From aa434673bfd2f45f26394c828558dd0bb9aff718 Mon Sep 17 00:00:00 2001
From: Dario Lombardo <lomato@gmail.com>
Date: Thu, 4 Jul 2019 15:18:36 +0200
Subject: [PATCH] credentials: don't use wmem file scope but a local copy.

Change-Id: I44ca95bffd682a7f2e83b71400937a949f5886ea
Reviewed-on: https://code.wireshark.org/review/33844
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
---
 epan/dissectors/packet-ftp.c       |  6 +++---
 epan/dissectors/packet-http.c      |  8 ++++----
 ui/cli/tap-credentials.c           | 29 +++++++++++++++++++++++++++--
 ui/qt/models/credentials_model.cpp | 19 ++++++++++++++++---
 ui/tap-credentials.h               |  2 +-
 5 files changed, 51 insertions(+), 13 deletions(-)

diff --git a/epan/dissectors/packet-ftp.c b/epan/dissectors/packet-ftp.c
index 5273b23efa..14b47a02a2 100644
--- a/epan/dissectors/packet-ftp.c
+++ b/epan/dissectors/packet-ftp.c
@@ -945,19 +945,19 @@ dissect_ftp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
             else if (strncmp(line, "EPRT", tokenlen) == 0)
                 is_eprt_request = TRUE;
             else if (strncmp(line, "USER", tokenlen) == 0) {
-                if (p_ftp_conv && linelen - tokenlen > 1) {
+                if (p_ftp_conv && !p_ftp_conv->username && linelen - tokenlen > 1) {
                     p_ftp_conv->username = wmem_strndup(wmem_file_scope(), line + tokenlen + 1, linelen - tokenlen - 1);
                     p_ftp_conv->username_pkt_num = pinfo->num;
                 }
             } else if (strncmp(line, "PASS", tokenlen) == 0) {
                 if (p_ftp_conv && p_ftp_conv->username) {
-                    tap_credential_t* auth = wmem_new0(wmem_file_scope(), tap_credential_t);
+                    tap_credential_t* auth = wmem_new0(wmem_packet_scope(), tap_credential_t);
                     auth->num = pinfo->num;
                     auth->proto = "FTP";
                     auth->password_hf_id = hf_ftp_request_arg;
                     auth->username = p_ftp_conv->username;
                     auth->username_num = p_ftp_conv->username_pkt_num;
-                    auth->info = wmem_strdup_printf(wmem_file_scope(), "Username in packet: %u", p_ftp_conv->username_pkt_num);
+                    auth->info = wmem_strdup_printf(wmem_packet_scope(), "Username in packet: %u", p_ftp_conv->username_pkt_num);
                     tap_queue_packet(credentials_tap, pinfo, auth);
                 }
             }
diff --git a/epan/dissectors/packet-http.c b/epan/dissectors/packet-http.c
index 494912e06a..bd1374f7d2 100644
--- a/epan/dissectors/packet-http.c
+++ b/epan/dissectors/packet-http.c
@@ -3166,11 +3166,11 @@ process_header(tvbuff_t *tvb, int offset, int next_offset,
 				break; /* dissected citrix basic auth */
 			if (check_auth_kerberos(hdr_item, tvb, pinfo, value))
 				break;
-			auth = wmem_new0(wmem_file_scope(), tap_credential_t);
+			auth = wmem_new0(wmem_packet_scope(), tap_credential_t);
 			auth->num = pinfo->num;
 			auth->password_hf_id = *headers[hf_index].hf;
 			auth->proto = "HTTP header auth";
-			auth->username = wmem_strdup(wmem_file_scope(), TAP_CREDENTIALS_PLACEHOLDER);
+			auth->username = wmem_strdup(wmem_packet_scope(), TAP_CREDENTIALS_PLACEHOLDER);
 			tap_queue_packet(credentials_tap, pinfo, auth);
 			break;
 
@@ -3393,9 +3393,9 @@ basic_auth_credentials(gchar* str)
 		return NULL;
 	}
 
-	tap_credential_t* auth = wmem_new0(wmem_file_scope(), tap_credential_t);
+	tap_credential_t* auth = wmem_new0(wmem_packet_scope(), tap_credential_t);
 
-	auth->username = wmem_strdup(wmem_file_scope(), tokens[0]);
+	auth->username = wmem_strdup(wmem_packet_scope(), tokens[0]);
 	auth->proto = "HTTP basic auth";
 
 	g_strfreev(tokens);
diff --git a/ui/cli/tap-credentials.c b/ui/cli/tap-credentials.c
index 46c1b31ae0..051d44fb77 100644
--- a/ui/cli/tap-credentials.c
+++ b/ui/cli/tap-credentials.c
@@ -28,12 +28,37 @@ void register_tap_listener_credentials(void);
 
 wmem_array_t* credentials = NULL;
 
+static tap_credential_t* tap_credential_clone(tap_credential_t* auth)
+{
+    tap_credential_t* clone = wmem_new0(NULL, tap_credential_t);
+    clone->num = auth->num;
+    clone->username_num = auth->username_num;
+    clone->password_hf_id = auth->password_hf_id;
+    if (auth->username)
+        clone->username = wmem_strdup(NULL, auth->username);
+    clone->proto = auth->proto;
+    if (auth->info)
+        clone->info = wmem_strdup(NULL, auth->info);
+    return clone;
+}
+
 static tap_packet_status credentials_packet(void *p _U_, packet_info *pinfo _U_, epan_dissect_t *edt _U_, const void *pri)
 {
-    wmem_array_append(credentials, (void*)pri, 1);
+    tap_credential_t* clone = tap_credential_clone((tap_credential_t*)pri);
+    wmem_array_append(credentials, (void*)clone, 1);
     return TAP_PACKET_REDRAW;
 }
 
+static void credentials_reset(void* p)
+{
+    if (!p)
+        return;
+    tap_credential_t* auth = (tap_credential_t*)p;
+    wmem_free(NULL, auth->username);
+    wmem_free(NULL, auth->info);
+    wmem_free(NULL, auth);
+}
+
 static void credentials_draw(void *p _U_)
 {
     printf("===================================================================\n");
@@ -51,7 +76,7 @@ static void credentials_init(const char *opt_arg _U_, void *userdata _U_)
     GString* error_string;
 
     error_string = register_tap_listener("credentials", NULL, NULL, TL_REQUIRES_NOTHING,
-        NULL, credentials_packet, credentials_draw, NULL);
+        credentials_reset, credentials_packet, credentials_draw, NULL);
 
     if (error_string) {
         /* error, we failed to attach to the tap. clean up */
diff --git a/ui/qt/models/credentials_model.cpp b/ui/qt/models/credentials_model.cpp
index 52417c0aeb..99327d9f85 100644
--- a/ui/qt/models/credentials_model.cpp
+++ b/ui/qt/models/credentials_model.cpp
@@ -14,6 +14,7 @@
 
 #include <file.h>
 #include <log.h>
+#include <ui/qt/utils/qt_ui_utils.h>
 
 CredentialsModel::CredentialsModel(QObject *parent)
     :QAbstractListModel(parent)
@@ -98,18 +99,30 @@ QVariant CredentialsModel::data(const QModelIndex &index, int role) const
     return QVariant();
 }
 
-
-
 void CredentialsModel::addRecord(tap_credential_t* auth)
 {
     emit beginInsertRows(QModelIndex(), rowCount(), rowCount() + 1);
-    credentials_.append(auth);
+
+    tap_credential_t* clone = new tap_credential_t;
+    clone->num = auth->num;
+    clone->username_num = auth->username_num;
+    clone->password_hf_id = auth->password_hf_id;
+    clone->username = qstring_strdup(auth->username);
+    clone->proto = auth->proto;
+    clone->info = qstring_strdup(auth->info);
+    credentials_.append(clone);
+
     emit endInsertRows();
 }
 
 void CredentialsModel::clear()
 {
     emit beginRemoveRows(QModelIndex(), 0, rowCount());
+    for (QList<tap_credential_t*>::iterator itr = credentials_.begin(); itr != credentials_.end(); ++itr) {
+        g_free((*itr)->username);
+        g_free((*itr)->info);
+        delete *itr;
+    }
     credentials_.clear();
     emit endInsertRows();
 }
diff --git a/ui/tap-credentials.h b/ui/tap-credentials.h
index 362ebca153..19c2468e60 100644
--- a/ui/tap-credentials.h
+++ b/ui/tap-credentials.h
@@ -19,7 +19,7 @@ typedef struct tap_credential {
     guint username_num;
     guint password_hf_id;
     gchar* username;
-    gchar* proto;
+    const gchar* proto;
     gchar* info;
 } tap_credential_t;