osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

Fix reported_len in Lua framewark when creating tvb from range. 

This bug affects Lua plugin dissectors for encapsulation protocols like
GRE.  Typically the dissector creates a range for the payload packet, then
calls the next dissector with a tvb derived from the range, using
TvbRange_tvb().  The original version calls
tvb_new_subset_length_caplen() using the remaining capture length for the
reported_len argument.  The fix passes -1 as the reported length, and
tvb_new_subset_length_caplen() calculates the new reported_len as required.

The bug only affects large packets captured with a snaplen and
truncated, then decoded with a Lua plugin for the encapsulation header.

Here's the typical bug symptom, gleaned from tshark decode of
an encapsulated IP payload:

        [Expert Info (Error/Protocol): IPv4 total length exceeds packet length (114 bytes)]
            [IPv4 total length exceeds packet length (114 bytes)]

Closes #15655.

(cherry picked from commit e7ec6739b6)
This commit is contained in:
George Powers 2020-11-05 22:26:49 +00:00 committed by Gerald Combs
parent 01fb136ec9
commit 295d0a19fa
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
epan/wslua/wslua_tvb.c
View File

@ -399,7 +399,8 @@ WSLUA_METHOD TvbRange_tvb(lua_State *L) {
tvb = (Tvb)g_malloc(sizeof(struct _wslua_tvb));
tvb->expired = FALSE;
tvb->need_free = FALSE;
tvb->ws_tvb = tvb_new_subset_length_caplen(tvbr->tvb->ws_tvb,tvbr->offset,tvbr->len, tvbr->len);
// -1 means recalculate the reported_len based on the new offset
tvb->ws_tvb = tvb_new_subset_length_caplen(tvbr->tvb->ws_tvb,tvbr->offset,tvbr->len,-1);
return push_wsluaTvb(L, tvb);
} else {
luaL_error(L,"Out Of Bounds");