Wireshark mailing list archives

Re: GTP sequence number equal to zero problem

From: Pascal Quantin <pascal.quantin () gmail com>
Date: Tue, 3 Nov 2015 16:27:02 +0100

2015-11-03 16:13 GMT+01:00 POZUELO Gloria (BCS/PSD) <gloria.pozuelo () bics com

Hi all,



I’m developing an extension for the GTPv1 dissector and while I was
debugging I’ve encountered something that it seems to me a bit confusing.
In the dissect_gtp_common function from the packet-gtp.c source, there is a
section that makes the matching between requests and responses. The thing
is that I have a pcap in which I have a create PDP context request with
sequence number equal to 0, then when in the code asks if the message has
sequence number, it never enters in that part because, I guess, that 0 is
equal than NULL.



If (seq_no) {

                /* matching is done */

}



I don’t know If this is a little bug or maybe the sequence number can’t be
equal to 0. Can someone help me?



Thanks!



Regards.

Hi Gloria,

at first glance this seems to be a bug. Per 3GPP 29.060 chapter 9.3.1.1:
9.3.1.1            Usage of Sequence Number

The sending GGSN and SRNC shall use 0 for the value of the Sequence Number
of the first G-PDU in a tunnel, only during the PDP context activation, and
shall increment the Sequence Number for each following G-PDU. The value
shall wrap to zero after 65535.

The receiving GGSN and SRNC shall set the content of a counter to zero,
only during the PDP context activation. When the receiving GGSN and SRNC
receives a valid G-PDU, it shall increment this counter by one. This
counter shall wrap to zero after 65535. It defines the "Expected Sequence
Number".

Could you please fill a bug on https://bugs.wireshark.org and even better,
upload a fix on Gerrit (see
https://www.wireshark.org/docs/wsdg_html_chunked/ChSrcContribute.html for
details) ? Presumably we should have a booleab telling whether a sequence
number was retrieved or not and test it (instead of seq_no being different
from 0).

Regards,
Pascal.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

GTP sequence number equal to zero problem POZUELO Gloria (BCS/PSD) (Nov 03)
- Re: GTP sequence number equal to zero problem Pascal Quantin (Nov 03)
  - Re: GTP sequence number equal to zero problem POZUELO Gloria (BCS/PSD) (Nov 03)
    - Re: GTP sequence number equal to zero problem POZUELO Gloria (BCS/PSD) (Nov 04)
    - Re: GTP sequence number equal to zero problem Anders Broman (Nov 04)
    - Re: GTP sequence number equal to zero problem POZUELO Gloria (BCS/PSD) (Nov 04)