Invalid decoding of some PACKET_RESOURCE_REQUESTs

Steve Markgraf steve at steve-m.de
Tue Feb 19 03:27:38 UTC 2013


Hi,

I noticed a bug in the dissector, which seems to happen when then
Exist_A5_bits field is set to 0, and results in the following fields
(Exist_Multislot_capability/Exist_GPRS_multislot_class) being decoded
incorrectly. Thus, get_ms_class_by_capability() is returning NULL
instead of the GPRS_multislot_class, which is interestingly dissected
correctly.

This is one of the messages where this happens:
4017dfb83a3f628a7045500898f28109100297e0080b2b

If I add it to the RLCMACTest it fails, so I propose it should be added
;)

My quite recent version of Wireshark (1.8.2) is decoding this message
fine, see the attachment. I've gone through the recent changes on
packet-gsm_rlcmac.c and packet-csn1.c in Wireshark, but couldn't spot
the commit that fixed it so far.

Regards,
Steve
-------------- next part --------------
raw bytes: 4017dfb83a3f628a7045500898f28109100297e0080b2b

GSM RLC/MAC: PACKET_RESOURCE_REQUEST (Uplink)
    01.. .... = PayloadType: 1
    ..00 000. = spare: 0
    .... ...0 = R: 0
    0001 01.. = MESSAGE_TYPE: 5
    .... ..1. Exist_ACCESS_TYPE
    .... ...1  1... .... = ACCESS_TYPE: 3
    ID
        .1.. .... Choice: PacketResourceRequestID (1)
        PacketResourceRequestID
            ..01 1111  1011 1000  0011 1010  0011 1111  01.. .... = TLLI: 2128668925
    ..1. .... Exist_MS_Radio_Access_capability
    MS_Radio_Access_capability
        MS_RA_capability_value[0]
            ...0 001. Choice: MS_RA_capability_value_Choice (1)
            MS_RA_capability_value_Choice
                .... ...0  1000 10.. u.Content length: 34
                u.Content
                    .... ..10  0... .... = RF_Power_Capability: 4
                    .1.. .... Exist_A5_bits
                    ..11 0000  0... .... = A5_bits: 96
                    .1.. .... = ES_IND: 1
                    ..0. .... = PS: 0
                    ...0 .... = VGCS: 0
                    .... 0... = VBS: 0
                    .... .1.. Exist_Multislot_capability
                    Multislot_capability
                        .... ..0. Exist_HSCSD_multislot_class
                        .... ...1 Exist_GPRS_multislot_class
                        0101 0... = GPRS_multislot_class: 10
                        .... .0.. = GPRS_Extended_Dynamic_Allocation_Capability: 0
                        .... ..0. Exist_SM
                        .... ...0 Exist_ECSD_multislot_class
                        0... .... Exist_EGPRS_multislot_class
                        .0.. .... Exist_DTM_GPRS_multislot_class
                    ..0. .... Exist_Eight_PSK_Power_Capability
                    ...0 .... = COMPACT_Interference_Measurement_Capability: 0
                    .... 1... = Revision_Level_Indicator: 1
                    .... .0.. = UMTS_FDD_Radio_Access_Technology_Capability: 0
                    .... ..0. = UMTS_384_TDD_Radio_Access_Technology_Capability: 0
                    .... ...0 = CDMA2000_Radio_Access_Technology_Capability: 0
                    [NULL data]: UMTS_128_TDD_Radio_Access_Technology_Capability Not Present
                    [NULL data]: GERAN_Feature_Package_1 Not Present
                    [NULL data]: Modulation_based_multislot_class_support Not Present
                    [NULL data]: GMSK_MultislotPowerProfile Not Present
                    [NULL data]: EightPSK_MultislotProfile Not Present
                    [NULL data]: MultipleTBF_Capability Not Present
                    [NULL data]: DownlinkAdvancedReceiverPerformance Not Present
                    [NULL data]: ExtendedRLC_MAC_ControlMessageSegmentionsCapability Not Present
                    [NULL data]: DTM_EnhancementsCapability Not Present
                    [NULL data]: PS_HandoverCapability Not Present
        1... .... Exist:MS_RA_capability_value[1]
        MS_RA_capability_value[1]
            .001 1... Choice: MS_RA_capability_value_Choice (3)
            MS_RA_capability_value_Choice
                .... .000  1111 .... u.Content length: 15
                u.Content
                    .... 001. = RF_Power_Capability: 1
                    .... ...0 Exist_A5_bits
                    1... .... = ES_IND: 1
                    .0.. .... = PS: 0
                    ..0. .... = VGCS: 0
                    ...0 .... = VBS: 0
                    .... 0... Exist_Multislot_capability
                    .... .0.. Exist_Eight_PSK_Power_Capability
                    .... ..0. = COMPACT_Interference_Measurement_Capability: 0
                    .... ...1 = Revision_Level_Indicator: 1
                    0... .... = UMTS_FDD_Radio_Access_Technology_Capability: 0
                    .0.. .... = UMTS_384_TDD_Radio_Access_Technology_Capability: 0
                    ..0. .... = CDMA2000_Radio_Access_Technology_Capability: 0
                    [NULL data]: UMTS_128_TDD_Radio_Access_Technology_Capability Not Present
                    [NULL data]: GERAN_Feature_Package_1 Not Present
                    [NULL data]: Modulation_based_multislot_class_support Not Present
                    [NULL data]: GMSK_MultislotPowerProfile Not Present
                    [NULL data]: EightPSK_MultislotProfile Not Present
                    [NULL data]: MultipleTBF_Capability Not Present
                    [NULL data]: DownlinkAdvancedReceiverPerformance Not Present
                    [NULL data]: ExtendedRLC_MAC_ControlMessageSegmentionsCapability Not Present
                    [NULL data]: DTM_EnhancementsCapability Not Present
                    [NULL data]: PS_HandoverCapability Not Present
        ...0 .... Exist:MS_RA_capability_value[2]
    Channel_Request_Description
        .... 1001 = PEAK_THROUGHPUT_CLASS: 9
        00.. .... = RADIO_PRIORITY: 0
        ..0. .... RLC_MODE
        ...1 .... LLC_PDU_TYPE
        .... 0000  0000 0010  1001 .... = RLC_OCTET_COUNT: 41
    .... 0... Exist_CHANGE_MARK
    .... .111  111. .... = C_VALUE: 63
    ...0 .... Exist_SIGN_VAR
    Slot[0]
        .... 0... Exist
    Slot[1]
        .... .0.. Exist
    Slot[2]
        .... ..0. Exist
    Slot[3]
        .... ...0 Exist
    Slot[4]
        0... .... Exist
    Slot[5]
        .0.. .... Exist
    Slot[6]
        ..0. .... Exist
    Slot[7]
        ...0 .... Exist
    .... 1... Exist_AdditionsR99
    AdditionsR99
        .... .0.. Exist_EGPRS_BEP_LinkQualityMeasurements
        .... ..0. Exist_EGPRS_TimeslotLinkQualityMeasurements
        .... ...0 Exist_PFI
        0... .... = MS_RAC_AdditionalInformationAvailable: 0
        .0.. .... = RetransmissionOfPRR: 0
    Padding Bits
        ..00 1011 Padding


More information about the osmocom-net-gprs mailing list