forked from osmocom/wireshark
Fix reported_len in Lua framewark when creating tvb from range.
This bug affects Lua plugin dissectors for encapsulation protocols like GRE. Typically the dissector creates a range for the payload packet, then calls the next dissector with a tvb derived from the range, using TvbRange_tvb(). The original version calls tvb_new_subset_length_caplen() using the remaining capture length for the reported_len argument. The fix passes -1 as the reported length, and tvb_new_subset_length_caplen() calculates the new reported_len as required. The bug only affects large packets captured with a snaplen and truncated, then decoded with a Lua plugin for the encapsulation header. Here's the typical bug symptom, gleaned from tshark decode of an encapsulated IP payload: [Expert Info (Error/Protocol): IPv4 total length exceeds packet length (114 bytes)] [IPv4 total length exceeds packet length (114 bytes)] Closes #15655.
This commit is contained in:
parent
a11e5261e1
commit
e7ec6739b6
|
@ -399,7 +399,8 @@ WSLUA_METHOD TvbRange_tvb(lua_State *L) {
|
|||
tvb = (Tvb)g_malloc(sizeof(struct _wslua_tvb));
|
||||
tvb->expired = FALSE;
|
||||
tvb->need_free = FALSE;
|
||||
tvb->ws_tvb = tvb_new_subset_length_caplen(tvbr->tvb->ws_tvb,tvbr->offset,tvbr->len, tvbr->len);
|
||||
// -1 means recalculate the reported_len based on the new offset
|
||||
tvb->ws_tvb = tvb_new_subset_length_caplen(tvbr->tvb->ws_tvb,tvbr->offset,tvbr->len,-1);
|
||||
return push_wsluaTvb(L, tvb);
|
||||
} else {
|
||||
luaL_error(L,"Out Of Bounds");
|
||||
|
|
Loading…
Reference in New Issue