/* Decode and display the PDU Burst */
static void pdu_burst_decoder(proto_tree *tree, tvbuff_t *tvb, gint offset, gint length, packet_info *pinfo, gint burst_number, gint frag_type, gint frag_number)
{
fragment_head *pdu_frag;
tvbuff_t *pdu_tvb = NULL;
/* update the info column */
switch (frag_type)
{
case TLV_FIRST_FRAG:
col_append_sep_fstr(pinfo->cinfo, COL_INFO, NULL, "First TLV Fragment (%d)", frag_number);
break;
case TLV_LAST_FRAG:
col_append_sep_fstr(pinfo->cinfo, COL_INFO, NULL, "Last TLV Fragment (%d)", frag_number);
break;
case TLV_MIDDLE_FRAG:
col_append_sep_fstr(pinfo->cinfo, COL_INFO, NULL, "Middle TLV Fragment %d", frag_number);
break;
}
if(frag_type == TLV_NO_FRAG)
{ /* not fragmented PDU */
pdu_tvb = tvb_new_subset_length(tvb, offset, length);
}
else /* fragmented PDU */
{ /* add the fragment */
pdu_frag = fragment_add_seq(&pdu_reassembly_table, tvb, offset, pinfo, burst_number, NULL, frag_number - 1, length, ((frag_type==TLV_LAST_FRAG)?0:1), 0);
if(pdu_frag && frag_type == TLV_LAST_FRAG)
{
/* create the new tvb for defragmented frame */
pdu_tvb = tvb_new_chain(tvb, pdu_frag->tvb_data);
/* add the defragmented data to the data source list */
add_new_data_source(pinfo, pdu_tvb, "Reassembled WiMax PDU Frame");
}
else
{
pdu_tvb = NULL;
if(frag_type == TLV_LAST_FRAG)
{ /* update the info column */
col_append_sep_str(pinfo->cinfo, COL_INFO, ", ", "Incomplete PDU frame");
}
}
}
/* process the defragmented PDU burst */
if(pdu_tvb)
{
if(wimax_pdu_burst_handle)
{/* decode and display PDU Burst */
call_dissector(wimax_pdu_burst_handle, pdu_tvb, pinfo, tree);
}
else /* display PDU Burst info */
{ /* update the info column */
col_append_str(pinfo->cinfo, COL_INFO, "PDU Burst");
}
}
}
/* Simple test case for fragment_add_seq.
* Adds three fragments (out of order, with one for a different datagram in between),
* and checks that they are reassembled correctly.
*/
static void test_simple_fragment_add_seq(void)
{
fragment_data *fd_head, *fdh0;
printf("Starting test test_simple_fragment_add_seq\n");
pinfo.fd->num = 1;
fd_head=fragment_add_seq(tvb, 10, &pinfo, 12, fragment_table,
0, 50, TRUE);
ASSERT_EQ(1,g_hash_table_size(fragment_table));
ASSERT_EQ(NULL,fd_head);
/* adding the same fragment again should do nothing, even with different
* offset etc */
pinfo.fd->flags.visited = 1;
fd_head=fragment_add_seq(tvb, 5, &pinfo, 12, fragment_table,
0, 60, TRUE);
ASSERT_EQ(1,g_hash_table_size(fragment_table));
ASSERT_EQ(NULL,fd_head);
/* start another pdu (just to confuse things) */
pinfo.fd->flags.visited = 0;
pinfo.fd->num = 2;
fd_head=fragment_add_seq(tvb, 15, &pinfo, 13, fragment_table,
0, 60, TRUE);
ASSERT_EQ(2,g_hash_table_size(fragment_table));
ASSERT_EQ(NULL,fd_head);
/* now we add the terminal fragment of the first datagram */
pinfo.fd->num = 3;
fd_head=fragment_add_seq(tvb, 5, &pinfo, 12, fragment_table,
2, 60, FALSE);
/* we haven't got all the fragments yet ... */
ASSERT_EQ(2,g_hash_table_size(fragment_table));
ASSERT_EQ(NULL,fd_head);
/* finally, add the missing fragment */
pinfo.fd->num = 4;
fd_head=fragment_add_seq(tvb, 15, &pinfo, 12, fragment_table,
1, 60, TRUE);
ASSERT_EQ(2,g_hash_table_size(fragment_table));
ASSERT_NE(NULL,fd_head);
/* check the contents of the structure */
ASSERT_EQ(0,fd_head->frame); /* unused */
ASSERT_EQ(0,fd_head->offset); /* unused */
ASSERT_EQ(170,fd_head->len); /* the length of data we have */
ASSERT_EQ(2,fd_head->datalen); /* seqno of the last fragment we have */
ASSERT_EQ(4,fd_head->reassembled_in);
ASSERT_EQ(FD_DEFRAGMENTED|FD_BLOCKSEQUENCE|FD_DATALEN_SET,fd_head->flags);
ASSERT_NE(NULL,fd_head->data);
ASSERT_NE(NULL,fd_head->next);
ASSERT_EQ(1,fd_head->next->frame);
ASSERT_EQ(0,fd_head->next->offset); /* seqno */
ASSERT_EQ(50,fd_head->next->len); /* segment length */
ASSERT_EQ(0,fd_head->next->flags);
ASSERT_EQ(NULL,fd_head->next->data);
ASSERT_NE(NULL,fd_head->next->next);
ASSERT_EQ(4,fd_head->next->next->frame);
ASSERT_EQ(1,fd_head->next->next->offset); /* seqno */
ASSERT_EQ(60,fd_head->next->next->len); /* segment length */
ASSERT_EQ(0,fd_head->next->next->flags);
ASSERT_EQ(NULL,fd_head->next->next->data);
ASSERT_NE(NULL,fd_head->next->next->next);
ASSERT_EQ(3,fd_head->next->next->next->frame);
ASSERT_EQ(2,fd_head->next->next->next->offset); /* seqno */
ASSERT_EQ(60,fd_head->next->next->next->len); /* segment length */
ASSERT_EQ(0,fd_head->next->next->next->flags);
ASSERT_EQ(NULL,fd_head->next->next->next->data);
ASSERT_EQ(NULL,fd_head->next->next->next->next);
/* test the actual reassembly */
ASSERT(!memcmp(fd_head->data,data+10,50));
ASSERT(!memcmp(fd_head->data+50,data+15,60));
ASSERT(!memcmp(fd_head->data+110,data+5,60));
/* what happens if we revisit the packets now? */
fdh0 = fd_head;
pinfo.fd->flags.visited = 1;
pinfo.fd->num = 1;
fd_head=fragment_add_seq(tvb, 10, &pinfo, 12, fragment_table,
0, 50, TRUE);
/*
* this api relies on the caller to check fd_head -> reassembled_in
*
* Redoing all the tests seems like overkill - just check the pointer
*/
ASSERT_EQ(fdh0,fd_head);
pinfo.fd->num = 3;
fd_head=fragment_add_seq(tvb, 5, &pinfo, 12, fragment_table,
2, 60, FALSE);
ASSERT_EQ(fdh0,fd_head);
pinfo.fd->num = 4;
fd_head=fragment_add_seq(tvb, 15, &pinfo, 12, fragment_table,
1, 60, TRUE);
ASSERT_EQ(fdh0,fd_head);
}
/* Code to actually dissect the packets */
static void
dissect_wtp_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
char *szInfo;
int offCur = 0; /* current offset from start of WTP data */
gint returned_length, str_index = 0;
unsigned char b0;
/* continuation flag */
unsigned char fCon; /* Continue flag */
unsigned char fRID; /* Re-transmission indicator*/
unsigned char fTTR = '\0'; /* Transmission trailer */
guint cbHeader = 0; /* Fixed header length */
guint vHeader = 0; /* Variable header length*/
int abortType = 0;
/* Set up structures we'll need to add the protocol subtree and manage it */
proto_item *ti = NULL;
proto_tree *wtp_tree = NULL;
char pdut;
char clsTransaction = 3;
int numMissing = 0; /* Number of missing packets in a negative ack */
int i;
tvbuff_t *wsp_tvb = NULL;
guint8 psn = 0; /* Packet sequence number*/
guint16 TID = 0; /* Transaction-Id */
int dataOffset;
gint dataLen;
#define SZINFO_SIZE 256
szInfo=(char *)wmem_alloc(wmem_packet_scope(), SZINFO_SIZE);
b0 = tvb_get_guint8 (tvb, offCur + 0);
/* Discover Concatenated PDUs */
if (b0 == 0) {
guint c_fieldlen = 0; /* Length of length-field */
guint c_pdulen = 0; /* Length of conc. PDU */
if (tree) {
ti = proto_tree_add_item(tree, proto_wtp,
tvb, offCur, 1, ENC_NA);
wtp_tree = proto_item_add_subtree(ti, ett_wtp_sub_pdu_tree);
proto_item_append_text(ti, ", PDU concatenation");
}
offCur = 1;
i = 1;
while (offCur < (int) tvb_reported_length(tvb)) {
tvbuff_t *wtp_tvb;
/* The length of an embedded WTP PDU is coded as either:
* - a 7-bit value contained in one octet with highest bit == 0.
* - a 15-bit value contained in two octets (little endian)
* if the 1st octet has its highest bit == 1.
* This means that this is NOT encoded as an uintvar-integer!!!
*/
b0 = tvb_get_guint8(tvb, offCur + 0);
if (b0 & 0x80) {
c_fieldlen = 2;
c_pdulen = ((b0 & 0x7f) << 8) | tvb_get_guint8(tvb, offCur + 1);
} else {
c_fieldlen = 1;
c_pdulen = b0;
}
if (tree) {
proto_tree_add_uint(wtp_tree, hf_wtp_header_sub_pdu_size,
tvb, offCur, c_fieldlen, c_pdulen);
}
if (i > 1) {
col_append_str(pinfo->cinfo, COL_INFO, ", ");
}
/* Skip the length field for the WTP sub-tvb */
wtp_tvb = tvb_new_subset_length(tvb, offCur + c_fieldlen, c_pdulen);
dissect_wtp_common(wtp_tvb, pinfo, wtp_tree);
offCur += c_fieldlen + c_pdulen;
i++;
}
if (tree) {
proto_item_append_text(ti, ", PDU count: %u", i);
}
return;
}
/* No concatenation */
fCon = b0 & 0x80;
fRID = retransmission_indicator(b0);
pdut = pdu_type(b0);
#ifdef DEBUG
printf("WTP packet %u: tree = %p, pdu = %s (%u) length: %u\n",
pinfo->fd->num, tree,
val_to_str(pdut, vals_wtp_pdu_type, "Unknown PDU type 0x%x"),
pdut, tvb_captured_length(tvb));
#endif
/* Develop the string to put in the Info column */
returned_length = g_snprintf(szInfo, SZINFO_SIZE, "WTP %s",
val_to_str(pdut, vals_wtp_pdu_type, "Unknown PDU type 0x%x"));
str_index += MIN(returned_length, SZINFO_SIZE-str_index);
switch (pdut) {
case INVOKE:
fTTR = transmission_trailer(b0);
TID = tvb_get_ntohs(tvb, offCur + 1);
psn = 0;
clsTransaction = transaction_class(tvb_get_guint8(tvb, offCur + 3));
returned_length = g_snprintf(&szInfo[str_index], SZINFO_SIZE-str_index,
" Class %d", clsTransaction);
str_index += MIN(returned_length, SZINFO_SIZE-str_index);
cbHeader = 4;
break;
case SEGMENTED_INVOKE:
case SEGMENTED_RESULT:
fTTR = transmission_trailer(b0);
TID = tvb_get_ntohs(tvb, offCur + 1);
psn = tvb_get_guint8(tvb, offCur + 3);
if (psn != 0) {
returned_length = g_snprintf(&szInfo[str_index], SZINFO_SIZE-str_index,
" (%u)", psn);
str_index += MIN(returned_length, SZINFO_SIZE-str_index);
}
cbHeader = 4;
break;
case ABORT:
cbHeader = 4;
break;
case RESULT:
fTTR = transmission_trailer(b0);
TID = tvb_get_ntohs(tvb, offCur + 1);
psn = 0;
cbHeader = 3;
break;
case ACK:
cbHeader = 3;
break;
case NEGATIVE_ACK:
/* Variable number of missing packets */
numMissing = tvb_get_guint8(tvb, offCur + 3);
cbHeader = numMissing + 4;
break;
default:
break;
};
if (fRID) {
/*returned_length =*/ g_snprintf(&szInfo[str_index], SZINFO_SIZE-str_index, " R" );
/*str_index += MIN(returned_length, SZINFO_SIZE-str_index);*/
};
/* In the interest of speed, if "tree" is NULL, don't do any work not
necessary to generate protocol tree items. */
if (tree) {
#ifdef DEBUG
fprintf(stderr, "dissect_wtp: cbHeader = %d\n", cbHeader);
#endif
/* NOTE - Length will be set when we process the TPI */
ti = proto_tree_add_item(tree, proto_wtp, tvb, offCur, 0, ENC_NA);
#ifdef DEBUG
fprintf(stderr, "dissect_wtp: (7) Returned from proto_tree_add_item\n");
#endif
wtp_tree = proto_item_add_subtree(ti, ett_wtp);
/* Code to process the packet goes here */
#ifdef DEBUG
fprintf(stderr, "dissect_wtp: cbHeader = %d\n", cbHeader);
fprintf(stderr, "dissect_wtp: offCur = %d\n", offCur);
#endif
/* Add common items: only CON and PDU Type */
proto_tree_add_item(
wtp_tree, /* tree */
hf_wtp_header_flag_continue, /* id */
tvb,
offCur, /* start of highlight */
1, /* length of highlight*/
b0 /* value */
);
proto_tree_add_item(wtp_tree, hf_wtp_header_pdu_type, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
switch(pdut) {
case INVOKE:
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_Trailer, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_Inv_version , tvb, offCur + 3, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_Inv_flag_TIDNew, tvb, offCur + 3, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_Inv_flag_UP, tvb, offCur + 3, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_Inv_Reserved, tvb, offCur + 3, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_Inv_TransactionClass, tvb, offCur + 3, 1, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti,
", PDU: Invoke (%u)"
", Transaction Class: %s (%u)",
INVOKE,
val_to_str_const(clsTransaction, vals_transaction_classes, "Undefined"),
clsTransaction);
break;
case RESULT:
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_Trailer, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_item_append_text(ti, ", PDU: Result (%u)", RESULT);
break;
case ACK:
proto_tree_add_item(wtp_tree, hf_wtp_header_Ack_flag_TVETOK, tvb, offCur, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_item_append_text(ti, ", PDU: ACK (%u)", ACK);
break;
case ABORT:
abortType = tvb_get_guint8 (tvb, offCur) & 0x07;
proto_tree_add_item(wtp_tree, hf_wtp_header_Abort_type , tvb, offCur , 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
if (abortType == PROVIDER) {
guint8 reason = tvb_get_guint8(tvb, offCur + 3);
proto_tree_add_item( wtp_tree, hf_wtp_header_Abort_reason_provider , tvb, offCur + 3 , 1, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti,
", PDU: Abort (%u)"
", Type: Provider (%u)"
", Reason: %s (%u)",
ABORT,
PROVIDER,
val_to_str_const(reason, vals_abort_reason_provider, "Undefined"),
reason);
}
else if (abortType == USER) {
guint8 reason = tvb_get_guint8(tvb, offCur + 3);
proto_tree_add_item(wtp_tree, hf_wtp_header_Abort_reason_user , tvb, offCur + 3 , 1, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti,
", PDU: Abort (%u)"
", Type: User (%u)"
", Reason: %s (%u)",
ABORT,
PROVIDER,
val_to_str_ext_const(reason, &vals_wsp_reason_codes_ext, "Undefined"),
reason);
}
break;
case SEGMENTED_INVOKE:
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_Trailer, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_sequence_number , tvb, offCur + 3, 1, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti,
", PDU: Segmented Invoke (%u)"
", Packet Sequence Number: %u",
SEGMENTED_INVOKE, psn);
break;
case SEGMENTED_RESULT:
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_Trailer, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_sequence_number , tvb, offCur + 3, 1, ENC_LITTLE_ENDIAN);
proto_item_append_text(ti,
", PDU: Segmented Result (%u)"
", Packet Sequence Number: %u",
SEGMENTED_RESULT, psn);
break;
case NEGATIVE_ACK:
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, ENC_LITTLE_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(wtp_tree, hf_wtp_header_missing_packets , tvb, offCur + 3, 1, ENC_LITTLE_ENDIAN);
/* Iterate through missing packets */
for (i = 0; i < numMissing; i++)
{
proto_tree_add_item(wtp_tree, hf_wtp_header_sequence_number, tvb, offCur + 4 + i, 1, ENC_LITTLE_ENDIAN);
}
proto_item_append_text(ti,
", PDU: Negative Ack (%u)"
", Missing Packets: %u",
NEGATIVE_ACK, numMissing);
break;
default:
break;
};
if (fRID) {
proto_item_append_text(ti, ", Retransmission");
}
} else { /* tree is NULL */
#ifdef DEBUG
fprintf(stderr, "dissect_wtp: (4) tree was %p\n", tree);
#endif
}
/* Process the variable part */
if (fCon) { /* Now, analyze variable part */
guint8 tCon;
guint8 tByte;
guint tpiLen;
tvbuff_t *tmp_tvb;
vHeader = 0; /* Start scan all over */
do {
tByte = tvb_get_guint8(tvb, offCur + cbHeader + vHeader);
tCon = tByte & 0x80;
if (tByte & 0x04) /* Long TPI */
tpiLen = 2 + tvb_get_guint8(tvb, offCur + cbHeader + vHeader + 1);
else
tpiLen = 1 + (tByte & 0x03);
if (tree)
{
tmp_tvb = tvb_new_subset_length(tvb, offCur + cbHeader + vHeader, tpiLen);
wtp_handle_tpi(wtp_tree, tmp_tvb);
}
vHeader += tpiLen;
} while (tCon);
} else {
/* There is no variable part */
} /* End of variable part of header */
/* Set the length of the WTP protocol part now we know the length of the
* fixed and variable WTP headers */
if (tree)
proto_item_set_len(ti, cbHeader + vHeader);
#ifdef DEBUG
fprintf( stderr, "dissect_wtp: cbHeader = %d\n", cbHeader );
#endif
/*
* Any remaining data ought to be WSP data (if not WTP ACK, NACK
* or ABORT pdu), so, if we have any remaining data, and it's
* not an ACK, NACK, or ABORT PDU, hand it off (defragmented) to the
* WSP dissector.
* Note that the last packet of a fragmented WTP message needn't
* contain any data, so we allow payloadless packets to be
* reassembled. (XXX - does the reassembly code handle this
* for packets other than the last packet?)
*
* Try calling a subdissector only if:
* - The WTP payload is ressembled in this very packet,
* - The WTP payload is not fragmented across packets.
*/
dataOffset = offCur + cbHeader + vHeader;
dataLen = tvb_reported_length_remaining(tvb, dataOffset);
if ((dataLen >= 0) &&
! ((pdut==ACK) || (pdut==NEGATIVE_ACK) || (pdut==ABORT)))
{
/* Try to reassemble if needed, and hand over to WSP
* A fragmented WTP packet is either:
* - An INVOKE with fTTR (transmission trailer) not set,
* - a SEGMENTED_INVOKE,
* - A RESULT with fTTR (transmission trailer) not set,
* - a SEGMENTED_RESULT.
*/
if ( ( (pdut == SEGMENTED_INVOKE) || (pdut == SEGMENTED_RESULT)
|| ( ((pdut == INVOKE) || (pdut == RESULT)) && (!fTTR) )
) && tvb_bytes_exist(tvb, dataOffset, dataLen) )
{
/* Try reassembling fragments */
fragment_head *fd_wtp = NULL;
guint32 reassembled_in = 0;
gboolean save_fragmented = pinfo->fragmented;
pinfo->fragmented = TRUE;
fd_wtp = fragment_add_seq(&wtp_reassembly_table, tvb, dataOffset,
pinfo, TID, NULL, psn, dataLen, !fTTR, 0);
/* XXX - fragment_add_seq() yields NULL unless Wireshark knows
* that the packet is part of a reassembled whole. This means
* that fd_wtp will be NULL as long as Wireshark did not encounter
* (and process) the packet containing the last fragment.
* This implies that Wireshark needs two passes over the data for
* correct reassembly. At the first pass, a capture containing
* three fragments plus a retransmssion of the last fragment
* will progressively show:
*
* Packet 1: (Unreassembled fragment 1)
* Packet 2: (Unreassembled fragment 2)
* Packet 3: (Reassembled WTP)
* Packet 4: (WTP payload reassembled in packet 3)
*
* However at subsequent evaluation (e.g., by applying a display
* filter) the packet summary will show:
*
* Packet 1: (WTP payload reassembled in packet 3)
* Packet 2: (WTP payload reassembled in packet 3)
* Packet 3: (Reassembled WTP)
* Packet 4: (WTP payload reassembled in packet 3)
*
* This is important to know, and also affects read filters!
*/
wsp_tvb = process_reassembled_data(tvb, dataOffset, pinfo,
"Reassembled WTP", fd_wtp, &wtp_frag_items,
NULL, wtp_tree);
#ifdef DEBUG
printf("WTP: Packet %u %s -> %d: wsp_tvb = %p, fd_wtp = %p, frame = %u\n",
pinfo->fd->num,
fd_wtp ? "Reassembled" : "Not reassembled",
fd_wtp ? fd_wtp->reassembled_in : -1,
wsp_tvb,
fd_wtp
);
#endif
if (fd_wtp) {
/* Reassembled */
reassembled_in = fd_wtp->reassembled_in;
if (pinfo->fd->num == reassembled_in) {
/* Reassembled in this very packet:
* We can safely hand the tvb to the WSP dissector */
call_dissector(wsp_handle, wsp_tvb, pinfo, tree);
} else {
/* Not reassembled in this packet */
col_append_fstr(pinfo->cinfo, COL_INFO,
"%s (WTP payload reassembled in packet %u)",
szInfo, fd_wtp->reassembled_in);
proto_tree_add_item(wtp_tree, hf_wtp_payload, tvb, dataOffset, -1, ENC_NA);
}
} else {
/* Not reassembled yet, or not reassembled at all */
col_append_fstr(pinfo->cinfo, COL_INFO,
"%s (Unreassembled fragment %u)",
szInfo, psn);
proto_tree_add_item(wtp_tree, hf_wtp_payload, tvb, dataOffset, -1, ENC_NA);
}
/* Now reset fragmentation information in pinfo */
pinfo->fragmented = save_fragmented;
}
else if ( ((pdut == INVOKE) || (pdut == RESULT)) && (fTTR) )
{
/* Non-fragmented payload */
wsp_tvb = tvb_new_subset_remaining(tvb, dataOffset);
/* We can safely hand the tvb to the WSP dissector */
call_dissector(wsp_handle, wsp_tvb, pinfo, tree);
}
else
{
/* Nothing to hand to subdissector */
col_append_str(pinfo->cinfo, COL_INFO, szInfo);
}
}
else
{
/* Nothing to hand to subdissector */
col_append_str(pinfo->cinfo, COL_INFO, szInfo);
}
}
/* This tests the functionality of fragment_set_partial_reassembly for
* FD_BLOCKSEQUENCE reassembly.
*
* We add a sequence of fragments thus:
* seqno frame offset len (initial) more_frags
* ----- ----- ------ --- --------------------
* 0 1 10 50 false
* 1 2 0 40 true
* 1 3 0 40 true (a duplicate fragment)
* 2 4 20 100 false
* 3 5 0 40 false
*/
static void test_fragment_add_seq_partial_reassembly(void)
{
fragment_data *fd_head, *fd;
printf("Starting test test_fragment_add_seq_partial_reassembly\n");
/* generally it's probably fair to assume that we will be called with
* more_frags=FALSE.
*/
pinfo.fd->num = 1;
fd_head=fragment_add_seq(tvb, 10, &pinfo, 12, fragment_table,
0, 50, FALSE);
ASSERT_EQ(1,g_hash_table_size(fragment_table));
ASSERT_NE(NULL,fd_head);
/* check the contents of the structure */
ASSERT_EQ(0,fd_head->frame); /* unused */
ASSERT_EQ(0,fd_head->offset); /* unused */
ASSERT_EQ(50,fd_head->len); /* the length of data we have */
ASSERT_EQ(0,fd_head->datalen); /* seqno of the last fragment we have */
ASSERT_EQ(1,fd_head->reassembled_in);
ASSERT_EQ(FD_DEFRAGMENTED|FD_BLOCKSEQUENCE|FD_DATALEN_SET,fd_head->flags);
ASSERT_NE(NULL,fd_head->data);
ASSERT_NE(NULL,fd_head->next);
ASSERT_EQ(1,fd_head->next->frame);
ASSERT_EQ(0,fd_head->next->offset); /* seqno */
ASSERT_EQ(50,fd_head->next->len); /* segment length */
ASSERT_EQ(0,fd_head->next->flags);
ASSERT_EQ(NULL,fd_head->next->data);
ASSERT_EQ(NULL,fd_head->next->next);
/* test the actual reassembly */
ASSERT(!memcmp(fd_head->data,data+10,50));
/* now we announce that the reassembly wasn't complete after all. */
fragment_set_partial_reassembly(&pinfo,12,fragment_table);
/* and add another segment. To mix things up slightly (and so that we can
* check on the state of things), we're going to set the more_frags flag
* here
*/
pinfo.fd->num = 2;
fd_head=fragment_add_seq(tvb, 0, &pinfo, 12, fragment_table,
1, 40, TRUE);
ASSERT_EQ(1,g_hash_table_size(fragment_table));
ASSERT_EQ(NULL,fd_head);
fd_head=fragment_get(&pinfo,12,fragment_table);
ASSERT_NE(NULL,fd_head);
/* check the contents of the structure */
ASSERT_EQ(0,fd_head->frame); /* unused */
ASSERT_EQ(0,fd_head->offset); /* unused */
/* ASSERT_EQ(50,fd_head->len); the length of data we have */
ASSERT_EQ(0,fd_head->datalen); /* seqno of the last fragment we have */
ASSERT_EQ(0,fd_head->reassembled_in);
ASSERT_EQ(FD_BLOCKSEQUENCE,fd_head->flags);
ASSERT_NE(NULL,fd_head->data);
ASSERT_NE(NULL,fd_head->next);
fd=fd_head->next;
ASSERT_EQ(1,fd->frame);
ASSERT_EQ(0,fd->offset); /* seqno */
ASSERT_EQ(50,fd->len); /* segment length */
ASSERT_EQ(FD_NOT_MALLOCED,fd->flags);
ASSERT_EQ(fd_head->data,fd->data);
ASSERT_NE(NULL,fd->next);
fd=fd->next;
ASSERT_EQ(2,fd->frame);
ASSERT_EQ(1,fd->offset); /* seqno */
ASSERT_EQ(40,fd->len); /* segment length */
ASSERT_EQ(0,fd->flags);
ASSERT_NE(NULL,fd->data);
ASSERT_EQ(NULL,fd->next);
/* Another copy of the second segment.
*/
pinfo.fd->num = 3;
fd_head=fragment_add_seq(tvb, 0, &pinfo, 12, fragment_table,
1, 40, TRUE);
ASSERT_EQ(1,g_hash_table_size(fragment_table));
ASSERT_EQ(NULL,fd_head);
fd_head=fragment_get(&pinfo,12,fragment_table);
ASSERT_NE(NULL,fd_head);
ASSERT_EQ(0,fd_head->frame); /* unused */
ASSERT_EQ(0,fd_head->offset); /* unused */
/* ASSERT_EQ(50,fd_head->len); the length of data we have */
ASSERT_EQ(0,fd_head->datalen); /* seqno of the last fragment we have */
ASSERT_EQ(0,fd_head->reassembled_in);
ASSERT_EQ(FD_BLOCKSEQUENCE,fd_head->flags);
ASSERT_NE(NULL,fd_head->data);
ASSERT_NE(NULL,fd_head->next);
fd=fd_head->next;
ASSERT_EQ(1,fd->frame);
ASSERT_EQ(0,fd->offset); /* seqno */
ASSERT_EQ(50,fd->len); /* segment length */
ASSERT_EQ(FD_NOT_MALLOCED,fd->flags);
ASSERT_EQ(fd_head->data,fd->data);
ASSERT_NE(NULL,fd->next);
fd=fd->next;
ASSERT_EQ(2,fd->frame);
ASSERT_EQ(1,fd->offset); /* seqno */
ASSERT_EQ(40,fd->len); /* segment length */
ASSERT_EQ(0,fd->flags);
ASSERT_NE(NULL,fd->data);
ASSERT_NE(NULL,fd->next);
fd=fd->next;
ASSERT_EQ(3,fd->frame);
ASSERT_EQ(1,fd->offset); /* seqno */
ASSERT_EQ(40,fd->len); /* segment length */
ASSERT_EQ(0,fd->flags);
ASSERT_NE(NULL,fd->data);
ASSERT_EQ(NULL,fd->next);
/* have another go at wrapping things up */
pinfo.fd->num = 4;
fd_head=fragment_add_seq(tvb, 20, &pinfo, 12, fragment_table,
2, 100, FALSE);
ASSERT_EQ(1,g_hash_table_size(fragment_table));
ASSERT_NE(NULL,fd_head);
/* check the contents of the structure */
ASSERT_EQ(0,fd_head->frame); /* unused */
ASSERT_EQ(0,fd_head->offset); /* unused */
ASSERT_EQ(190,fd_head->len); /* the length of data we have */
ASSERT_EQ(2,fd_head->datalen); /* seqno of the last fragment we have */
ASSERT_EQ(4,fd_head->reassembled_in);
ASSERT_EQ(FD_DEFRAGMENTED|FD_BLOCKSEQUENCE|FD_DATALEN_SET|FD_OVERLAP,fd_head->flags);
ASSERT_NE(NULL,fd_head->data);
ASSERT_NE(NULL,fd_head->next);
fd=fd_head->next;
ASSERT_EQ(1,fd->frame);
ASSERT_EQ(0,fd->offset); /* seqno */
ASSERT_EQ(50,fd->len); /* segment length */
ASSERT_EQ(0,fd->flags);
ASSERT_EQ(NULL,fd->data);
ASSERT_NE(NULL,fd->next);
fd=fd->next;
ASSERT_EQ(2,fd->frame);
ASSERT_EQ(1,fd->offset); /* seqno */
ASSERT_EQ(40,fd->len); /* segment length */
ASSERT_EQ(0,fd->flags);
ASSERT_EQ(NULL,fd->data);
ASSERT_NE(NULL,fd->next);
fd=fd->next;
ASSERT_EQ(3,fd->frame);
ASSERT_EQ(1,fd->offset); /* seqno */
ASSERT_EQ(40,fd->len); /* segment length */
ASSERT_EQ(FD_OVERLAP,fd->flags);
ASSERT_EQ(NULL,fd->data);
ASSERT_NE(NULL,fd->next);
fd=fd->next;
ASSERT_EQ(4,fd->frame);
ASSERT_EQ(2,fd->offset); /* seqno */
ASSERT_EQ(100,fd->len); /* segment length */
ASSERT_EQ(0,fd->flags);
ASSERT_EQ(NULL,fd->data);
ASSERT_EQ(NULL,fd->next);
/* test the actual reassembly */
ASSERT(!memcmp(fd_head->data,data+10,50));
ASSERT(!memcmp(fd_head->data+50,data,40));
ASSERT(!memcmp(fd_head->data+90,data+20,100));
/* do it again (this time it is more complicated, with an overlap in the
* reassembly) */
fragment_set_partial_reassembly(&pinfo,12,fragment_table);
pinfo.fd->num = 5;
fd_head=fragment_add_seq(tvb, 0, &pinfo, 12, fragment_table,
3, 40, FALSE);
fd_head=fragment_get(&pinfo,12,fragment_table);
ASSERT_NE(NULL,fd_head);
ASSERT_EQ(0,fd_head->frame); /* unused */
ASSERT_EQ(0,fd_head->offset); /* unused */
ASSERT_EQ(230,fd_head->len); /* the length of data we have */
ASSERT_EQ(3,fd_head->datalen); /* seqno of the last fragment we have */
ASSERT_EQ(5,fd_head->reassembled_in);
ASSERT_EQ(FD_DEFRAGMENTED|FD_BLOCKSEQUENCE|FD_DATALEN_SET|FD_OVERLAP,fd_head->flags);
ASSERT_NE(NULL,fd_head->data);
ASSERT_NE(NULL,fd_head->next);
fd=fd_head->next;
ASSERT_EQ(1,fd->frame);
ASSERT_EQ(0,fd->offset); /* seqno */
ASSERT_EQ(50,fd->len); /* segment length */
ASSERT_EQ(0,fd->flags);
ASSERT_EQ(NULL,fd->data);
ASSERT_NE(NULL,fd->next);
fd=fd->next;
ASSERT_EQ(2,fd->frame);
ASSERT_EQ(1,fd->offset); /* seqno */
ASSERT_EQ(40,fd->len); /* segment length */
ASSERT_EQ(0,fd->flags);
ASSERT_EQ(NULL,fd->data);
ASSERT_NE(NULL,fd->next);
fd=fd->next;
ASSERT_EQ(3,fd->frame);
ASSERT_EQ(1,fd->offset); /* seqno */
ASSERT_EQ(40,fd->len); /* segment length */
ASSERT_EQ(FD_OVERLAP,fd->flags);
ASSERT_EQ(NULL,fd->data);
ASSERT_NE(NULL,fd->next);
fd=fd->next;
ASSERT_EQ(4,fd->frame);
ASSERT_EQ(2,fd->offset); /* seqno */
ASSERT_EQ(100,fd->len); /* segment length */
ASSERT_EQ(0,fd->flags);
ASSERT_EQ(NULL,fd->data);
ASSERT_NE(NULL,fd->next);
fd=fd->next;
ASSERT_EQ(5,fd->frame);
ASSERT_EQ(3,fd->offset); /* seqno */
ASSERT_EQ(40,fd->len); /* segment length */
ASSERT_EQ(0,fd->flags);
ASSERT_EQ(NULL,fd->data);
ASSERT_EQ(NULL,fd->next);
/* test the actual reassembly */
ASSERT(!memcmp(fd_head->data,data+10,50));
ASSERT(!memcmp(fd_head->data+50,data,40));
ASSERT(!memcmp(fd_head->data+90,data+20,100));
ASSERT(!memcmp(fd_head->data+190,data,40));
}
