Assertion due to incorrect mask for btatt.battery_power_state.*
Summary
[Dissector bug, protocol BT ATT: C:\gitlab-builds\builds-fyeYoMP\1\wireshark\wireshark\epan\proto.c:11710: failed assertion "hf->bitmask != 0" (btatt.battery_power_state.present)]
The mask used for all the btatt.battery_power_state.* values is set to 0x0, but each value is 2 bits in size. See here: https://gitlab.com/wireshark/wireshark/-/blob/master/epan/dissectors/packet-btatt.c#L12827
{&hf_btatt_battery_power_state_level,
{"Level", "btatt.battery_power_state.level",
FT_UINT8, BASE_HEX, VALS(battery_power_state_level_vals), 0x0,
NULL, HFILL}
},
{&hf_btatt_battery_power_state_charging,
{"Charging", "btatt.battery_power_state.charging",
FT_UINT8, BASE_HEX, VALS(battery_power_state_charging_vals), 0x0,
NULL, HFILL}
},
{&hf_btatt_battery_power_state_discharging,
{"Discharging", "btatt.battery_power_state.discharging",
FT_UINT8, BASE_HEX, VALS(battery_power_state_discharging_vals), 0x0,
NULL, HFILL}
},
{&hf_btatt_battery_power_state_present,
{"Present", "btatt.battery_power_state.present",
FT_UINT8, BASE_HEX, VALS(battery_power_state_present_vals), 0x0,
NULL, HFILL}
},
The format of the battery_power_state byte is:
(2b level)(2b charging)(2b discharging)(2b present)
or put another way:
present << 0
discharging << 2
charging << 4
level << 6
The 0xAB
(0b10101011
) value in the example capture would thus decode to:
present: 0b11
discharging: 0b10
charging: 0b10
level: 0b10
Steps to reproduce
Sniff the packets of a Bluetooth LE device that has a complete btatt.battery_power_state characteristic, as it is read. I used nRF Sniffer with a nRF52840-Dongle adapter.
What is the current bug behavior?
Error/assertion is displayed and battery_power_state information is not decoded.
What is the expected correct behavior?
The battery_power_state attribute should be decoded/displayed correctly.
Sample capture file
Relevant logs and/or screenshots
Frame 4665: 32 bytes on wire (256 bits), 32 bytes captured (256 bits) on interface COM12-3.6, id 0
nRF Sniffer for Bluetooth LE
Bluetooth Low Energy Link Layer
Access Address: 0x50654aa5
[Master Address: 79:bf:22:1f:38:d9 (79:bf:22:1f:38:d9)]
[Slave Address: f9:70:ed:2f:e5:56 (f9:70:ed:2f:e5:56)]
Data Header
Bluetooth L2CAP Protocol
Length: 2
CID: Attribute Protocol (0x0004)
Bluetooth Attribute Protocol
Opcode: Read Response (0x0b)
[Handle: 0x0023 (Battery Service: Battery Power State)]
[Service UUID: Battery Service (0x180f)]
[UUID: Battery Power State (0x2a1a)]
Battery Power State: 0xab
[Dissector bug, protocol BT ATT: C:\gitlab-builds\builds\-fyeYoMP\1\wireshark\wireshark\epan\proto.c:11710: failed assertion "hf->bitmask != 0" (btatt.battery_power_state.present)]
[Expert Info (Error/Malformed): C:\gitlab-builds\builds\-fyeYoMP\1\wireshark\wireshark\epan\proto.c:11710: failed assertion "hf->bitmask != 0" (btatt.battery_power_state.present)]
[C:\gitlab-builds\builds\-fyeYoMP\1\wireshark\wireshark\epan\proto.c:11710: failed assertion "hf->bitmask != 0" (btatt.battery_power_state.present)]
[Severity level: Error]
[Group: Malformed]
Build information
3.6.7 (v3.6.7-0-g4a304d7ec222)
Compiled (64-bit) using Microsoft Visual Studio 2019 (VC++ 14.31, build 31107),
with Qt 5.15.2, with libpcap, with GLib 2.66.4, with zlib 1.2.11, with Lua
5.2.4, with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT
Kerberos, with MaxMind DB resolver, with nghttp2 1.44.0, with brotli, with LZ4,
with Zstandard, with Snappy, with libxml2 2.9.10, with libsmi 0.4.8, with
QtMultimedia, with automatic updates using WinSparkle 0.5.7, with AirPcap, with
SpeexDSP (using bundled resampler), with Minizip.
Running on 64-bit Windows 10 (21H2), build 19044, with Intel(R) Core(TM)
i7-8850H CPU @ 2.60GHz (with SSE4.2), with 32272 MB of physical memory, with
GLib 2.66.4, with Qt 5.15.2, with Npcap version 1.60, based on libpcap version
1.10.2-PRE-GIT, with c-ares 1.17.0, with GnuTLS 3.6.3, with Gcrypt 1.8.3, with
nghttp2 1.44.0, with brotli 1.0.9, with LZ4 1.9.3, with Zstandard 1.4.0, without
AirPcap, with light display mode, with HiDPI, with
LC_TYPE=English_Australia.utf8, binary plugins supported (21 loaded).