next_tvb_add_handle() allocates memory in packet scope.
When dissecting another packet from dissect_h225_h225_RasMessage() handler [it don't call next_tvb_init()]
next_tvb_add_handle() will write to freed pointer.
Fix by calling next_tvb_init() after leaving scope in order to clear list->last pointer.
ASAN report:
ERROR: AddressSanitizer: heap-use-after-free on address 0x6070000854f0 at pc 0x00000208574a bp 0x7ffca839cf00 sp 0x7ffca839cef8
WRITE of size 8 at 0x6070000854f0 thread T0
#0 0x2085749 in next_tvb_add_handle /src/wireshark/epan/next_tvb.c
#1 0xef8728 in dissect_h225_ParallelH245Control_item /src/wireshark/epan/dissectors/./asn1/h225/h225.cnf:368:3
(...)
#21 0x168f460 in dissect_per_sequence /src/wireshark/epan/dissectors/packet-per.c:1920:12
#22 0xef31d3 in dissect_h225_InfoRequestResponse /src/wireshark/epan/dissectors/./asn1/h225/h225.cnf:910:12
#23 0x168e7db in dissect_per_choice /src/wireshark/epan/dissectors/packet-per.c
#24 0xeed6e3 in dissect_h225_RasMessage /src/wireshark/epan/dissectors/./asn1/h225/h225.cnf:298:12
#25 0xef97af in dissect_RasMessage_PDU /src/wireshark/epan/dissectors/./asn1/h225/h225.cnf:339:12
#26 0xeef872 in dissect_h225_h225_RasMessage /src/wireshark/epan/dissectors/./asn1/h225/packet-h225-template.c:385:12
0x6070000854f0 is located 0 bytes inside of 72-byte region [0x6070000854f0,0x607000085538)
freed by thread T0 here:
#0 0x4e2528 in __interceptor_cfree.localalias.0 /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:76
#1 0x21263a1 in wmem_simple_free_all /src/wireshark/epan/wmem/wmem_allocator_simple.c:107:9
#2 0x205aa4d in wmem_leave_packet_scope /src/wireshark/epan/wmem/wmem_scopes.c:81:5
(...)
previously allocated by thread T0 here:
#0 0x4e26e8 in __interceptor_malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:88
#1 0x225c588 in g_malloc (/out/fuzzshark_test+0x225c588)
#2 0x20855e0 in next_tvb_add_handle /src/wireshark/epan/next_tvb.c:40:10
#3 0xef8728 in dissect_h225_ParallelH245Control_item /src/wireshark/epan/dissectors/./asn1/h225/h225.cnf:368:3
Found by oss-fuzz/5921
Change-Id: Iea006914a9e0c433d2073f6f4c7a2973d5a33a11
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5921
Reviewed-on: https://code.wireshark.org/review/25593
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
They are copied in structures using pinfo lifetime. Let's use the same scope.
Bug: 14416
Change-Id: I5f8ee6fff49d63584a246936f551db1803ff9816
Reviewed-on: https://code.wireshark.org/review/25748
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
HKDF (RFC 5869) is a standard construct used in TLS 1.3, QUIC and
OSCORE, generalize it for use outside the TLS dissector.
Since none of the users need the "context" (formerly "hash_value")
field, remove the parameter.
Change-Id: Id952de8cb3000f6f6eda844d17c78bbd3906a84d
Reviewed-on: https://code.wireshark.org/review/25723
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use copy_address_swallow() instead of copy_address().
When inserting the key in the hash map, copy it in wmem file scope.
Bug: 14407
Change-Id: Ida524d314c943f480dd0e1bf44fd0ded01aafaeb
Reviewed-on: https://code.wireshark.org/review/25731
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Crafted packets may not have ipmi_header.
Bug: 14409
Change-Id: Ib6a8eceab13525c6c8dca5cef8bce3532dc50911
Reviewed-on: https://code.wireshark.org/review/25745
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Sanity check the total_length to make sure it doesn't go negative.
Bug: 14412
Change-Id: I87e38f6c792fa81184e4c412d6433fbbf2060f28
Reviewed-on: https://code.wireshark.org/review/25744
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fields are 16-bit values and large 16-bit values can be incorrectly
treated as negative, causing infinite loops in offset calculations.
Bug: 14413
Change-Id: I44334c3e9ced0734f4e1a70720859c0abf4a05c8
Reviewed-on: https://code.wireshark.org/review/25743
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 14414
Change-Id: I39843e8959510a0efa1add51a16e207fc63f88b1
Reviewed-on: https://code.wireshark.org/review/25742
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
oss-fuzz triggered: set_address: assertion failed: (addr_data == NULL).
Valgrind confirms that ceph was passing uninitialized value to set_address()
==16301== Conditional jump or move depends on uninitialised value(s)
==16301== at 0x6C37762: set_address (address.h:78)
==16301== by 0x6C37762: copy_address_shallow (address.h:253)
==16301== by 0x6C37762: c_node_copy (packet-ceph.c:1433)
==16301== by 0x6C37F72: c_conv_data_copy (packet-ceph.c:1455)
==16301== by 0x6C37F72: c_conv_data_clone (packet-ceph.c:1464)
==16301== by 0x6C37F72: c_pkt_data_save.isra.4.part.5 (packet-ceph.c:1593)
==16301== by 0x6C40EAE: c_pkt_data_save (packet-ceph.c:1561)
==16301== by 0x6C40EAE: dissect_ceph.isra.60 (packet-ceph.c:7046)
==16301== by 0x6C4186A: dissect_ceph_heur (packet-ceph.c:7111)
Found by oss-fuzz/6148.
Change-Id: I8ec762d541fd8cfd919710cf460c44968707dcc5
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6148
Reviewed-on: https://code.wireshark.org/review/25736
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Since g2a80fe283c (2005-10-06!) length initialization was moved, and
the message length is no more correct (previously tvb_length_remaining()
was called with offset equal to 0, which is no more the case after the
change).
Bug: 14410
Change-Id: I2f00be83fa17ad7344d0d75f4a899f169d7a622b
Reviewed-on: https://code.wireshark.org/review/25735
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
These were initially coded incorrectly. The problem was found by
George Baltatanu and a fix supplied by him.
Change-Id: I1de86ca7c5428efbcdd0fb39244a1cafbbcd32ab
Reviewed-on: https://code.wireshark.org/review/25724
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When a single UDP port is supporting multiple protocols, for example RTP and
RTCP can share a port, and one of these protocols is detected through a
heuristic before a superior protocol (e.g. SIP/SDP) has established that the
port has multiple protocols, then only the heuristic is used. This is due to
only looking for an exact match with find_conversation() and not going any
further. The superior protocol only adds the dissector by source address/port.
So, to fix, if we do not find the exact match, we continue serching for a
dissector on the partial matches.
Bug: 14370
Change-Id: Icdded9ca1637cd594b920f979f6f0a003bef9aae
Reviewed-on: https://code.wireshark.org/review/25432
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
No need for len, and call caplen event_filelen and move it after
event_len.
Change-Id: I8b3825d4022ee083ee52f83f7a69f22829ed9fc4
Reviewed-on: https://code.wireshark.org/review/25698
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Separate the stuff that any record could have from the stuff that only
particular record types have; put the latter into a union, and put all
that into a wtap_rec structure.
Add some record-type checks as necessary.
Change-Id: Id6b3486858f826fce4b096c59231f463e44bfaa2
Reviewed-on: https://code.wireshark.org/review/25696
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Previously, dissect_cip_generic_service_req and dissect_cip_generic_service_rsp
set lengths at different levels of the packet. In some cases, this would
cause a malformed packet when the data length was zero. This fixes the
malformed error by explicitly setting the length, instead of using -1.
The length of the service data set is not the data paylod for both
cases. Previously, for requests, it attempted to highlight the whole CIP
layer, but this was already covered by the full CIP protocol layer
length.
Change-Id: I4b4a99d30b9e04872fcf7ffb127c496e6062856c
Reviewed-on: https://code.wireshark.org/review/25672
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Add Decode Options for 4 Safety I/O types. Previously, you could only decode as "CIP Safety", which only showed as a generic data block (because all important things for parsing are in the FwdOpen).
2. Change some timestamp display formatting to match other related timestamp fields (now all Dec)
3. Don't create connections for Null Forward Opens.
Change-Id: Ia1031b3887739a864a453b9e566ebe6f29fa5b8b
Reviewed-on: https://code.wireshark.org/review/25664
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
They were used by the now-removed draft-07 support.
Change-Id: I4762d2a6bb81e231010f1fd4b2b51278bb3c4329
Reviewed-on: https://code.wireshark.org/review/25695
Reviewed-by: Guy Harris <guy@alum.mit.edu>
of Quick UDP Internet Connection
Change-Id: Ibe18191fca6495d817f6bc10ec4b5df552548396
Reviewed-on: https://code.wireshark.org/review/25690
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When dissecting an if_tsresol option in an IDB, calculate the resolution
from the base and the offset. If the result overflows, mark it as an
overflow; otherwise, mark it with the units for more values than 1
microsecond. Store the calculated resolution, which we initialize to
the default of 1 microsecond.
When displaying time stamps in blocks, use the calculated resolution,
rather than re-calculating it. If it's 0, it means the resolution is
too high, so don't calculate it and end up dividing by zero.
Bug: 14402
Change-Id: Idc34ededb4f7250b3604b14d4468c32f6592793f
Reviewed-on: https://code.wireshark.org/review/25673
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do not check reported length but captured length, otherwise it can
can trigger an exception when trying to fetch at offset 4.
Once the (very basic heuristic) is verified, cann the right dissection
function.
Bug: 14399
Change-Id: Ie09d80e04f2501c940693a2ea9ecbd2f84d1e22f
Reviewed-on: https://code.wireshark.org/review/25666
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The main benefit of this feature is that it enables users to see the
succession of HTTP requests that led to a specific request.
A sample PCAP is available here:
https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16085
Change-Id: I7c521315b848fbce659fdc01e43f261d804a3a48
Reviewed-on: https://code.wireshark.org/review/25319
Reviewed-by: Moshe Kaplan <me@moshekaplan.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
They changed when the spec was updated. This seems to be the last change
needed here.
Change-Id: Id47c1de5b5890bffa0842c33ae02033ddf6c8325
Reviewed-on: https://code.wireshark.org/review/25656
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I2943c67238fb913258f0f1f15df968c17b1ea002
Reviewed-on: https://code.wireshark.org/review/25626
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fragmented FCP may not be called on the first pass, so add a NULL
check for proto_data that may not be there.
Bug: 14374
Change-Id: Icbbee8f0eb3a33655323283dbb5a01c350d784dc
Reviewed-on: https://code.wireshark.org/review/25649
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Sgement -> Segment
Change-Id: Ibf4aa2db14fd87c854a65da0de979ad4772243d8
Reviewed-on: https://code.wireshark.org/review/25640
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-on: https://code.wireshark.org/review/25648
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This will be restored after the 2.5.0 release is complete.
This reverts commit 61cc769169.
Change-Id: I0b7d2435fe010070aaced5f395c75a1cd65b3f83
Reviewed-on: https://code.wireshark.org/review/25645
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Sgement -> Segment
Change-Id: I275495fafdf76308ca36083256d6fcd2bed35203
Reviewed-on: https://code.wireshark.org/review/25640
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
pinfo->pkt_encap is jsut a copy of pinfo->phdr->pkt_encap; no need for
the copy.
Expand a comment while we're at it.
Change-Id: I5fcfe694ecba42507f1d629d01440da0a0989501
Reviewed-on: https://code.wireshark.org/review/25643
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use the address type of the link-layer source address, rather than the
encapsulation of the outermost packet layer, to determine the type of
the physical client address in a Dead Station frame. That should, for
example, handle cases where the actual Ethernet packets are being
carried within packets on some non-Ethernet network, or where the
packets aren't Ethernet packets but are packets on some other network
using MAC-48 addresses.
Change-Id: Ibd2e2322b03e81aa52c71b080f3c91d2f83fc3b4
Reviewed-on: https://code.wireshark.org/review/25642
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Pass empty (AT_NONE) addresses to find_conversation and
conversation_create_endpoint instead of NULL, similar to the LBTxx and
other dissectors.
Bug: 14394
Change-Id: Ia4573b276551a9c3d2da155faf786e8d15229100
Reviewed-on: https://code.wireshark.org/review/25620
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
That obviates the need to check pinfo->pkt_encap.
Change-Id: I038e065932282ce9d3362fbc9ba6ea653a63f399
Reviewed-on: https://code.wireshark.org/review/25627
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Let's add an expert info, and set offset to the end of the current tvb.
Bug: 14379
Change-Id: Iaccf862c451eef58aaed11b26fceebf26bc2c818
Reviewed-on: https://code.wireshark.org/review/25619
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
fixed an offset error for mqmo in gmo
Added value in comment when defining val_str
Change-Id: Ie29f65f96d2ffb96c0cc0623346432f1f8380168
Reviewed-on: https://code.wireshark.org/review/25604
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Add support for collection commands
* SET/GET manifest
* DCP changes (mutation/deletion/system_event)
Add support for DCP delete_time, a new format for DCP deletion
Change-Id: Iec2000a40da37dcb1edf665a157dc7ab30d4c9d0
Reviewed-on: https://code.wireshark.org/review/25612
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Found during fuzz test that the get_mq_pdu_len can return
a 0 length pdu. Fix to at least return tvb_reported_length_remaining
Change-Id: I6410f71724a6288fe42a4f600e72a8af787aa7eb
Reviewed-on: https://code.wireshark.org/review/25574
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
The data for an address is *not* guaranteed to be aligned on any
particular boundary, so, for IPv4 addresses, don't assume it's aligned
on a 32-bit boundary - to get it in host byte order, fetch it with
pntoh32(), which fetches a 32-bit value that's in network byte order,
and isn't necessarily aligned on any particular boundary, and returns it
in host byte order.
Change-Id: Ic512ab4b1e0f2815d9f0af0e33714f456a08a45d
Reviewed-on: https://code.wireshark.org/review/25589
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The data for an address is *not* guaranteed to be aligned on any
particular boundary, so, for IPv4 addresses, don't assume it's aligned
on a 32-bit boundary - copy it with memcpy() and use the result of the
copy.
For IPv6 addresses, cast the data pointer to a pointer to a *const*
ws_in6_addr, so we don't throw away constness.
Change-Id: I0e00263f594d7778c3bd9b98e4336cb201c1f3d5
Reviewed-on: https://code.wireshark.org/review/25580
Reviewed-by: Guy Harris <guy@alum.mit.edu>
dmp_long_id_hash_table is wmem_map autoreset on file scope.
Don't put there g_strdup() data.
Valgrind log:
==15134== 8 bytes in 2 blocks are definitely lost in loss record 3,988 of 49,961
==15134== at 0x4C29C4F: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==15134== by 0xA94E405: g_malloc (gmem.c:97)
==15134== by 0xA966C4E: g_strdup (gstrfuncs.c:356)
==15134== by 0x6CFC301: dissect_mts_identifier (packet-dmp.c:2684)
==15134== by 0x6D01A8F: dissect_dmp_envelope (packet-dmp.c:2935)
==15134== by 0x6D01A8F: dissect_dmp (packet-dmp.c:3909)
Found by oss-fuzz.
Change-Id: I7c3896a9b64c25035fbe8b4ef6130cd693a515db
Reviewed-on: https://code.wireshark.org/review/25575
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
See Volume 9, version 1.2, sections "6-2.7.1.1" and "7-1.1"
1. Pass Connection Point from FwdOpen to Motion dissector, since that is now needed to parse I/O payload.
2. Move Run/Idle Header function to CIP dissector, since it's a CIP feature, not ENIP.
3. Add a protocol so that Format Revision 3 can be dissected without the Forward Open in the capture.
4. Minor: Highlight more bytes in some EPATH parsing.
5. Minor: Renaming some things to match spec wording.
Change-Id: I93626a6492be2675206d38c04fa1c7ce534c04ca
Reviewed-on: https://code.wireshark.org/review/25570
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
It looks like that quic_create_cleartext_decoders() need to free secrets, tls13_cipher_create() only use it as const.
ASAN report:
ERROR: LeakSanitizer: detected memory leaks
Direct leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x4e26e8 in __interceptor_malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:88
#1 0x225b038 in g_malloc
#2 0x1742014 in quic_derive_cleartext_secrets /src/wireshark/epan/dissectors/packet-quic.c:1071:10
#3 0x173e579 in quic_create_cleartext_decoders /src/wireshark/epan/dissectors/packet-quic.c:1091:10
#4 0x173dc89 in dissect_quic_long_header /src/wireshark/epan/dissectors/packet-quic.c:1221:14
#5 0x173ced6 in dissect_quic /src/wireshark/epan/dissectors/packet-quic.c:1402:18
(...)
Direct leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x4e26e8 in __interceptor_malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:88
#1 0x225b038 in g_malloc
#2 0x1741fd5 in quic_derive_cleartext_secrets /src/wireshark/epan/dissectors/packet-quic.c:1065:10
#3 0x173e579 in quic_create_cleartext_decoders /src/wireshark/epan/dissectors/packet-quic.c:1091:10
#4 0x173dc89 in dissect_quic_long_header /src/wireshark/epan/dissectors/packet-quic.c:1221:14
#5 0x173ced6 in dissect_quic /src/wireshark/epan/dissectors/packet-quic.c:1402:18
(...)
Found by oss-fuzz/5902.
Change-Id: I6f8a4597411ee267773225e45043addb69928d66
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5902
Reviewed-on: https://code.wireshark.org/review/25571
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Valgrind report:
==642== 14 bytes in 1 blocks are definitely lost in loss record 5,705 of 49,814
==642== by 0xA966DCC: g_strdup_vprintf (gstrfuncs.c:507)
==642== by 0xA966E88: g_strdup_printf (gstrfuncs.c:533)
==642== by 0x6D523F4: dissect_object_mapping (packet-epl.c:4216)
==642== by 0x6D56394: dissect_epl_sdo_command (packet-epl.c:3862)
==642== by 0x6D56394: dissect_epl_asnd_sdo (packet-epl.c:3572)
==642== by 0x6D59BC5: dissect_epl_asnd (packet-epl.c:3053)
==642== by 0x6D59BC5: dissect_eplpdu.part.21 (packet-epl.c:2627)
Found by oss-fuzz/5907.
Change-Id: I6f4d2cea761581260af396c848ab1fded5641b44
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5907
Reviewed-on: https://code.wireshark.org/review/25573
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
We've added more fields, increment the pre-allocation amount.
Change-Id: Ia5f1aab7a2fa120049162d17a63f99bf21a3fe37
Reviewed-on: https://code.wireshark.org/review/25566
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added support for IMS, TM, TMC2 Struct
Improve display some Flags in ID Struct
Fix display for FCNO Struct
Fix error in get_mq_pdu_len
Code reformat (VS2017)
Moved DEFINE to header file
More struct display fixed
Fix for IMS Msg len display
Change-Id: I80bfd25a5079598fc44124dc2c7b850640a38b00
Reviewed-on: https://code.wireshark.org/review/25295
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Adjust splash screen message used for registering dissectors when
finished fast from "Registering dissectors Registration finished"
to "Registering dissectors finished".
Change-Id: Id81cf08bb02bea0baa3ac0575b487e271641e27d
Reviewed-on: https://code.wireshark.org/review/25546
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
As stated in the #if 0ed out comments, It's not valid for a
soupbintcp subdissector to call conversation_set_dissector(), so
it shouldn't call try_conversation_dissector. Just remove the
call entirely so it doesn't look like the removal is temporary.
Change-Id: I68d9b72360b52002692c369d7b202a8a215c0a96
Reviewed-on: https://code.wireshark.org/review/25555
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Valgrind log:
==6102== Thread 1:
==6102== 32 bytes in 1 blocks are definitely lost in loss record 24,851 of 49,782
==6102== at 0x4C29C4F: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==6102== by 0xB17B7F7: __vasprintf_chk (vasprintf_chk.c:80)
==6102== by 0xA98C2AB: vasprintf (stdio2.h:210)
==6102== by 0xA98C2AB: g_vasprintf (gprintf.c:316)
==6102== by 0xA966DCC: g_strdup_vprintf (gstrfuncs.c:507)
==6102== by 0xA966E88: g_strdup_printf (gstrfuncs.c:533)
==6102== by 0x6A66B8C: color_filters_read_globals (color_filters.c:704)
==6102== by 0x6A66FBE: color_filters_get (color_filters.c:317)
==6102== by 0x402313: fuzz_init (fuzzshark.c:237)
==6102== by 0x40252D: LLVMFuzzerInitialize (fuzzshark.c:322)
==6102== by 0x401E33: main (StandaloneFuzzTargetMain.c:125)
Change-Id: Ibc18edff6097eca736328810c903a151ddee22bc
Reviewed-on: https://code.wireshark.org/review/25553
Tested-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
The CAN-ETH protocol explicitly states that the CAN identifiers are
transmitted in little-endian order, and the dissector now decodes it as
little-endian rather than host-endian.
Change-Id: I92c44b809caace31726e0d355363355eb32efa3e
Reviewed-on: https://code.wireshark.org/review/25549
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Otherwise we use an uninitialized variable
Bug: 14372
Change-Id: Idacdb40569421f7e41e181c14fb2bc033b0645b8
Reviewed-on: https://code.wireshark.org/review/25529
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Adding Session Multiplex Protocol SMP
SMP is used by TDS when MARS in enabled.
Bug: 14110
Change-Id: Ia4113c627d107da6c3d51e4004265efb228a297b
Reviewed-on: https://code.wireshark.org/review/25509
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
bf_arr is used as %s argument to proto_tree_add_subtree_format(), so it need to be NUL terminated.
Add + 1 to bf_arr size, and use sizeof() in memset() calls.
ASAN report:
ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7ff1b179f150 at pc 0x00000044cf31 bp 0x7ffdc7493cf0 sp 0x7ffdc74934a0
READ of size 258 at 0x7ff1b179f150 thread T0
SCARINESS: 41 (multi-byte-read-stack-buffer-overflow)
#0 0x44cf30 in printf_common(void*, char const*, __va_list_tag*) /src/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_format.inc:548
#1 0x498cfc in __vsnprintf_chk /src/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc:1558
#2 0x5775cf in proto_tree_set_representation /src/wireshark/epan/proto.c:5508:9
#3 0x577eb1 in proto_tree_add_text_valist_internal /src/wireshark/epan/proto.c:1226:2
#4 0x5782d5 in proto_tree_add_subtree_format /src/wireshark/epan/proto.c:1249:7
#5 0x73c73f in fBitStringTagVS /src/wireshark/epan/dissectors/packet-bacapp.c:7490:15
#6 0x73ad20 in fApplicationTypesEnumeratedSplit /src/wireshark/epan/dissectors/packet-bacapp.c:7569:26
#7 0x73a484 in fApplicationTypes /src/wireshark/epan/dissectors/packet-bacapp.c:7635:12
#8 0x7395db in fIAmRequest /src/wireshark/epan/dissectors/packet-bacapp.c:13412:14
#9 0x7383e1 in dissect_bacapp /src/wireshark/epan/dissectors/packet-bacapp.c:14163:9
Found by oss-fuzz/5452.
Change-Id: I57e948904f707c5003a389431b009a37c1212e04
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5452
Reviewed-on: https://code.wireshark.org/review/25544
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Fixes/improves a few filter identifiers, typos, consistent
use of MHz (as opposed to Mhz), and fixes to the MCS map trees
in the HE Capabilities tag.
Change-Id: I5c761990237ccc241d95fb0b9b2d3f8f1263b460
Reviewed-on: https://code.wireshark.org/review/25530
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
The UDP port for HSRPv6 was mistyped when UDP dissectors was converted
to use "auto" preferences in g2eb7b05b8c.
Change-Id: I4b6f634677d23d81fc197dbeb43ee3d91d9a111f
Reviewed-on: https://code.wireshark.org/review/25526
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Open lua scripts when double-clicked. Behavior depends on your system
configuration. Add tooltips accordingly.
Let Qt wrap the "Wireshark" tab information.
Set column widths by eyeballing their contents.
Elide the Folders and Plugins strings in the middle.
Fixup placeholder text capitalization.
Draw links using the palette link color.
Change-Id: Ic141eae05541480ec1e254c55fd81728d04713d9
Reviewed-on: https://code.wireshark.org/review/25510
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add missing NULL terminator to ieee1905_reporting_policy_flags[], in order to fix buffer overflow.
ASAN report:
ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000092a4af8 at pc 0x00000062afd2 bp 0x7ffce7e468d0 sp 0x7ffce7e468c8
READ of size 8 at 0x0000092a4af8 thread T0
#0 0x62afd1 in proto_item_add_bitmask_tree /src/wireshark/epan/proto.c:10406:9
#1 0x62953f in proto_tree_add_bitmask_with_flags /src/wireshark/epan/proto.c:10786:3
#2 0xfb8271 in dissect_metric_reporting_policy /src/wireshark/epan/dissectors/packet-ieee1905.c:2762:9
#3 0xfb2997 in dissect_ieee1905_tlv_data /src/wireshark/epan/dissectors/packet-ieee1905.c:4390:18
#4 0xfb23c8 in dissect_ieee1905 /src/wireshark/epan/dissectors/packet-ieee1905.c:4577:18
Found by oss-fuzz/5298.
Change-Id: I35dbd6d29d0a3a5560286146fbed172c810e5b2d
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5298
Reviewed-on: https://code.wireshark.org/review/25520
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
One thing I hate is big slabs of open coding. Compilers are very good these days
and will inline functions if they are used in only one place.
By using functions we make the code very much more readible.
There is also a big opportunity to use functions like proto_tree_add_bitmask.
Change-Id: I66d1509f577d2955996f4649e05494ab0370ed01
Reviewed-on: https://code.wireshark.org/review/24964
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The sip_is_packet_resend() function sets the internal transaction_state to
final_response_seen, the prevents the sip_find_request() from finding the
matching INVITE as it expects transaction_state == request_seen. Simply
reversing the order of these functions seems to fix the problem.
Change-Id: I61d085c979dee24ad88b4eea26dfa002fd9cd213
Reviewed-on: https://code.wireshark.org/review/25429
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
CCM* algorithm implemented as part of ieee802154 dissector can be
leveraged for higher layer protocols, e.g. OSCORE. This change adds an
additional parameter to the CCM* API in order to allow passing a generic
13-byte nonce.
Bug: 14367
Change-Id: Ib2da1146659f67ffb3a4767ec093f8b7f09461ce
Reviewed-on: https://code.wireshark.org/review/25455
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 14332
Change-Id: I49642a9880fc03d38942eebfd6b1015894fef23d
Reviewed-on: https://code.wireshark.org/review/25255
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modern SDP usage (e.g. SIP, WebRTC) can "bundle" multiple RTP media streams on
a single port. Thus the RTP dissector has to be able to handle audio and video
at the same time, so the gboolean flag in _rtp_info was changed to a bit mask.
The SDP parsing was then changed to detect multiple "m=" lines using the same
port, and combine their audio/video bit masks, and the rtp_dyn_payload used
has all the audio and video payload descriptions.
Change-Id: Ifa3c034260f892ed005fe28647d28f3b0b1b05cf
Reviewed-on: https://code.wireshark.org/review/25431
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Add the crypto suite that came in with a spec change (v171212).
2. Add two additional fields that need handling.
3. Make the attribute value a separate sub-tree.
Change-Id: Ic01527bcd0361bf2522d2efbc91cd8191d7b2e27
Reviewed-on: https://code.wireshark.org/review/25514
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Should fix clang warning created by https://code.wireshark.org/review/#/c/25492.
Change-Id: Iafa31e24cd786a510f3a953d615df4cbc3930fa6
Reviewed-on: https://code.wireshark.org/review/25508
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Chances are if there are a large number of "empty objects" (that don't increment packet
counter) it's an intentionally malicious packet and we should break the loop.
Bug: 14362
Change-Id: Id9a6f4270cc47188becdf4652f903d0ba4478dcb
Reviewed-on: https://code.wireshark.org/review/25497
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
JSON will be display like in browswer developer tool (Firefox or Chrome).
Change-Id: Ib504f4828d9fd8d25d9564b93717007ac021713c
Reviewed-on: https://code.wireshark.org/review/25474
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Handle the Estimated Service Parameters tagged element and the Future
channel guidance one. The second may need more work in future.
These are defined in IEEE STD 802.11-2016 but may have been defined earlier.
Change-Id: I1c67a0ea6df9c1cc89bb3a34da921f3938e0a012
Reviewed-on: https://code.wireshark.org/review/25407
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: Iecfb705b37f54119eaec75ab8df8c7ee3c76bfec
Reviewed-on: https://code.wireshark.org/review/25503
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
UAT color "datatype" has the format of #XXXXXX so the XXXXXX is strduped
to pass to strtol(). The "pointer math" assumed the # was always present
and would result in large memory allocation if string was empty.
Bug: 14357
Change-Id: Idc43b17f0e07705880d0d77f106991d10e09f072
Reviewed-on: https://code.wireshark.org/review/25504
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add dissection of the TDS response packet for TDS 4.2. In order to share code, this
required parameterizing TDS 7.x token-handling routines for things such as endian-ness
and one-byte vs two-byte character encodings. This required ascertaining accurately when
TDS 7.x is in use as early in the conversation as possible. This in turn required knowing
the program versions downloaded in the prelogin packet in the case where the login packet
is encrypted. (Listening to the LoginAck token is a little too late.)
Add more support routines to parameterize the endian nature of each connection.
Although the particular tokens decoded here are documented for TDS 4.2, it has only been tested
with a trace from TDS 4.6. TDS 4.6 didn't change much, but there may be a few minor errors.
Change-Id: I6f8f136bcc565640fbea4302cb79ea29a118d9a1
Reviewed-on: https://code.wireshark.org/review/25464
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Used reference:
Book "InfiniBand Network Architecture" by Tom Shanley; page 369 ff
Bug: 14359
Change-Id: I77e64ca16ccc5f193eac34b304165f722ffb0748
Reviewed-on: https://code.wireshark.org/review/25489
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some oddities with regard to file permissions have crept into
the repository. Reset execute rights on various files which do
not need them.
Change-Id: Ib05658072925d59fc682173673c5638d157a269a
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25490
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Headers field "name" is used in the hash table for matching
field type while processing data. Browsers use dash as
delimiter while in the code we use underscore.
Change-Id: I6342af9328118b41a8c71e034ef5913a83a84459
Reviewed-on: https://code.wireshark.org/review/25478
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I306341c7cddf8facb4a9ca62254a465a1da22174
Reviewed-on: https://code.wireshark.org/review/25423
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
iPXE seems to violate RFC 3004 by ommitting the UC_Len_i field in the
User Class Data field. Since this seems to be a 'well known' issue,
which is not going to be corrected, detect and circumvent the error
detection for this specific use.
Bug: 14312
Change-Id: I2a15c336d7f67ee5fd83f955de7126eac146bfb1
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25450
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I2f47e0ede2a31cfdadc69ab125a739b3deaa297e
Reviewed-on: https://code.wireshark.org/review/25453
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Move checking of encoding before allocating nstime.
Found by clang.
Change-Id: I3c1de5fae6fcf52393cc38302359f21f17808087
Reviewed-on: https://code.wireshark.org/review/25442
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modern SIP endpoints often use non adjacent, or the same, port for the RTCP
protocol as the RTP protocol. This is indicated via attributes in the SDP,
which should be used to set up the correct dissector for the correct port
on this SIP session.
Change-Id: I37bf30b71541b6f924fbda5ac1cb29f3ba171515
Reviewed-on: https://code.wireshark.org/review/25430
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I049c8b9b9a0a1da2243217532186ba5a19cf5671
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25424
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
RHEL7 ships with Libgcrypt 1.5.3 which does not support AEAD, add guards
to fix -Wunused-function errors.
Change-Id: I230a66eff0dca9a882bf87f2f740ee0d36cd1dc6
Reviewed-on: https://code.wireshark.org/review/25434
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: If176231d1c71692b1d6a2627934d211e4f2476a7
Reviewed-on: https://code.wireshark.org/review/25433
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
While we are at it, let's add the protocol item to allow filtering on
protocol.
Bug: 14360
Change-Id: I4973a6e657dccd71af4f798584cc118b75bedd20
Reviewed-on: https://code.wireshark.org/review/25425
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
offset was not used after increment/assignment, just return it to relax clang.
Found by clang scan.
Change-Id: I21dece4e31075ca2da8d3ba942336fb4858636b6
Reviewed-on: https://code.wireshark.org/review/25419
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Some ZigBee commands within the Smart Energy Profile does not have the same payload
across different specifications. With this preference it is possible to choose what
version of the specification to use when dissecting payloads.
The default version is set to the latest one, which is Smart Energy 1.4, even though
it is still under development.
Change-Id: Iaec5528f2a418aeec4e39cfa087a58e531570d42
Reviewed-on: https://code.wireshark.org/review/25409
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is based on Draft 2 of the standard. Draft 2 did not get approved, but
is close to what the final version will be and support is needed now by the
teams working on this.
Change-Id: I837df05a288b815e1e455883f4f165721104d51f
Reviewed-on: https://code.wireshark.org/review/24861
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
All tools use draft-07 or draft-08
Bug: 13881
Change-Id: I539e34324f16149fe8c0d05d938bae1298b9eb15
Reviewed-on: https://code.wireshark.org/review/25399
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If a field is indicated as not known, then display that field as reserved
which will prevent people from searching for fields that are not known and
makes more sense.
Also, rename some of the hf fields to be more in line with standard practice.
Change-Id: I5cbbd682acbea3713b7b19325fe1a36cc0e36aa1
Reviewed-on: https://code.wireshark.org/review/25397
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
There was a missing field in the initial version of the spec. Add the
flags bits that define the subsequenct fields.
Change-Id: Ie237075f4f7f30adc4b280358fe5c985c63f5281
Reviewed-on: https://code.wireshark.org/review/25375
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Don't break the remaining length by setting and invalid one
Change-Id: Ia32798db73937ada6c99a6927cc87402603a9e75
Reviewed-on: https://code.wireshark.org/review/25391
Reviewed-by: Michael Mann <mmann78@netscape.net>
'rsvp.template_filter.ipv4_tunnel_sender_address' exists multiple times with NOT compatible types: FT_IPv6 and FT_IPv4
'rsvp.template_filter.sub_group_originator_id' exists multiple times with NOT compatible types: FT_UINT16 and FT_BYTES
Change-Id: I922ef6742c7f340519adc6014ec37e29cb0e34c7
Reviewed-on: https://code.wireshark.org/review/25390
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Glib hash table can use integers as pointer by casting them
using GINT_TO_POINTER. This prevents alloc/free of memory.
Leak found by clang.
Change-Id: Ieae4d1ec787e41aef0657d27bdaefe30d12e2b80
Reviewed-on: https://code.wireshark.org/review/25341
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This will help identifying that the packet contains unexpected data at the end
rather than triggering a malformed error when trying to fetch outside of
the tvb.
Change-Id: Ieb71204f3c364e809447157e7a71c3eb92620d85
Reviewed-on: https://code.wireshark.org/review/25366
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This removes an error when running cmake target checkAPI_epan.
No such file: "ps.c" at wireshark/tools/checkAPIs.pl line 2144.
This error is related to out-of-tree builds. In-tree builds are not
affected since the generated files live next to the versioned ones.
Change-Id: I3a6b05eaf4b7bb703222c47233576d0cb77e66d1
Reviewed-on: https://code.wireshark.org/review/25330
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
This field is generated so mark it so. It may also be usable so
make it visible.
Change-Id: I10d951f234f1fba240059bc791b40d25dede07a9
Reviewed-on: https://code.wireshark.org/review/25350
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This allows the user to override the EAPOL Key MIC length for those
crypto suites where the Key MIC length is greater than 16 bytes.
This works in the DPP case where the Key MIC length is supposed to be the
same as the Nonce length.
Change-Id: I8ef6bc978e0a44ece0e95d76b231a02c7f15c89b
Reviewed-on: https://code.wireshark.org/review/25332
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Padding frame can be anywhere on QUIC payload
Add loop check if it is always padding frame (0x00)
Bug: 13881
Change-Id: I3d50e5347aeca9738aeac3287ddba7fd30fc72b1
Reviewed-on: https://code.wireshark.org/review/25324
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I0a4eb85abd75ed706ea519371f2c62b172c05297
Reviewed-on: https://code.wireshark.org/review/25326
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
A capture with a Server Hello failed to be dissected because the record
was split in TCP segments of one byte each. This resulted in a
"Malformed Packet" exception because ssl_looks_like_sslv2 looks at the
third byte which. To fix this, ensure that at least the size of a TLS
record is available.
Change-Id: I8558028a28169020bc6549fdac29e07ecedf6ce2
Reviewed-on: https://code.wireshark.org/review/25310
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Renumber key_share extension, display the old codepoint as "Reserved
(key_share)" in case an older draft version is loaded. The old codepoint
(40) was apparently used for different purposes:
https://www.ietf.org/mail-archive/web/tls/current/msg25168.html
Add a new "signature_algorithms_cert" extension which is similar to
"signature_algorithms", except that it advertises the supported
algorithms in certificates rather than handshake messages.
Change-Id: Ibbb09100e2540deea8f652ba0685feadb68f33e7
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/25309
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Make HTTP2 headers filterable.
Change-Id: I1a1a42ccdb41461f048e9ae462421ecad79da61b
Reviewed-on: https://code.wireshark.org/review/24475
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I8b69922c2bbb7905480277e7b28d9894453e785b
Signed-off-by: Anton Glukhov <anton.a.glukhov@gmail.com>
Reviewed-on: https://code.wireshark.org/review/25284
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use the term "external capture interfaces".
Change-Id: I216ce2273737b58e4922c476416333ba16d6cb30
Reviewed-on: https://code.wireshark.org/review/25298
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a trailing NULLs so that we don't read past the end of
hfi_nfct_attr_status_flags and hfi_nfexp_attr_flags_bitfield.
Bug: 14336
Change-Id: I1e96a89f60df2d653c4f3ad63f29cf57eb0224a5
Reviewed-on: https://code.wireshark.org/review/25290
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Have the make-dissectors CMake target explicitly depend on copy_cli_dlls,
otherwise we might try to create dissectors.c before libglib-2.0-0.dll
has been copied into place. It looks like this is what's been causing
our random Windows PD failures.
Change-Id: Ia2445f17abd2c73113ab269ba6c606f48e724d93
Reviewed-on: https://code.wireshark.org/review/25292
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Decode additional data of NTP opcodes 8,9,10,11,12 only as one string.
There's room for improvement to dissect the string for all the
name=value pairs. To do so more samples of different implementations are
needed.
Used reference:
* https://tools.ietf.org/html/draft-ietf-ntp-mode-6-cmds-03
* http://doc.ntp.org/
* sample captures attached to bug
Bug: 14270
Change-Id: I4da537bf2a984b673845333714d8a8cb873f3147
Reviewed-on: https://code.wireshark.org/review/25281
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This UAT was limited (allowed configuring RACH channels only) and hasn't been extended for 4 years now.
There is also a heuristic dissector for RACH channels so pre-configuring them is unnecessary.
Change-Id: I266d2a0aba179318e1c28e0d5bc2b60860962fb2
Reviewed-on: https://code.wireshark.org/review/25270
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since the message number isn't explicitly encoded in the protocol there
is no field to filter on. It is however derived from the message
contents and added in the info column.
Adding this as a generated field allows searching for and filtering of
these messages.
As requested before, last at SF'17 EU.
Change-Id: Id77612f0178710d30ea815335b0a54339d5d7b2c
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25257
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The correct length for an AT_STRINGZ address of "" is 1, not 0. A
length of 0 for an address is valid only if the pointer-to-address-data
is null.
Change-Id: I1da6de5ed402020ed5c8389a911870a54fa8b14a
Reviewed-on: https://code.wireshark.org/review/25258
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fixes a build failure when building the wireshark-git package on Arch
Linux using GCC 7.2.1:
epan/dissectors/packet-h223.c: In function ‘dissect_mux_sdu_fragment’:
epan/dissectors/packet-h223.c:207:13: error: variable ‘circuit_id’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
Fixes: v2.5.0rc0-1698-g800b26edbe ("Remove circuit API")
Change-Id: I0b63f692e840e852680467b25ba3c3dfd31392ed
Reviewed-on: https://code.wireshark.org/review/25251
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make plugins.c the source of truth for plugin names. Where plugins
reside and what they do are two different things, so split the plugin
directory and description into two separate elements.
CMake creates portable[1] builds on Windows and macOS. That is, the
build-time directory layout is the same as the installation directory
layout. Adjust various plugin paths macOS accordingly.
[1] You have to run osx-app.sh on macOS to prepare the application
bundle, but the goal is to create a directory/bundle that can be moved
or copied to a different system and run in the new location.
Change-Id: Icf9d02e61918fdf1404468baf52542910edf2743
Reviewed-on: https://code.wireshark.org/review/25166
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Shift the value stored in coinfo->block_mflag in
dissect_coap_opt_block so that we store 0/1 instead of 0/8.
Change-Id: I45ac08564ff1fdcaf4e7306692db862b6a70989b
Reviewed-on: https://code.wireshark.org/review/25248
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Niels Widger <niels@qacafe.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
For queries, there appear to be two different versions, one with a
2-byte value of some unknown type and one with a 1-byte value that
appears to be an "appliance type" code followed by a 2-byte VLAN ID.
For replies, there only appears to be a version with a 1-byte "appliance
type" followed by a 2-byte VLAN ID, but handle a too-short payload.
Also point to http://www.rhyshaden.com/cdp.htm in some comments.
Change-Id: If1b476d5e6b23c7e0ba027835c6f0c84c8b723b7
Reviewed-on: https://code.wireshark.org/review/25249
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Allow decoding of LoRaTap in UDP packets like used by gr-lora (https://
github.com/rpp0/gr-lora) for instance.
Change-Id: I812c428db840a646b6fb22437037dcb8fab39370
Reviewed-on: https://code.wireshark.org/review/25247
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
UNSOLICITED_PONG (0xB): An endpoint received a PONG frame that did
not correspond to any PING frame that it previously sent.
Bug: 13881
Change-Id: I8f3daf46965b93007dd178622f3ebd7c187b11e7
Reviewed-on: https://code.wireshark.org/review/25239
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AS23456 is reserved in RFC6793 for 32-bit AS number range as AS_TRANS.
Add an additional text "(AS_TRANS)" to AS 23456 items.
Bug: 14305
Change-Id: I1a0ea9e07c74b7e409cb32e2da55dbf233a2348d
Reviewed-on: https://code.wireshark.org/review/25172
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ASN.1 prose imported from the specification and heavily modified
manually to workaround its poor quality.
Some of them are marked with -- WS modification comment, some are not.
Probably useless as-is, but it is an initial start until an updated
version is available.
Change-Id: I19ab6cedb6aa23c8ed57bae525ee4a3391494e32
Reviewed-on: https://code.wireshark.org/review/25235
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When doing recursion check we must also count down when done.
Bug: 14253
Change-Id: Icacc86e8b25e106e151117dbcc2f132b1bbe898e
Reviewed-on: https://code.wireshark.org/review/25226
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Another simple example of how to use preference effects to limit
the times a capture file is redissected unnecessarily.
Also clean up some of the grammar of preference effect descriptions.
Change-Id: I2db92e8e3ee913d3b37162916bd0ef7ac8ecd794
Reviewed-on: https://code.wireshark.org/review/25175
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We've added more fields, increment the pre-allocation amount
Change-Id: If0e68697c797e8709349a59b86fbcd4397730476
Reviewed-on: https://code.wireshark.org/review/25220
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allow LoRaTap syncword field to be used for "decode as".
Fix field types for LoRaWAN EUI fields to display as EUI-64 little endian.
Change-Id: I584f338031a4bc87e127d35a7bf8751a60e93d55
Reviewed-on: https://code.wireshark.org/review/25199
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This interperates the main body of Lustre traffic.
This dissects all current Lustre OPCODES (as of Lustre 2.10.2)
This dissects MDS REINT sub-opcodes
This dissects LDLM Intent opcodes
This dissects LLOG EADATA
Conversation matching is just IP based and not IP/port based.
Only one lustre "instance" can be running on a given host at a given time,
and request / reply pairs aren't don't always match by port numbers.
Add exception for lustre_* structure names in PROTOABBREV.
We have several lustre.lustre_* because the internal lustre structre is
named lustre_ (i.e. lustre_handle or lustre_msg_v2)
This is still a work in progress, as there are missing FLAG values
and some LLOG EADATA structures that aren't fully decoded.
Change-Id: If57085e2692565336e49f40fb475ca1035da7a35
Signed-off-by: Nathaniel Clark <nathaniel.l.clark@intel.com>
Reviewed-on: https://code.wireshark.org/review/24800
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo