forked from osmocom/wireshark
d0270415a9
Instead of grabbing the set of IDBs found at open time, have a loop using wtap_get_next_interface_description() to read all unread IDBs run after opening the input file, after reading a packet from the input file, and after getting an EOF on the input file. Add a routine wtap_uses_interface_ids() to check whether the file type and subtype for a dump file uses interface IDs and requires IDBs. If so, in the aforementioned loop, add the IDBs to the dump stream. Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it call a file-format-specific routine to add the IDBs; the only file type that supports it is pcapng, and it 1) writes out the IDB and 2) adds it to the set of IDBs for the stream. Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs from the input file from being used to initialize the output file; use it in cases where we're using the aforementioned loop to copy over IDBs. Don't require any IDBs to be present when opening a pcapng file for writing; 1) the simplest pcapng file has just an SHB in it, 2) that requirement causes dumps that don't provide IDBs at open time to fail, and 3) the real issue is that we don't want packets with an interface ID not corresponding to a known IDB, and we already have a check for that. (There are some hacks here; eventually, when everything processes the IDBs in such a loop, we may be able to get rid of the "two favors of dump parameter initialization" hack.) Fixes #15844. Addresses the same issue in #15502, but there are other issues there that also need to be addressed. In addition, the merge code also needs to be changed to handle this. |
||
|---|---|---|
| .. | ||
| patches | ||
| po | ||
| source | ||
| tests | ||
| README.Debian | ||
| README.Debian.security | ||
| changelog | ||
| compat | ||
| control | ||
| copyright | ||
| dirs | ||
| ethereal-common.NEWS | ||
| headers-check.c | ||
| libwireshark-data.install | ||
| libwireshark-dev.install | ||
| libwireshark0.install | ||
| libwireshark0.lintian-overrides | ||
| libwireshark0.symbols | ||
| libwiretap-dev.install | ||
| libwiretap0.docs | ||
| libwiretap0.install | ||
| libwiretap0.symbols | ||
| libwsutil-dev.install | ||
| libwsutil0.install | ||
| libwsutil0.symbols | ||
| license-text-about-dialog | ||
| maxmind_db_paths | ||
| postinst | ||
| rules | ||
| templates | ||
| tshark.docs | ||
| tshark.install | ||
| tshark.lintian-overrides | ||
| tshark.manpages | ||
| wireshark-common.config | ||
| wireshark-common.install | ||
| wireshark-common.lintian-overrides | ||
| wireshark-common.manpages | ||
| wireshark-common.postinst | ||
| wireshark-common.postrm | ||
| wireshark-dev.docs | ||
| wireshark-dev.install | ||
| wireshark-dev.manpages | ||
| wireshark-dev.prerm | ||
| wireshark-doc.docs | ||
| wireshark-qt.docs | ||
| wireshark-qt.install | ||
| wireshark-qt.lintian-overrides | ||
| wireshark-qt.manpages | ||
README.Debian.security
Handling security fixes in source package wireshark Wireshark is a network protocol analyzer and it's ability to perform deep packet inspection in live traffic may encourage users to use Wireshark/Tshark as a part of an intrusion detection or traffic monitoring system. In that case, please note that Wireshark/Tshark may contain remotely triggerable bugs causing crashes or allowing code injection. Bugs allowing code injection will be fixed in regular Debian Security Advisories, but fixes for pure crash bugs may be delayed. -- Balint Reczey <balint@balintreczey.hu> Fri, 10 Jul 2009 15:38:33 +0200