From Jouni Malinen:
authorjake <jake@f5534014-38df-0310-8fa8-9805f1628bb7>
Mon, 24 Jan 2011 22:04:43 +0000 (22:04 +0000)
committerjake <jake@f5534014-38df-0310-8fa8-9805f1628bb7>
Mon, 24 Jan 2011 22:04:43 +0000 (22:04 +0000)
Allow TDLS Setup Response/Confirm to not include optional fields

Verifying whether non-zero status code is used and use explicit validation of
the remaining length and an expert info instead of implicit failure by an
exception.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35642 f5534014-38df-0310-8fa8-9805f1628bb7

epan/dissectors/packet-ieee80211.c

index d471b9532219077dc60a8a51db0489b6d9bd6711..1f81094b2068d187836302d2c4124cfc97dfb30e 100644 (file)
@@ -3942,6 +3942,7 @@ add_fixed_field(proto_tree * tree, tvbuff_t * tvb, int offset, int lfcode)
           case CAT_TDLS:
           {
             guint8 code;
+            guint16 status;
             guint start = offset;
 
             offset += add_fixed_field(action_tree, tvb, offset,
@@ -3957,16 +3958,36 @@ add_fixed_field(proto_tree * tree, tvbuff_t * tvb, int offset, int lfcode)
                                         FIELD_CAP_INFO);
               break;
             case TDLS_SETUP_RESPONSE:
+              status = tvb_get_letohs(tvb, offset);
               offset += add_fixed_field(action_tree, tvb, offset,
                                         FIELD_STATUS_CODE);
               offset += add_fixed_field(action_tree, tvb, offset,
                                         FIELD_DIALOG_TOKEN);
+              if (tvb_reported_length_remaining(tvb, offset) < 2) {
+                if (status == 0) {
+                  expert_add_info_format(g_pinfo, action_item,
+                                         PI_MALFORMED, PI_ERROR,
+                                         "TDLS Setup Response (success) "
+                                         "does not include mandatory fields");
+                }
+                break;
+              }
               offset += add_fixed_field(action_tree, tvb, offset,
                                         FIELD_CAP_INFO);
               break;
             case TDLS_SETUP_CONFIRM:
+              status = tvb_get_letohs(tvb, offset);
               offset += add_fixed_field(action_tree, tvb, offset,
                                         FIELD_STATUS_CODE);
+              if (tvb_reported_length_remaining(tvb, offset) < 1) {
+                if (status == 0) {
+                  expert_add_info_format(g_pinfo, action_item,
+                                         PI_MALFORMED, PI_ERROR,
+                                         "TDLS Setup Confirm (success) does "
+                                         "not include mandatory fields");
+                }
+                break;
+              }
               offset += add_fixed_field(action_tree, tvb, offset,
                                         FIELD_DIALOG_TOKEN);
               break;