From 2263ce4f63f91f58d840c628dccaec6a72a0d6fc Mon Sep 17 00:00:00 2001
From: Peter Wu <peter@lekensteyn.nl>
Date: Tue, 2 Oct 2018 00:00:16 +0200
Subject: [PATCH] TLS: fix reassembly regression when extending a PDU

The fragment identifier was changed, but fragment_set_partial_reassembly
was left unchanged which broke reassembly/decryption when a subdissector
finishes reassembly, but then requests further reassembly (like HTTP
with chunked encoding). This bug results in a faulty "Reassembly error,
protocol TLS: New fragment past old data limits" message.

Bug: 15158
Change-Id: I636ef623dd65c3feb58da29adf7125d8458f038f
Fixes: v2.9.0rc0-2003-gbe16d87c60 ("TLS: fix broken reassembly with multiple PDUs in the same frame")
Reviewed-on: https://code.wireshark.org/review/29967
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
---
 epan/dissectors/packet-tls.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/epan/dissectors/packet-tls.c b/epan/dissectors/packet-tls.c
index 05f35f7c4d..420e2e8dc3 100644
--- a/epan/dissectors/packet-tls.c
+++ b/epan/dissectors/packet-tls.c
@@ -1112,7 +1112,7 @@ process_ssl_payload(tvbuff_t *tvb, int offset, packet_info *pinfo,
                     dissector_handle_t app_handle_port);
 
 static guint32
-tls_msp_frament_id(struct tcp_multisegment_pdu *msp)
+tls_msp_fragment_id(struct tcp_multisegment_pdu *msp)
 {
     /*
      * If a frame contains multiple appdata PDUs, then "first_frame" is not
@@ -1213,7 +1213,7 @@ again:
         }
 
         ipfd_head = fragment_add(&ssl_reassembly_table, tvb, offset,
-                                 pinfo, tls_msp_frament_id(msp), NULL,
+                                 pinfo, tls_msp_fragment_id(msp), NULL,
                                  seq - msp->seq,
                                  len, (LT_SEQ (nxtseq,msp->nxtpdu)));
 
@@ -1339,7 +1339,7 @@ again:
                  * needs desegmentation).
                  */
                 fragment_set_partial_reassembly(&ssl_reassembly_table,
-                                                pinfo, msp->first_frame, NULL);
+                                                pinfo, tls_msp_fragment_id(msp), NULL);
                 /* Update msp->nxtpdu to point to the new next
                  * pdu boundary.
                  */
@@ -1485,7 +1485,7 @@ again:
 
             /* add this segment as the first one for this new pdu */
             fragment_add(&ssl_reassembly_table, tvb, deseg_offset,
-                         pinfo, tls_msp_frament_id(msp), NULL,
+                         pinfo, tls_msp_fragment_id(msp), NULL,
                          0, nxtseq - deseg_seq,
                          LT_SEQ(nxtseq, msp->nxtpdu));
         }