`RTPS` `DataPacketField` wrong payload len.

Brief description

In RTPS protocol, during DataPacketField calculation of payload length assume that inlineQos has no data. Which leads to wrong payload length, as result incorrect packet interpretation. The following PR resolve the issue:

https://github.com/secdev/scapy/pull/4545

Scapy version

6f0faf38597080daca367d741903a99464e32760

Python version

3.10.12

Operating system

Ubuntu 20.04

Additional environment information

No response

How to reproduce

The following test case able to reproduce the issue.

p0 = RTPS(
      protocolVersion=ProtocolVersionPacket(major=2, minor=2),
      vendorId=VendorIdPacket(vendor_id=0x010f),
      guidPrefix=GUIDPrefixPacket(
        hostId=0x010f45d2, appId=0xb3f558b9, instanceId=0x01000000
      ),magic=b"RTPS"
    )/RTPSMessage(submessages=[
    RTPSSubMessage_INFO_TS(
      submessageId=9,
      submessageFlags=1,
      octetsToNextHeader=8,
      ts_seconds=1638425814,
      ts_fraction=2083784982,
    ), 
    RTPSSubMessage_DATA(
      submessageId= 0x15,
      submessageFlags= 0x7,
      octetsToNextHeader= 54,
      extraFlags= 0x0,
      octetsToInlineQoS= 16,
      readerEntityIdKey= 0x0,
      readerEntityIdKind= 0x0,
      writerEntityIdKey= 0x0,
      writerEntityIdKind= 0x0,
      writerSeqNumHi= 0,
      writerSeqNumLow= 4,
      inlineQoS= InlineQoSPacket(
        parameters= [
          PID_UNKNOWN(
            parameterId= 0x801e,
            parameterLength= 4,
            parameterData= b'\x00\x00\x00\x00',
          ),
        ],
        sentinel= PID_SENTINEL(
          parameterId= 0x1,
          parameterLength= 0,
          parameterData= b'',
        ),
      ),
      data= DataPacket(
        encapsulationKind= 0x1,
        encapsulationOptions= 0x3,
        serializedData= b'=\x00\x00\x00abcdefghij\x00\x00\x00\x00',
      ),
    ),
    RTPSSubMessage_INFO_TS(
      submessageId=9,
      submessageFlags=1,
      octetsToNextHeader=8,
      ts_seconds=1638425814,
      ts_fraction=2083784982,
    ), 
    RTPSSubMessage_DATA(
      submessageId= 0x15,
      submessageFlags= 0x7,
      octetsToNextHeader= 54,
      extraFlags= 0x0,
      octetsToInlineQoS= 16,
      readerEntityIdKey= 0x0,
      readerEntityIdKind= 0x0,
      writerEntityIdKey= 0x0,
      writerEntityIdKind= 0x0,
      writerSeqNumHi= 0,
      writerSeqNumLow= 4,
      inlineQoS= InlineQoSPacket(
        parameters= [
          PID_UNKNOWN(
            parameterId= 0x801e,
            parameterLength= 4,
            parameterData= b'\x00\x00\x00\x00',
          ),
        ],
        sentinel= PID_SENTINEL(
          parameterId= 0x1,
          parameterLength= 0,
          parameterData= b'',
        ),
      ),
      data= DataPacket(
        encapsulationKind= 0x1,
        encapsulationOptions= 0x3,
        serializedData= b'=\x00\x00\x00abcdefghij\x00\x00\x00\x00',
      ),
    ),
])

d = b"\x52\x54\x50\x53\x02\x02\x01\x0f\x01\x0f\x45\xd2\xb3\xf5\x58\xb9" \
    b"\x01\x00\x00\x00\x09\x01\x08\x00\xd6\x64\xa8\x61\x16\x09\x34\x7c" \
    b"\x15\x07\x36\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00" \
    b"\x00\x00\x00\x00\x04\x00\x00\x00\x1e\x80\x04\x00\x00\x00\x00\x00" \
    b"\x01\x00\x00\x00\x00\x01\x00\x03\x3d\x00\x00\x00\x61\x62\x63\x64" \
    b"\x65\x66\x67\x68\x69\x6a\x00\x00\x00\x00\x09\x01\x08\x00\xd6\x64" \
    b"\xa8\x61\x16\x09\x34\x7c\x15\x07\x36\x00\x00\x00\x10\x00\x00\x00" \
    b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x1e\x80" \
    b"\x04\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x03\x3d\x00" \
    b"\x00\x00\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x00\x00\x00\x00"

assert RTPS(d) == p0

Actual result

No response

Expected result

No response

Related resources

No response

secdev / scapy

`RTPS` `DataPacketField` wrong payload len. #4594

Brief description

Scapy version

Python version

Operating system

Additional environment information

How to reproduce

Actual result

Expected result

Related resources