Wireshark mailing list archives
Re: payload_proto_id in SCPT dissector
From: Anders Broman <anders.broman () ericsson com>
Date: Thu, 15 Aug 2019 12:09:33 +0000
Hi,
It is the SCTP PPI which is defined by IANA
Payload protocol identifier: M3UA (3)
{ &hf_data_chunk_payload_proto_id, { "Payload protocol
identifier", "sctp.data_payload_proto_id",
FT_UINT32, BASE_DEC, VALS(sctp_payload_proto_id_values), 0x0,
NULL, HFILL } },
You find it in sctpppids.h and
static const value_string sctp_payload_proto_id_values[] = {
{ NOT_SPECIFIED_PROTOCOL_ID, "not specified" },
{ IUA_PAYLOAD_PROTOCOL_ID, "IUA" },
{ M2UA_PAYLOAD_PROTOCOL_ID, "M2UA" },
{ M3UA_PAYLOAD_PROTOCOL_ID, "M3UA" },
{ SUA_PAYLOAD_PROTOCOL_ID, "SUA" },
{ M2PA_PAYLOAD_PROTOCOL_ID, "M2PA" },
{ V5UA_PAYLOAD_PROTOCOL_ID, "V5UA" },
{ H248_PAYLOAD_PROTOCOL_ID, "H.248/MEGACO" },
{ BICC_PAYLOAD_PROTOCOL_ID, "BICC/Q.2150.3" },
{ TALI_PAYLOAD_PROTOCOL_ID, "TALI" },
{ DUA_PAYLOAD_PROTOCOL_ID, "DUA" },
{ ASAP_PAYLOAD_PROTOCOL_ID, "ASAP" },
{ ENRP_PAYLOAD_PROTOCOL_ID, "ENRP" },
{ H323_PAYLOAD_PROTOCOL_ID, "H.323" },
{ QIPC_PAYLOAD_PROTOCOL_ID, "Q.IPC/Q.2150.3" },
{ SIMCO_PAYLOAD_PROTOCOL_ID, "SIMCO" },
{ DDP_SEG_CHUNK_PROTOCOL_ID, "DDP Segment Chunk" },
{ DDP_STREAM_SES_CTRL_PROTOCOL_ID, "DDP Stream Session
Control" },
{ S1AP_PAYLOAD_PROTOCOL_ID, "S1 Application Protocol
(S1AP)" },
{ RUA_PAYLOAD_PROTOCOL_ID, "RUA" },
{ HNBAP_PAYLOAD_PROTOCOL_ID, "HNBAP" },
{ FORCES_HP_PAYLOAD_PROTOCOL_ID, "ForCES-HP" },
{ FORCES_MP_PAYLOAD_PROTOCOL_ID, "ForCES-MP" },
{ FORCES_LP_PAYLOAD_PROTOCOL_ID, "ForCES-LP" },
{ SBC_AP_PAYLOAD_PROTOCOL_ID, "SBc-AP" },
{ NBAP_PAYLOAD_PROTOCOL_ID, "NBAP" },
/* Unassigned 26 */
{ X2AP_PAYLOAD_PROTOCOL_ID, "X2AP" },
{ IRCP_PAYLOAD_PROTOCOL_ID, "IRCP" },
{ LCS_AP_PAYLOAD_PROTOCOL_ID, "LCS-AP" },
{ MPICH2_PAYLOAD_PROTOCOL_ID, "MPICH2" },
{ SABP_PAYLOAD_PROTOCOL_ID, "SABP" },
{ FGP_PAYLOAD_PROTOCOL_ID, "Fractal Generator
Protocol" },
{ PPP_PAYLOAD_PROTOCOL_ID, "Ping Pong Protocol" },
{ CALCAPP_PAYLOAD_PROTOCOL_ID, "CalcApp Protocol" },
{ SSP_PAYLOAD_PROTOCOL_ID, "Scripting Service
Protocol" },
{ NPMP_CTRL_PAYLOAD_PROTOCOL_ID, "NetPerfMeter Control" },
{ NPMP_DATA_PAYLOAD_PROTOCOL_ID, "NetPerfMeter Data" },
{ ECHO_PAYLOAD_PROTOCOL_ID, "Echo" },
{ DISCARD_PAYLOAD_PROTOCOL_ID, "Discard" },
{ DAYTIME_PAYLOAD_PROTOCOL_ID, "Daytime" },
{ CHARGEN_PAYLOAD_PROTOCOL_ID, "Character Generator" },
{ PROTO_3GPP_RNA_PROTOCOL_ID, "3GPP RNA" },
{ PROTO_3GPP_M2AP_PROTOCOL_ID, "3GPP M2AP" },
{ PROTO_3GPP_M3AP_PROTOCOL_ID, "3GPP M3AP" },
{ SSH_PAYLOAD_PROTOCOL_ID, "SSH" },
{ DIAMETER_PROTOCOL_ID, "DIAMETER" },
{ DIAMETER_DTLS_PROTOCOL_ID, "DIAMETER OVER DTLS" },
{ R14P_BER_PROTOCOL_ID, "R14P" },
{ WEBRTC_DCEP_PROTOCOL_ID, "WebRTC Control" },
{ WEBRTC_STRING_PAYLOAD_PROTOCOL_ID, "WebRTC String" },
{ WEBRTC_BINARY_PARTIAL_PAYLOAD_PROTOCOL_ID, "WebRTC Binary Partial
(Deprecated)" },
{ WEBRTC_BINARY_PAYLOAD_PROTOCOL_ID, "WebRTC Binary" },
{ WEBRTC_STRING_PARTIAL_PAYLOAD_PROTOCOL_ID, "WebRTC String Partial
(Deprecated)" },
{ PROTO_3GPP_PUA_PAYLOAD_PROTOCOL_ID, "3GPP PUA" },
{ WEBRTC_STRING_EMPTY_PAYLOAD_PROTOCOL_ID, "WebRTC String Empty" },
{ WEBRTC_BINARY_EMPTY_PAYLOAD_PROTOCOL_ID, "WebRTC Binary Empty" },
{ XWAP_PROTOCOL_ID, "XwAP" },
{ XW_CONTROL_PLANE_PROTOCOL_ID, "Xw - Control Plane" },
{ NGAP_PROTOCOL_ID, "NGAP" },
{ XNAP_PROTOCOL_ID, "XnAP" },
{ F1AP_PROTOCOL_ID, "F1 AP" },
{ ELE2_PROTOCOL_ID, "ELE2 Lawful
Interception" },
{ 0, NULL } };
Regards
Anders
From: Wireshark-dev <wireshark-dev-bounces () wireshark org> On Behalf Of Dario
Lombardo
Sent: den 15 augusti 2019 13:55
To: Developer support list for Wireshark <wireshark-dev () wireshark org>
Subject: [Wireshark-dev] payload_proto_id in SCPT dissector
Hi,
I'm working on fixing a bug reported by oss-fuzz, and I got stuck. The payload
is TLS over SCPT.
In the sctp dissector the variable payload_proto_id is read from the tlv in
dissect_data_chunk. What is it supposed to contain? Which proto_id?
Following the stack trace, this value is passed to dissect_tls as-is. That
function handles the value as it was a char* containing the name of the
dissector to find (indeed it is passed to find_dissector).
I can't figure out how this is supposed to work in the first place, or I am
missing some piece of the puzzle.
Any help?
--
Naima is online.
Attachment:
smime.p7s
Description:
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- payload_proto_id in SCPT dissector Dario Lombardo (Aug 15)
- Re: payload_proto_id in SCPT dissector Anders Broman (Aug 15)
- Re: payload_proto_id in SCPT dissector Peter Wu (Aug 15)
- Re: payload_proto_id in SCPT dissector João Valverde (Aug 16)
- Re: payload_proto_id in SCPT dissector Peter Wu (Aug 17)
- Re: payload_proto_id in SCPT dissector João Valverde (Aug 17)
- Re: payload_proto_id in SCPT dissector Peter Wu (Aug 15)
- Re: payload_proto_id in SCPT dissector Anders Broman (Aug 15)