New workaround for not using (ulong *) to dereference memory in RSVP.

Here's the email I wrote to Guy with info on this:

Subject: Re: [ethereal-dev] Checked in support for MPLS
From: Ashok Narayanan <ashokn@cisco.com>
To: gharris@flashcom.net
Cc: ethereal-dev@zing.org
Date: Mon, 13 Mar 2000 00:10:38 -0500
X-Mailer: Mew version 1.94.1 on XEmacs 21.1 (Biscayne)


Guy,

> The code in that was fetching some fields by casting pointers into the
> packet to "ulong *" and dereferencing the resulting pointer - this is
> bad for three reasons:
>
> 	"ulong" is not a system-declared data type on all platforms
> 	(it's not on FreeBSD 3.4, at least, for example);
>
> 	casting an arbitrary pointer into a frame to point to something
> 	longer than 1 byte, and dereferencing it, is dangerous, as
> 	there's no guarantee that said pointer is properly aligned on
> 	machines that require alignment (such as SPARC, Alpha, and MIPS,
> 	and possibly at least some other RISC processors);

I agree with both these points.

> 	the data in an RSVP packet is presumably big-endian in any case,
> 	so you should use "pntohl()" to access it, rather than just
> 	blithely dereferencing it;

This is the exact problem which a direct cast attempts to work
around. A tree of type FT_IPv4 apparently has a network-to-host
conversion built into the proto_tree_add_item call. When you added the
pntohl, you inserted a second network-to-host conversion - the result
is that all the IP addresses are reversed. Here's an excerpt from
tethereal....

1) ~/sniffer/test/ethereal> ./tethereal -n -r ../../sniffs/mpls_te.cap -R 'rsvp.path'
  3   8.024159     17.3.3.3 -> 16.2.2.2     RSVP PATH Message
 15  31.589751     17.3.3.3 -> 16.2.2.2     RSVP PATH Message
 22  47.072205     17.3.3.3 -> 16.2.2.2     RSVP PATH Message
<snip>

2) ~/sniffer/test/ethereal> ./tethereal -n -r ../../sniffs/mpls_te.cap -R 'rsvp.path' -V
Frame 3 (306 on wire, 306 captured)
<snip>
Ethernet II
<snip>
Internet Protocol
<snip>
    Source: 17.3.3.3 (17.3.3.3)
    Destination: 16.2.2.2 (16.2.2.2)          <======== Destination is 16.2.2.2
    Options: (4 bytes)
        Unknown (0x94) (4 bytes)
Resource ReserVation Protocol (RSVP)
    RSVP Header
        RSVP Version: 1
        Flags: 00
        Message Type: PATH Message (1)
        Message Checksum
        Sending TTL: 254
        Message length: 264
    SESSION: 1
        Length: 16
        Class number: 1 - SESSION object
        C-type: 7 - IPv4 LSP
        Destination address: 2.2.2.16 (2.2.2.16)  <======== Destination is reversed
        Tunnel ID: 1
        Extended tunnel ID: 285410051

I'm looking around in the filtering code (which I don't really
understand), to see if I can find a quick fix to the problem. If you
or Gilbert knows what's happening, you may want to fix it. But as it
stands now, using pntohl() in a proto_tree_add_item() call is broken.

A slightly better workaround is to do something like this:

  memcpy(&ip_addr, pd[offset2], 4);
  proto_tree_add_item(....., ip_addr);

but this is still ugly. I'll implement this workaround and check in
the code (since as it stands now, RSVP decoding is broken). However,
the underlying issue needs to be resolved.

-Ashok

svn path=/trunk/; revision=1714

1 files changed, 17 insertions, 7 deletions

diff --git a/packet-rsvp.c b/packet-rsvp.c
index 2287ffcaf5..ac8e572683 100644
--- a/packet-rsvp.c
+++ b/packet-rsvp.c
@@ -3,7 +3,7 @@
  *
  * (c) Copyright Ashok Narayanan <ashokn@cisco.com>
  *
- * $Id: packet-rsvp.c,v 1.16 2000/03/10 08:41:02 guy Exp $
+ * $Id: packet-rsvp.c,v 1.17 2000/03/13 05:19:50 ashokn Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@zing.org>
@@ -845,6 +845,7 @@ dissect_rsvp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
     int obj_length;
     int offset2;
     struct e_in6_addr *ip6a;
+    guint32 ip_addr;
 
     hdr = (rsvp_header *)&pd[offset];
     packet_type = match_strval(hdr->message_type, message_type_vals);
@@ -918,8 +919,9 @@ dissect_rsvp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
 		case 1: {
 		    proto_tree_add_text(rsvp_object_tree, offset+3, 1, 
 					"C-type: 1 - IPv4");
+		    memcpy(&ip_addr, pd+offset2, 4);
 		    proto_tree_add_item(rsvp_object_tree, rsvp_filter[RSVPF_SESSION_IP], 
-					offset2, 4, pntohl(pd+offset2));
+					offset2, 4, ip_addr);
 
 		    proto_tree_add_item(rsvp_object_tree, rsvp_filter[RSVPF_SESSION_PROTO], 
 					offset2+4, 1, *(pd+offset2+4));
@@ -950,13 +952,19 @@ dissect_rsvp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
 		case 7: {
 		    proto_tree_add_text(rsvp_object_tree, offset+3, 1, 
 					"C-type: 7 - IPv4 LSP");
+		    memcpy(&ip_addr, pd+offset2, 4);
 		    proto_tree_add_item(rsvp_object_tree, rsvp_filter[RSVPF_SESSION_IP], 
-					offset2, 4, pntohl(pd+offset2));
+					offset2, 4, ip_addr);
 
 		    proto_tree_add_item(rsvp_object_tree, rsvp_filter[RSVPF_SESSION_TUNNEL_ID], 
 					offset2+6, 2, pntohs(pd+offset2+6));
-		    proto_tree_add_item(rsvp_object_tree, rsvp_filter[RSVPF_SESSION_EXT_TUNNEL_ID], 
-					offset2+8, 4, pntohl(pd+offset2+8));
+
+		    memcpy(&ip_addr, pd+offset2+8, 4);
+		    proto_tree_add_text(rsvp_object_tree, offset2+8, 4, 
+					"Extended Tunnel ID: %d (%s)", 
+					ntohl(ip_addr), ip_to_str(pd+offset2+8));
+		    proto_tree_add_item_hidden(rsvp_object_tree, rsvp_filter[RSVPF_SESSION_EXT_TUNNEL_ID], 
+					offset2+8, 4, ip_addr);
 		    break;
 		}
 
@@ -1246,8 +1254,9 @@ dissect_rsvp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
 		case 1: {
 		    proto_tree_add_text(rsvp_object_tree, offset+3, 1, 
 					"C-type: 1 - IPv4");
+		    memcpy(&ip_addr, pd+offset2, 4);
 		    proto_tree_add_item(rsvp_object_tree, rsvp_filter[RSVPF_SENDER_IP], 
-					offset2, 4, pntohl(pd+offset2));
+					offset2, 4, ip_addr);
 
 		    proto_tree_add_item(rsvp_object_tree, rsvp_filter[RSVPF_SENDER_PORT], 
 					offset2+6, 2, pntohs(pd+offset2+6));
@@ -1269,8 +1278,9 @@ dissect_rsvp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
 		case 7: {
 		    proto_tree_add_text(rsvp_object_tree, offset+3, 1, 
 					"C-type: 7 - IPv4 LSP");
+		    memcpy(&ip_addr, pd+offset2, 4);
 		    proto_tree_add_item(rsvp_object_tree, rsvp_filter[RSVPF_SENDER_IP], 
-					offset2, 4, pntohl(pd+offset2));
+					offset2, 4, ip_addr);
 
 		    proto_tree_add_item(rsvp_object_tree, rsvp_filter[RSVPF_SENDER_LSP_ID], 
 					offset2+6, 2, pntohs(pd+offset2+6));