSERT_NOT_REACHED\"", \ |
134 | __FILE__, __LINE__))) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
106 | #define REPORT_DISSECTOR_BUG(message) \ |
107 | ((getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) ? \ |
108 | abort() : \ |
109 | THROW_MESSAGE(DissectorError, message)) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/exceptions.h |
| |
226 | #define THROW_MESSAGE(x, y) \ |
227 | except_throw(XCEPT_GROUP_WIRESHARK, (x), (y)) |
| |
|
| 767 | | | break; |
| 768 | | | } |
| 769 | | | } |
| 770 | | | |
| 771 | | | key_start += buf_len; |
| 772 | | | key_len -= buf_len; |
| 773 | | | continue; |
| 774 | | | } |
| 775 | | | } |
| 776 | | | } |
| 777 | | | goto indexing_done; |
| 778 | | | } else { |
| 779 | | | proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"We do not know how to handle this OID, if you want this implemented please contact the wireshark developers"); |
| 780 | | | expert_add_info_format(actx->pinfo, pi, PI_UNDECODED, PI_WARN, "Unimplemented instance index"); |
| 781 | | | oid_info_is_ok = FALSE; |
| 782 | | | goto indexing_done; |
| 783 | | | } |
| 784 | | | } else { |
| 785 | | | proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"The COLUMS's parent is not a ROW. This is a BUG! please contact the wireshark developers."); |
| 786 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_ERROR, "COLUMS's parent is not a ROW"); |
| 787 | | | oid_info_is_ok = FALSE; |
| 788 | | | goto indexing_done; |
| 789 | | | } |
| 790 | | | default: { |
| 791 | | | |
| 792 | | | |
| 793 | | | oid_info_is_ok = FALSE; |
| 794 | | | goto indexing_done; |
| 795 | | | } |
| 796 | | | } |
| 797 | | | indexing_done: |
| 798 | | | |
| 799 | | | if (oid_info_is_ok) { |
| 800 | | | if (ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) { |
| 801 | | | pi_value = proto_tree_add_item(pt_varbind,hf_snmp_unSpecified,tvb,value_offset,value_len,FALSE); |
| 802 | | | } else { |
| 803 | | | if ((oid_info->value_type->ber_class != BER_CLASS_ANY) && |
| 804 | | | (ber_class != oid_info->value_type->ber_class)) |
| 805 | | | format_error = BER_WRONG_TAG; |
| 806 | | | |
| 807 | | | if ((oid_info->value_type->ber_tag != BER_TAG_ANY) && |
| 808 | | | (tag != oid_info->value_type->ber_tag)) |
| 809 | | | format_error = BER_WRONG_TAG; |
| 810 | | | |
| 811 | | | max_len = oid_info->value_type->max_len == -1 ? 0xffffff : oid_info->value_type->max_len; |
| 812 | | | min_len = oid_info->value_type->min_len; |
| 813 | | | |
| 814 | | | if ((int)value_len < min_len || (int)value_len > max_len) |
| 815 | | | format_error = BER_WRONG_LENGTH; |
| 816 | | | |
| 817 | | | pi_value = proto_tree_add_item(pt_varbind,oid_info->value_hfid,tvb,value_offset,value_len,FALSE); |
| 818 | | | } |
| 819 | | | } else { |
| 820 | | | switch(ber_class|(tag<<4)) { |
| 821 | | | case BER_CLASS_UNI|(BER_UNI_TAG_INTEGER<<4): |
| 822 | | | max_len = 4; min_len = 1; |
| 823 | | | if (value_len > (guint)max_len && value_len < (guint)min_len) format_error = BER_WRONG_LENGTH; |
| 824 | | | hfid = hf_snmp_integer32_value; |
| 825 | | | break; |
| 826 | | | case BER_CLASS_UNI|(BER_UNI_TAG_OCTETSTRING<<4): |
| 827 | | | hfid = hf_snmp_octetstring_value; |
| 828 | | | break; |
| 829 | | | case BER_CLASS_UNI|(BER_UNI_TAG_OID<<4): |
| 830 | | | max_len = -1; min_len = 1; |
| 831 | | | if (value_len < (guint)min_len) format_error = BER_WRONG_LENGTH; |
| 832 | | | hfid = hf_snmp_oid_value; |
| 833 | | | break; |
| 834 | | | case BER_CLASS_UNI|(BER_UNI_TAG_NULL<<4): |
| 835 | | | max_len = 0; min_len = 0; |
| 836 | | | if (value_len != 0) format_error = BER_WRONG_LENGTH; |
| 837 | | | hfid = hf_snmp_null_value; |
| 838 | | | break; |
| 839 | | | case BER_CLASS_APP: |
| 840 | | | switch(value_len) { |
| 841 | | | case 4: hfid = hf_snmp_ipv4_value; break; |
| 842 | | | case 16: hfid = hf_snmp_ipv6_value; break; |
| 843 | | | default: hfid = hf_snmp_anyaddress_value; break; |
| 844 | | | } |
| 845 | | | break; |
| 846 | | | case BER_CLASS_APP|(SNMP_U32<<4): |
| 847 | | | hfid = hf_snmp_unsigned32_value; |
| 848 | | | break; |
| 849 | | | case BER_CLASS_APP|(SNMP_GGE<<4): |
| 850 | | | hfid = hf_snmp_gauge32_value; |
| 851 | | | break; |
| 852 | | | case BER_CLASS_APP|(SNMP_CNT<<4): |
| 853 | | | hfid = hf_snmp_counter_value; |
| 854 | | | break; |
| 855 | | | case BER_CLASS_APP|(SNMP_TIT<<4): |
| 856 | | | hfid = hf_snmp_timeticks_value; |
| 857 | | | break; |
| 858 | | | case BER_CLASS_APP|(SNMP_OPQ<<4): |
| 859 | | | hfid = hf_snmp_opaque_value; |
| 860 | | | break; |
| 861 | | | case BER_CLASS_APP|(SNMP_NSP<<4): |
| 862 | | | hfid = hf_snmp_nsap_value; |
| 863 | | | break; |
| 864 | | | case BER_CLASS_APP|(SNMP_C64<<4): |
| 865 | | | hfid = hf_snmp_big_counter_value; |
| 866 | | | break; |
| 867 | | | default: |
| 868 | | | hfid = hf_snmp_unknown_value; |
| 869 | | | break; |
| 870 | | | } |
| 871 | | | |
| 872 | | | pi_value = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,FALSE); |
| 873 | | | expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Unresolved value, Missing MIB"); |
| 874 | | | oid_info_is_ok = FALSE; |
| 875 | | | } |
| 876 | | | |
| 877 | | | pt_value = proto_item_add_subtree(pi_value,ett_value); |
| 878 | | | |
| 879 | | | if (value_len > 0 && oid_string) { |
| 880 | | | tvbuff_t* sub_tvb = tvb_new_subset(tvb, value_offset, value_len, value_len); |
| 881 | | | |
| 882 | | | next_tvb_add_string(&var_list, sub_tvb, (snmp_var_in_tree) ? pt_value : NULL, value_sub_dissectors_table, oid_string); |
| 883 | | | } |
| 884 | | | |
| 885 | | | |
| 886 | | | set_label: |
| 887 | | | if (pi_value) proto_item_fill_label(pi_value->finfo, label); |
| 888 | | | |
| 889 | | | if (oid_info && oid_info->name) { |
| 890 | | | if (oid_left >= 1) { |
| 891 | | | repr = ep_strdup_printf("%s.%s (%s)", |
| 892 | | | oid_info->name, |
| 893 | | | oid_subid2string(&(subids[oid_matched]),oid_left), |
| 894 | | | oid_subid2string(subids,oid_matched+oid_left)); |
| 895 | | | info_oid = ep_strdup_printf("%s.%s", oid_info->name, |
| 896 | | | oid_subid2string(&(subids[oid_matched]),oid_left)); |
| 897 | | | } else { |
| 898 | | | repr = ep_strdup_printf("%s (%s)", |
| 899 | | | oid_info->name, |
| 900 | | | oid_subid2string(subids,oid_matched)); |
| 901 | | | info_oid = oid_info->name; |
| 902 | | | } |
| 903 | | | } else if (oid_string) { |
| 904 | | | repr = ep_strdup(oid_string); |
| 905 | | | info_oid = oid_string; |
| 906 | | | } else { |
| 907 | | | repr = ep_strdup("[Bad OID]"); |
| 908 | | | } |
| 909 | | | |
| 910 | | | valstr = strstr(label,": "); |
| 911 | | | valstr = valstr ? valstr+2 : label; |
| 912 | | | |
| 913 | | | proto_item_set_text(pi_varbind,"%s: %s",repr,valstr); |
| 914 | | | |
| 915 | | | if (display_oid && info_oid && check_col(actx->pinfo->cinfo, COL_INFO)) { |
| 916 | | | col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %s", info_oid); |
| 917 | | | } |
| 918 | | | |
| 919 | | | switch (format_error) { |
| 920 | | | case BER_WRONG_LENGTH: { |
| 921 | | | proto_tree* pt = proto_item_add_subtree(pi_value,ett_decoding_error); |
| 922 | | | proto_item* pi = proto_tree_add_text(pt,tvb,0,0,"Wrong value length: %u expecting: %u <= len <= %u", |
| 923 | | | value_len, |
| 924 | | | min_len, |
| 925 | | | max_len == -1 ? 0xFFFFFF : max_len); |
| 926 | | | pt = proto_item_add_subtree(pi,ett_decoding_error); |
| 927 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong length for SNMP VarBind/value"); |
| 928 | | | return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt); |
| 929 | | | } |
| 930 | | | case BER_WRONG_TAG: { |
| 931 | | | proto_tree* pt = proto_item_add_subtree(pi_value,ett_decoding_error); |
| 932 | | | proto_item* pi = proto_tree_add_text(pt,tvb,0,0,"Wrong class/tag for Value expected: %d,%d got: %d,%d", |
| 933 | | | oid_info->value_type->ber_class, |
| 934 | | | oid_info->value_type->ber_tag, |
| 935 | | | ber_class, |
| 936 | | | tag); |
| 937 | | | pt = proto_item_add_subtree(pi,ett_decoding_error); |
| 938 | | | expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong class/tag for SNMP VarBind/value"); |
| 939 | | | return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt); |
| 940 | | | } |
| 941 | | | default: |
| 942 | | | break; |
| 943 | | | } |
| 944 | | | |
| 945 | | | return seq_offset + seq_len; |
| 946 | | | } |
| |