LTE message parsing #6
Conversation
Finds the size and copies to the LTE message from the diag structure. Up/down flag of RRC message looks better now.
|
Thank you! Which wireshark patch do you use to look at the result? |
|
Hi,
I have a patched wireshark which does the job.
It's just an updated packet-gsmtap dissector that I want to push now
… Le 3 juil. 2017 à 16:45, Holger Freyther ***@***.***> a écrit :
Thank you! Which wireshark patch do you use to look at the result?
|
|
Great. Then please push it to the Wireshark Gerrit, share the link and I can check how my traces look with your version of the modified dissector! And thank you for adding upstream support for LTE decoding! |
|
Here is the patch on gerrit
https://code.wireshark.org/review/#/c/22515/
Best regards,
M. Heusse
… Le 3 juil. 2017 à 16:50, Holger Freyther ***@***.***> a écrit :
Great. Then please push it to the Wireshark Gerrit, share the link and I can check how my traces look with your version of the modified dissector! And thank you for adding upstream support for LTE decoding!
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
Also note: |
diag_input.c
Outdated
| break; | ||
| default: | ||
| // Unhandled | ||
| return NULL; | ||
| } | ||
| // verify len | ||
| payload_len = ((uint16_t)dp->data[9]) << 8 | dp->data[8]; | ||
| if (payload_len > len - 15) { | ||
| payload_len = dp->data[12]-1; |
There was a problem hiding this comment.
Are you sure that the length field is only 8bit? I would expect 16bit here?
There was a problem hiding this comment.
This length does not reflect the actual size of the message anyway.
This is corrected in a subsequent commit
There was a problem hiding this comment.
But these commits are not in this pull request yet? I am not a LTE expert but I would expect QXDM to have a 16bit length field and LTE to have longer messages too. bb.data can be > 256 as well.
I can merge anyway but I would expect us to see truncated messages?
There was a problem hiding this comment.
There are 4 commits in this pull request
https://github.com/moiji-mobile/diag-parser/pull/6/commits
There was a problem hiding this comment.
Yes. but I look at files changed which is "git diff base..4thcommit"? So payload_len = dp->data[12]-1 is the final one. Do you have an indication of why this field only needs to be 8bit and not 16bit?
There was a problem hiding this comment.
with all 4 commits, it looks like this :
/* payload_len = dp->data[12]-1; */
payload_len=len-14;
printf("payload_len: %d\n",payload_len);
data = &dp->data[14];
There was a problem hiding this comment.
I should probably remove the comment
There was a problem hiding this comment.
Okay. Not sure how I ended up on the patch. I thought I clicked PR->files changed.. Hmm. Could you remove the /* payload_len .. */ and then merge it? Thank you!
Finds the size and copies to the LTE message from the diag structure. Up/down flag of RRC message looks better now.