Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

ASN1 deode issue in H248 message

From: Alex Lindberg <alindber () yahoo com>
Date: Mon, 13 Feb 2012 12:49:17 -0800 (PST)
When decoding an H248 ANS1 V1 message, the following TVB is presented to dissect_h248_sequence function 
(epan/dissectors/packet-ber.c)

30 06 80 02 00 02 81 00 

which is interpreted as:

        00.. .... = Class: UNIVERSAL (0)
        ..1. .... = P/C: Constructed Encoding
        ...1 0000 = Tag: SEQUENCE (16)
        Length: 6
        10.. .... = Class: CONTEXT (2)
        ..0. .... = P/C: Primitive Encoding
        ...0 0000 = Tag: 0
        Length: 2
        eventParamterName: 0002
        10.. .... = Class: CONTEXT (2)
        ..0. .... = P/C: Primitive Encoding
        ...0 0001 = Tag: 1
        Length: 0
        value: 

The issue is that the 2nd value of the sequence in this case is a Boolean value but the decode shows a length of zero 
instead.  

Is there a way round this issue?

Thanks as always.
Alex Lindberg


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: