Hi Andreas, Le mer. 7 juil. 2021 à 16:20, Andreas Fink <af...@list.fink.org> a écrit :
> Hello, > > I run into a decoding error in SMPP > > I have a GSM SMS payload which comes in as SMS-MO into a SMSC. > > the GSM-SMS TPDU SMS-submit -> TP-UserData section contains the bytes: > 027100001412000001897d3623d52eaea27bb6dad9e9c37cfa > > Wireshark decodes this correctly as having a UDH header of 0x71 which is a > (U)SIM Tooling Security Header and some raw binary data. > > > > This same Payload is now packed by the SMSC into a SMPP Deliver SM. > The bytes are exactly the same. but now Wireshark can't decode it anymore > > > > So I presume the SMPP branch doesn't know the same User Data Headers as > the SS7 branch of Wireshark. > It's even worse: your first screenshot is decoded by the gsm_sms dissector (that decodes a TPDU, including the TP-UD)), while the SMPP dissector is calling another gsm_sms_ud dissector (taht decodes the TP-UD only). It seems like the latter is not really maintained while the former is more actively maintained and has better decoding capabilities. Even worse, it does not skip over a unknown UDH header but assumes > everything is wrong. > As said, it seems to be abandoned code so that's not surprising. > > I think this needs fixing. > I can probably find it in the right spot in the source but I don't have a > wireshark build environment set up as I used it mainly on a Mac (which has > quite some complex dependencies). So if someone has an easy way to fix > this, it would be greatly apprechiated. > I do not see an "easy fix" and no one will ever try to fix that with a screenshot only. Better fill a bug on https://gitlab.com/wireshark/wireshark/-/issues with a pcap attached. Best regards.
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
