diff --git a/sources b/sources index d4b7952..1a22b48 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (wireshark-4.2.6.tar.xz) = 265bbc50787ba15646a8a4602e2598bb58494aee496b14a2392293862725320674f7084c7c00de5f9db41dbfc2eb23d88fd8e6b72f3c4036067192b44da22516 -SHA512 (SIGNATURES-4.2.6.txt) = 287342d1ccb36326a9bab5e50c48442a41b599e258611e9046eedb078a84f2840d16f29f91b1259b3b4d37486e48d85596192ea5c6b9d1fa7ad3e78543193e0b +SHA512 (wireshark-4.4.2.tar.xz) = df80c98a2d00ba46a853acfe3aec9dfc0d4484f490a276b8b8390b6d108634b7e0fa38e8f02f8d93afe5c2394c463a0d89611027032898d7d0390d2111b70ca6 +SHA512 (SIGNATURES-4.4.2.txt) = c809085b69c909702b3390b93891a19b8a8c0812d448ac9399eb59991618737b3bfeb737bd569267dcffc46290d59b34664f967e88c1a38b1678faaecd76d445 diff --git a/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch b/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch index b71f99c..7e9cb39 100644 --- a/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch +++ b/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch @@ -8,11 +8,11 @@ index 52c5017e1f..fb980269db 100644 --- a/plugins/epan/profinet/packet-dcom-cba.c +++ b/plugins/epan/profinet/packet-dcom-cba.c @@ -543,7 +543,7 @@ dissect_ICBAPhysicalDevice_get_LogicalDevice_rqst(tvbuff_t *tvb, int offset, - packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep) + packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep) { - guint32 u32Pointer; -- gchar szStr[1000]; -+ gchar szStr[1000] = ""; - guint32 u32MaxStr = sizeof(szStr); - gchar *call; + uint32_t u32Pointer; +- char szStr[1000]; ++ char szStr[1000] = ""; + uint32_t u32MaxStr = sizeof(szStr); + char *call; diff --git a/wireshark-0006-Move-tmp-to-var-tmp.patch b/wireshark-0006-Move-tmp-to-var-tmp.patch index f7a1637..a856286 100644 --- a/wireshark-0006-Move-tmp-to-var-tmp.patch +++ b/wireshark-0006-Move-tmp-to-var-tmp.patch @@ -18,27 +18,6 @@ to use different directory on different filesystem. create mode 100644 wsutil/wstmpdir.c create mode 100644 wsutil/wstmpdir.h -diff --git a/ui/qt/about_dialog.cpp b/ui/qt/about_dialog.cpp -index 752b669ac4..42c2be0fca 100644 ---- a/ui/qt/about_dialog.cpp -+++ b/ui/qt/about_dialog.cpp -@@ -14,6 +14,7 @@ - - #include "main_application.h" - #include -+#include /* for get_tmp_dir() */ - - #include - #include -@@ -185,7 +186,7 @@ FolderListModel::FolderListModel(QObject * parent): - appendRow(QStringList() << tr("\"File\" dialogs") << get_open_dialog_initial_dir() << tr("capture files")); - - /* temp */ -- appendRow(QStringList() << tr("Temp") << (global_capture_opts.temp_dir && global_capture_opts.temp_dir[0] ? global_capture_opts.temp_dir : g_get_tmp_dir()) << tr("untitled capture files")); -+ appendRow(QStringList() << tr("Temp") << (global_capture_opts.temp_dir && global_capture_opts.temp_dir[0] ? global_capture_opts.temp_dir : get_tmp_dir()) << tr("untitled capture files")); - - /* pers conf */ - appendRow(QStringList() << tr("Personal configuration") diff --git a/ui/qt/iax2_analysis_dialog.cpp b/ui/qt/iax2_analysis_dialog.cpp index 07b9b42e01..fb09de989b 100644 --- a/ui/qt/iax2_analysis_dialog.cpp @@ -272,3 +251,24 @@ index 0000000000..07ac5837ac -- 2.37.3 +diff --git a/ui/qt/about_dialog.cpp b/ui/qt/about_dialog.cpp +index ea11122..982ba1a 100644 +--- a/ui/qt/about_dialog.cpp ++++ b/ui/qt/about_dialog.cpp +@@ -14,6 +14,7 @@ + + #include "main_application.h" + #include ++#include /* for get_tmp_dir() */ + + #include + #include +@@ -204,7 +205,7 @@ FolderListModel::FolderListModel(QObject * parent): + appendRow(QStringList() << tr("\"File\" dialog location") << get_open_dialog_initial_dir() << tr("Capture files")); + + /* temp */ +- appendRow(QStringList() << tr("Temp") << (global_capture_opts.temp_dir && global_capture_opts.temp_dir[0] ? global_capture_opts.temp_dir : g_get_tmp_dir()) ++ appendRow(QStringList() << tr("Temp") << (global_capture_opts.temp_dir && global_capture_opts.temp_dir[0] ? global_capture_opts.temp_dir : get_tmp_dir()) + << tr("Untitled capture files")); + + /* pers conf */ diff --git a/wireshark-0008-pkgconfig.patch b/wireshark-0008-pkgconfig.patch index 3ef90b0..e32958a 100644 --- a/wireshark-0008-pkgconfig.patch +++ b/wireshark-0008-pkgconfig.patch @@ -1,13 +1,12 @@ diff --git a/CMakeLists.txt b/CMakeLists.txt -index 27fa752..7bdc036 100644 +index 17fa031..6876018 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -4037,9 +4037,6 @@ install( - "${CMAKE_BINARY_DIR}/wireshark.pc" - DESTINATION - ${CMAKE_INSTALL_LIBDIR}/pkgconfig -- COMPONENT -- "Development" +@@ -4175,8 +4175,6 @@ endif() + + install(FILES "${CMAKE_BINARY_DIR}/resources/wireshark.pc" + DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig +- COMPONENT "Development" - EXCLUDE_FROM_ALL ) diff --git a/wireshark-0009-sync-pipe-stderr-messages.patch b/wireshark-0009-sync-pipe-stderr-messages.patch deleted file mode 100644 index e27f7d4..0000000 --- a/wireshark-0009-sync-pipe-stderr-messages.patch +++ /dev/null @@ -1,612 +0,0 @@ -From 4a454d8d626ade8804d2d492c796939d82b484b6 Mon Sep 17 00:00:00 2001 -From: John Thacker -Date: Thu, 28 Dec 2023 20:18:38 -0500 -Subject: [PATCH] dumpcap: Don't use fd 2 (stderr) for the sync pipe - -Don't use stderr for the sync pipe, because third party libraries -and functions sometimes pollute stderr with other information. - -Instead, pass the information necessary to dumpcap as a parameter -to the special capture child option -Z. - -On UN*X, that means passing the sync pipe write file descriptor, as -the child is created by fork + exec and shares the file descriptor table. - -On Windows, the child process does not share the file descriptor table, -but it does share the HANDLE value for inherited handles, so pass that -instead. (The HANDLE is a void* and technically 64 bit, but only the -lower 32 bits are used for inherited handles that can be shared - and it is permissible to truncate: -https://learn.microsoft.com/en-us/windows/win32/procthread/inheritance -https://learn.microsoft.com/en-us/windows/win32/winprog64/interprocess-communication -https://learn.microsoft.com/en-us/windows/win32/WinProg64/rules-for-using-pointers -though perhaps in the future casting to an intptr_t makes more sense.) - -Move the special Windows named signal pipe to its own long option -instead of using the parameter from the capture child option. - -This means that we alter argv inside sync_pipe_open_command so change -the static functions and free argv there. Once glib 2.68 and later is -required a GStrvBuilder could be used instead. - -Fix #12222 ---- - capture/capture_sync.c | 105 ++++++++++++++++++++--------------------- - dumpcap.c | 85 +++++++++++++++++++++++---------- - 2 files changed, 112 insertions(+), 78 deletions(-) - -diff --git a/capture/capture_sync.c b/capture/capture_sync.c -index 5c70baa6dfb..aa29a0b7ff7 100644 ---- a/capture/capture_sync.c -+++ b/capture/capture_sync.c -@@ -115,14 +115,6 @@ static ssize_t pipe_read_block(GIOChannel *pipe_io, char *indicator, int len, ch - - static void (*fetch_dumpcap_pid)(ws_process_id) = NULL; - --static void free_argv(char** argv, int argc) --{ -- int i; -- for (i = 0; i < argc; i++) -- g_free(argv[i]); -- g_free(argv); --} -- - void - capture_session_init(capture_session *cap_session, capture_file *cf, - new_file_fn new_file, new_packets_fn new_packets, -@@ -202,6 +194,8 @@ void capture_process_finished(capture_session *cap_session) - - /* Append an arg (realloc) to an argc/argv array */ - /* (add a string pointer to a NULL-terminated array of string pointers) */ -+/* XXX: For glib >= 2.68 we could use a GStrvBuilder. -+ */ - static char ** - sync_pipe_add_arg(char **args, int *argc, const char *arg) - { -@@ -277,12 +271,12 @@ pipe_io_cb(GIOChannel *pipe_io, GIOCondition condition _U_, void * user_data) - #define PIPE_BUF_SIZE 5120 - static int - #ifdef _WIN32 --sync_pipe_open_command(char* const argv[], int *data_read_fd, -+sync_pipe_open_command(char **argv, int *data_read_fd, - GIOChannel **message_read_io, int *signal_write_fd, - ws_process_id *fork_child, GArray *ifaces, - char **msg, void(*update_cb)(void)) - #else --sync_pipe_open_command(char* const argv[], int *data_read_fd, -+sync_pipe_open_command(char **argv, int *data_read_fd, - GIOChannel **message_read_io, int *signal_write_fd _U_, - ws_process_id *fork_child, GArray *ifaces _U_, - char **msg, void(*update_cb)(void)) -@@ -290,6 +284,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - { - enum PIPES { PIPE_READ, PIPE_WRITE }; /* Constants 0 and 1 for PIPE_READ and PIPE_WRITE */ - int message_read_fd = -1; -+ char sync_id[ARGV_NUMBER_LEN]; - #ifdef _WIN32 - HANDLE sync_pipe[2]; /* pipe used to send messages from child to parent */ - HANDLE data_pipe[2]; /* pipe used to send data from child to parent */ -@@ -320,6 +315,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - - if (!msg) { - /* We can't return anything */ -+ g_strfreev(argv); - #ifdef _WIN32 - g_string_free(args, true); - #endif -@@ -338,6 +334,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - /* Couldn't create the message pipe between parent and child. */ - *msg = ws_strdup_printf("Couldn't create sync pipe: %s", - win32strerror(GetLastError())); -+ g_strfreev(argv); - return -1; - } - -@@ -351,6 +348,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - message_read_fd = _open_osfhandle( (intptr_t) sync_pipe[PIPE_READ], _O_BINARY); - if (message_read_fd == -1) { - *msg = ws_strdup_printf("Couldn't get C file handle for message read pipe: %s", g_strerror(errno)); -+ g_strfreev(argv); - CloseHandle(sync_pipe[PIPE_READ]); - CloseHandle(sync_pipe[PIPE_WRITE]); - return -1; -@@ -363,6 +361,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - /* Couldn't create the message pipe between parent and child. */ - *msg = ws_strdup_printf("Couldn't create data pipe: %s", - win32strerror(GetLastError())); -+ g_strfreev(argv); - ws_close(message_read_fd); /* Should close sync_pipe[PIPE_READ] */ - CloseHandle(sync_pipe[PIPE_WRITE]); - return -1; -@@ -378,6 +377,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - *data_read_fd = _open_osfhandle( (intptr_t) data_pipe[PIPE_READ], _O_BINARY); - if (*data_read_fd == -1) { - *msg = ws_strdup_printf("Couldn't get C file handle for data read pipe: %s", g_strerror(errno)); -+ g_strfreev(argv); - CloseHandle(data_pipe[PIPE_READ]); - CloseHandle(data_pipe[PIPE_WRITE]); - ws_close(message_read_fd); /* Should close sync_pipe[PIPE_READ] */ -@@ -398,6 +398,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - /* Couldn't create the signal pipe between parent and child. */ - *msg = ws_strdup_printf("Couldn't create signal pipe: %s", - win32strerror(GetLastError())); -+ g_strfreev(argv); - ws_close(message_read_fd); /* Should close sync_pipe[PIPE_READ] */ - CloseHandle(sync_pipe[PIPE_WRITE]); - return -1; -@@ -414,6 +415,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - if (signal_pipe_write_fd == -1) { - /* Couldn't create the pipe between parent and child. */ - *msg = ws_strdup_printf("Couldn't get C file handle for sync pipe: %s", g_strerror(errno)); -+ g_strfreev(argv); - ws_close(message_read_fd); /* Should close sync_pipe[PIPE_READ] */ - CloseHandle(sync_pipe[PIPE_WRITE]); - CloseHandle(signal_pipe); -@@ -439,7 +441,25 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - si.hStdInput = NULL; /* handle for named pipe*/ - si.hStdOutput = data_pipe[PIPE_WRITE]; - } -- si.hStdError = sync_pipe[PIPE_WRITE]; -+ si.hStdError = GetStdHandle(STD_ERROR_HANDLE); -+ -+ /* On Windows, "[a]n inherited handle refers to the same object in the child -+ * process as it does in the parent process. It also has the same value." -+ * https://learn.microsoft.com/en-us/windows/win32/procthread/inheritance -+ * When converted to a file descriptor (via _open_osfhandle), the fd -+ * value is not necessarily the same in the two processes, but the handle -+ * value can be shared. -+ * A HANDLE is a void* though "64-bit versions of Windows use 32-bit handles -+ * for interoperability... only the lower 32 bits are significant, so it is -+ * safe to truncate the handle... or sign-extend the handle" -+ * https://learn.microsoft.com/en-us/windows/win32/winprog64/interprocess-communication -+ * So it should be fine to call PtrToLong instead of casting to intptr_t. -+ * https://learn.microsoft.com/en-us/windows/win32/WinProg64/rules-for-using-pointers -+ */ -+ int argc = g_strv_length(argv); -+ argv = sync_pipe_add_arg(argv, &argc, "-Z"); -+ snprintf(sync_id, ARGV_NUMBER_LEN, "%ld", PtrToLong(sync_pipe[PIPE_WRITE])); -+ argv = sync_pipe_add_arg(argv, &argc, sync_id); - #endif - - if (ifaces) { -@@ -458,7 +478,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - if (si.hStdOutput && (si.hStdOutput != si.hStdInput)) { - handles[i_handles++] = si.hStdOutput; - } -- handles[i_handles++] = si.hStdError; -+ handles[i_handles++] = sync_pipe[PIPE_WRITE]; - if (ifaces) { - for (j = 0; j < ifaces->len; j++) { - interface_opts = &g_array_index(ifaces, interface_options, j); -@@ -491,6 +511,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - } - ws_close(message_read_fd); /* Should close sync_pipe[PIPE_READ] */ - CloseHandle(sync_pipe[PIPE_WRITE]); -+ g_strfreev(argv); - g_string_free(args, true); - g_free(handles); - return -1; -@@ -498,6 +519,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - *fork_child = pi.hProcess; - /* We may need to store this and close it later */ - CloseHandle(pi.hThread); -+ g_strfreev(argv); - g_string_free(args, true); - g_free(handles); - -@@ -509,6 +531,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - if (pipe(sync_pipe) < 0) { - /* Couldn't create the message pipe between parent and child. */ - *msg = ws_strdup_printf("Couldn't create sync pipe: %s", g_strerror(errno)); -+ g_strfreev(argv); - return -1; - } - -@@ -517,6 +540,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - if (pipe(data_pipe) < 0) { - /* Couldn't create the data pipe between parent and child. */ - *msg = ws_strdup_printf("Couldn't create data pipe: %s", g_strerror(errno)); -+ g_strfreev(argv); - ws_close(sync_pipe[PIPE_READ]); - ws_close(sync_pipe[PIPE_WRITE]); - return -1; -@@ -533,11 +557,16 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - ws_close(data_pipe[PIPE_READ]); - ws_close(data_pipe[PIPE_WRITE]); - } -- dup2(sync_pipe[PIPE_WRITE], 2); - ws_close(sync_pipe[PIPE_READ]); -- ws_close(sync_pipe[PIPE_WRITE]); -+ /* dumpcap should be running in capture child mode (hidden feature) */ -+#ifndef DEBUG_CHILD -+ int argc = g_strv_length(argv); -+ argv = sync_pipe_add_arg(argv, &argc, "-Z"); -+ snprintf(sync_id, ARGV_NUMBER_LEN, "%d", sync_pipe[PIPE_WRITE]); -+ argv = sync_pipe_add_arg(argv, &argc, sync_id); -+#endif - execv(argv[0], argv); -- sync_pipe_write_int_msg(2, SP_EXEC_FAILED, errno); -+ sync_pipe_write_int_msg(sync_pipe[PIPE_WRITE], SP_EXEC_FAILED, errno); - - /* Exit with "_exit()", so that we don't close the connection - to the X server (and cause stuff buffered up by our parent but -@@ -549,6 +578,8 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - _exit(1); - } - -+ g_strfreev(argv); -+ - if (fetch_dumpcap_pid && *fork_child > 0) - fetch_dumpcap_pid(*fork_child); - -@@ -556,6 +587,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, - *data_read_fd = data_pipe[PIPE_READ]; - } - message_read_fd = sync_pipe[PIPE_READ]; -+ - #endif - - /* Parent process - read messages from the child process over the -@@ -863,14 +895,12 @@ sync_pipe_start(capture_options *capture_opts, GPtrArray *capture_comments, - } - } - -- /* dumpcap should be running in capture child mode (hidden feature) */ - #ifndef DEBUG_CHILD -- argv = sync_pipe_add_arg(argv, &argc, "-Z"); - #ifdef _WIN32 -+ /* pass process id to dumpcap for named signal pipe */ -+ argv = sync_pipe_add_arg(argv, &argc, "--signal-pipe"); - snprintf(control_id, ARGV_NUMBER_LEN, "%ld", GetCurrentProcessId()); - argv = sync_pipe_add_arg(argv, &argc, control_id); --#else -- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE); - #endif - #endif - -@@ -899,13 +929,11 @@ sync_pipe_start(capture_options *capture_opts, GPtrArray *capture_comments, - if (ret == -1) { - report_failure("%s", msg); - g_free(msg); -- free_argv(argv, argc); - return false; - } - - /* Parent process - read messages from the child process over the - sync pipe. */ -- free_argv(argv, argc); - - cap_session->fork_child_status = 0; - cap_session->cap_data_info = cap_data; -@@ -964,7 +992,7 @@ sync_pipe_close_command(int *data_read_fd, GIOChannel *message_read_io, - /* XXX - assumes PIPE_BUF_SIZE > SP_MAX_MSG_LEN */ - #define PIPE_BUF_SIZE 5120 - static int --sync_pipe_run_command_actual(char* const argv[], char **data, char **primary_msg, -+sync_pipe_run_command_actual(char **argv, char **data, char **primary_msg, - char **secondary_msg, void(*update_cb)(void)) - { - char *msg; -@@ -1176,7 +1204,7 @@ sync_pipe_run_command_actual(char* const argv[], char **data, char **primary_msg - * redirects to sync_pipe_run_command_actual() - */ - static int --sync_pipe_run_command(char* const argv[], char **data, char **primary_msg, -+sync_pipe_run_command(char **argv, char **data, char **primary_msg, - char **secondary_msg, void (*update_cb)(void)) - { - int ret, i; -@@ -1241,22 +1269,14 @@ sync_interface_set_80211_chan(const char *iface, const char *freq, const char *t - *primary_msg = g_strdup("Out of mem."); - *secondary_msg = NULL; - *data = NULL; -- free_argv(argv, argc); - return -1; - } - - argv = sync_pipe_add_arg(argv, &argc, "-k"); - argv = sync_pipe_add_arg(argv, &argc, opt); - --#ifndef DEBUG_CHILD -- /* Run dumpcap in capture child mode */ -- argv = sync_pipe_add_arg(argv, &argc, "-Z"); -- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE); --#endif -- - ret = sync_pipe_run_command(argv, data, primary_msg, secondary_msg, update_cb); - g_free(opt); -- free_argv(argv, argc); - return ret; - } - -@@ -1294,13 +1314,7 @@ sync_interface_list_open(char **data, char **primary_msg, - /* Ask for the interface list */ - argv = sync_pipe_add_arg(argv, &argc, "-D"); - --#ifndef DEBUG_CHILD -- /* Run dumpcap in capture child mode */ -- argv = sync_pipe_add_arg(argv, &argc, "-Z"); -- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE); --#endif - ret = sync_pipe_run_command(argv, data, primary_msg, secondary_msg, update_cb); -- free_argv(argv, argc); - return ret; - } - -@@ -1348,13 +1362,7 @@ sync_if_capabilities_open(const char *ifname, bool monitor_mode, const char* aut - argv = sync_pipe_add_arg(argv, &argc, auth); - } - --#ifndef DEBUG_CHILD -- /* Run dumpcap in capture child mode */ -- argv = sync_pipe_add_arg(argv, &argc, "-Z"); -- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE); --#endif - ret = sync_pipe_run_command(argv, data, primary_msg, secondary_msg, update_cb); -- free_argv(argv, argc); - return ret; - } - -@@ -1449,20 +1451,17 @@ sync_interface_stats_open(int *data_read_fd, ws_process_id *fork_child, char **d - argv = sync_pipe_add_arg(argv, &argc, "-S"); - - #ifndef DEBUG_CHILD -- argv = sync_pipe_add_arg(argv, &argc, "-Z"); - #ifdef _WIN32 -+ argv = sync_pipe_add_arg(argv, &argc, "--signal-pipe"); - ret = create_dummy_signal_pipe(msg); - if (ret == -1) { - return -1; - } - argv = sync_pipe_add_arg(argv, &argc, dummy_control_id); --#else -- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE); - #endif - #endif - ret = sync_pipe_open_command(argv, data_read_fd, &message_read_io, NULL, - fork_child, NULL, msg, update_cb); -- free_argv(argv, argc); - if (ret == -1) { - return -1; - } -diff --git a/dumpcap.c b/dumpcap.c -index b5a5423..533aa96 100644 ---- a/dumpcap.c -+++ b/dumpcap.c -@@ -130,6 +130,7 @@ static gchar *sig_pipe_name = NULL; - static HANDLE sig_pipe_handle = NULL; - static gboolean signal_pipe_check_running(void); - #endif -+static int sync_pipe_fd = 2; - - #ifdef ENABLE_ASAN - /* This has public visibility so that if compiled with shared libasan (the -@@ -562,7 +563,7 @@ dumpcap_cmdarg_err(const char *fmt, va_list ap) - gchar *msg; - /* Generate a 'special format' message back to parent */ - msg = ws_strdup_vprintf(fmt, ap); -- sync_pipe_write_errmsgs_to_parent(2, msg, ""); -+ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, msg, ""); - g_free(msg); - } else { - fprintf(stderr, "dumpcap: "); -@@ -582,7 +583,7 @@ dumpcap_cmdarg_err_cont(const char *fmt, va_list ap) - if (capture_child) { - gchar *msg; - msg = ws_strdup_vprintf(fmt, ap); -- sync_pipe_write_errmsgs_to_parent(2, msg, ""); -+ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, msg, ""); - g_free(msg); - } else { - vfprintf(stderr, fmt, ap); -@@ -1007,7 +1008,7 @@ show_filter_code(capture_options *capture_opts) - #endif - if (capture_child) { - /* Let our parent know we succeeded. */ -- sync_pipe_write_string_msg(2, SP_SUCCESS, NULL); -+ sync_pipe_write_string_msg(sync_pipe_fd, SP_SUCCESS, NULL); - } - return TRUE; - } -@@ -1029,7 +1030,7 @@ print_machine_readable_interfaces(GList *if_list) - - if (capture_child) { - /* Let our parent know we succeeded. */ -- sync_pipe_write_string_msg(2, SP_SUCCESS, NULL); -+ sync_pipe_write_string_msg(sync_pipe_fd, SP_SUCCESS, NULL); - } - - i = 1; /* Interface id number */ -@@ -1096,7 +1097,7 @@ print_machine_readable_if_capabilities(if_capabilities_t *caps, int queries) - - if (capture_child) { - /* Let our parent know we succeeded. */ -- sync_pipe_write_string_msg(2, SP_SUCCESS, NULL); -+ sync_pipe_write_string_msg(sync_pipe_fd, SP_SUCCESS, NULL); - } - - if (queries & CAPS_QUERY_LINK_TYPES) { -@@ -1197,7 +1198,7 @@ print_statistics_loop(gboolean machine_readable) - - if (capture_child) { - /* Let our parent know we succeeded. */ -- sync_pipe_write_string_msg(2, SP_SUCCESS, NULL); -+ sync_pipe_write_string_msg(sync_pipe_fd, SP_SUCCESS, NULL); - } - - if (!machine_readable) { -@@ -4985,7 +4986,7 @@ capture_loop_write_pcapng_cb(capture_src *pcap_src, const pcapng_block_header_t - ws_info("Sending SP_FILE on first SHB"); - #endif - /* SHB is now ready for capture parent to read on SP_FILE message */ -- sync_pipe_write_string_msg(2, SP_FILE, report_capture_filename); -+ sync_pipe_write_string_msg(sync_pipe_fd, SP_FILE, report_capture_filename); - report_capture_filename = NULL; - } - } -@@ -5214,7 +5215,7 @@ set_80211_channel(const char *iface, const char *opt) - } - - if (capture_child) -- sync_pipe_write_string_msg(2, SP_SUCCESS, NULL); -+ sync_pipe_write_string_msg(sync_pipe_fd, SP_SUCCESS, NULL); - - out: - g_strfreev(options); -@@ -5238,6 +5239,9 @@ gather_dumpcap_runtime_info(feature_list l) - #define LONGOPT_IFNAME LONGOPT_BASE_APPLICATION+1 - #define LONGOPT_IFDESCR LONGOPT_BASE_APPLICATION+2 - #define LONGOPT_CAPTURE_COMMENT LONGOPT_BASE_APPLICATION+3 -+#ifdef _WIN32 -+#define LONGOPT_SIGNAL_PIPE LONGOPT_BASE_APPLICATION+4 -+#endif - - /* And now our feature presentation... [ fade to music ] */ - int -@@ -5252,6 +5256,9 @@ main(int argc, char *argv[]) - {"ifname", ws_required_argument, NULL, LONGOPT_IFNAME}, - {"ifdescr", ws_required_argument, NULL, LONGOPT_IFDESCR}, - {"capture-comment", ws_required_argument, NULL, LONGOPT_CAPTURE_COMMENT}, -+#ifdef _WIN32 -+ {"signal-pipe", ws_required_argument, NULL, LONGOPT_SIGNAL_PIPE}, -+#endif - {0, 0, 0, 0 } - }; - -@@ -5308,10 +5315,31 @@ main(int argc, char *argv[]) - if (strcmp("-Z", argv[i]) == 0) { - capture_child = TRUE; - machine_readable = TRUE; /* request machine-readable output */ -+ i++; -+ if (i >= argc) { -+ exit_main(1); -+ } -+ -+ if (strcmp(argv[i], SIGNAL_PIPE_CTRL_ID_NONE) != 0) { -+ // get_positive_int calls cmdarg_err -+ if (!ws_strtoi(argv[i], NULL, &sync_pipe_fd) || sync_pipe_fd <= 0) { -+ exit_main(1); -+ } - #ifdef _WIN32 -- /* set output pipe to binary mode, to avoid ugly text conversions */ -- _setmode(2, O_BINARY); -+ /* On UN*X the fd is the same when we fork + exec. -+ * On Windows the HANDLE value is the same for inherited -+ * handles in the child process and the parent, although -+ * not necessarily the fd value from _open_osfhandle. -+ * https://learn.microsoft.com/en-us/windows/win32/procthread/inheritance -+ * Also, "64-bit versions of Windows use 32-bit handles for -+ * interoperability... only the lower 32 bits are significant, -+ * so it is safe to truncate... or sign-extend the handle." -+ * https://learn.microsoft.com/en-us/windows/win32/winprog64/interprocess-communication -+ */ -+ /* set output pipe to binary mode, avoid ugly text conversions */ -+ sync_pipe_fd = _open_osfhandle( (intptr_t) sync_pipe_fd, _O_BINARY); - #endif -+ } - } - } - -@@ -5628,9 +5656,17 @@ main(int argc, char *argv[]) - break; - case 'Z': - capture_child = TRUE; -+ /* -+ * Handled above -+ */ -+ break; - #ifdef _WIN32 -- /* set output pipe to binary mode, to avoid ugly text conversions */ -- _setmode(2, O_BINARY); -+ case LONGOPT_SIGNAL_PIPE: -+ if (!capture_child) { -+ /* We have already checked for -Z at the very beginning. */ -+ cmdarg_err("--signal-pipe may only be specified with -Z"); -+ exit_main(1); -+ } - /* - * ws_optarg = the control ID, aka the PPID, currently used for the - * signal pipe name. -@@ -5646,9 +5682,8 @@ main(int argc, char *argv[]) - exit_main(1); - } - } --#endif - break; -- -+#endif - case 'q': /* Quiet */ - quiet = TRUE; - break; -@@ -5885,7 +5920,7 @@ main(int argc, char *argv[]) - char *error_msg = ws_strdup_printf("The capabilities of the capture device " - "\"%s\" could not be obtained (%s)", - interface_opts->name, open_status_str); -- sync_pipe_write_errmsgs_to_parent(2, error_msg, -+ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, error_msg, - get_pcap_failure_secondary_error_message(open_status, open_status_str)); - g_free(error_msg); - } -@@ -6032,7 +6067,7 @@ dumpcap_log_writer(const char *domain, enum ws_log_level level, - #endif - if (capture_child) { - gchar *msg = ws_strdup_vprintf(user_format, user_ap); -- sync_pipe_write_errmsgs_to_parent(2, msg, ""); -+ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, msg, ""); - g_free(msg); - } else { - ws_log_console_writer(domain, level, file, line, func, mft, user_format, user_ap); -@@ -6052,7 +6087,7 @@ dumpcap_log_writer(const char *domain, enum ws_log_level level, - /* to parent especially formatted if dumpcap running as child. */ - if (capture_child) { - gchar *msg = ws_strdup_vprintf(user_format, user_ap); -- sync_pipe_write_errmsgs_to_parent(2, msg, ""); -+ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, msg, ""); - g_free(msg); - } else if(ws_log_msg_is_active(domain, level)) { - ws_log_console_writer(domain, level, file, line, func, mft, user_format, user_ap); -@@ -6071,7 +6106,7 @@ report_packet_count(unsigned int packet_count) - - if (capture_child) { - ws_debug("Packets: %u", packet_count); -- sync_pipe_write_uint_msg(2, SP_PACKET_COUNT, packet_count); -+ sync_pipe_write_uint_msg(sync_pipe_fd, SP_PACKET_COUNT, packet_count); - } else { - count += packet_count; - fprintf(stderr, "\rPackets: %u ", count); -@@ -6092,7 +6127,7 @@ report_new_capture_file(const char *filename) - #endif - report_capture_filename = filename; - } else { -- sync_pipe_write_string_msg(2, SP_FILE, filename); -+ sync_pipe_write_string_msg(sync_pipe_fd, SP_FILE, filename); - } - } else { - #ifdef SIGINFO -@@ -6132,7 +6167,7 @@ report_cfilter_error(capture_options *capture_opts, guint i, const char *errmsg) - if (capture_child) { - snprintf(tmp, sizeof(tmp), "%u:%s", i, errmsg); - ws_debug("Capture filter error: %s", errmsg); -- sync_pipe_write_string_msg(2, SP_BAD_FILTER, tmp); -+ sync_pipe_write_string_msg(sync_pipe_fd, SP_BAD_FILTER, tmp); - } else { - /* - * clopts_step_invalid_capfilter in test/suite-clopts.sh MUST match -@@ -6155,7 +6190,7 @@ report_capture_error(const char *error_msg, const char *secondary_error_msg) - if (capture_child) { - ws_debug("Primary Error: %s", error_msg); - ws_debug("Secondary Error: %s", secondary_error_msg); -- sync_pipe_write_errmsgs_to_parent(2, error_msg, secondary_error_msg); -+ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, error_msg, secondary_error_msg); - } else { - cmdarg_err("%s", error_msg); - if (secondary_error_msg[0] != '\0') -@@ -6173,7 +6208,7 @@ report_packet_drops(guint32 received, guint32 pcap_drops, guint32 drops, guint32 - - ws_debug("Packets received/dropped on interface '%s': %u/%u (pcap:%u/dumpcap:%u/flushed:%u/ps_ifdrop:%u)", - name, received, total_drops, pcap_drops, drops, flushed, ps_ifdrop); -- sync_pipe_write_string_msg(2, SP_DROPS, tmp); -+ sync_pipe_write_string_msg(sync_pipe_fd, SP_DROPS, tmp); - g_free(tmp); - } else { - fprintf(stderr, diff --git a/wireshark-0010-CVE-2024-8250.patch b/wireshark-0010-CVE-2024-8250.patch deleted file mode 100644 index 81f827b..0000000 --- a/wireshark-0010-CVE-2024-8250.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 66dcd56f1eae615697b6588ac4778a61a5576391 Mon Sep 17 00:00:00 2001 -From: John Thacker -Date: Sun, 28 Jul 2024 08:24:20 -0400 -Subject: [PATCH] ntlmssp: Don't insert a key created on the stack into a hash - table - -We could change this table to an autoreset wmem_map as well. - -Fix #19943 ---- - epan/dissectors/packet-ntlmssp.c | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/epan/dissectors/packet-ntlmssp.c b/epan/dissectors/packet-ntlmssp.c -index 7e1d754ee35..ff825ddee55 100644 ---- a/epan/dissectors/packet-ntlmssp.c -+++ b/epan/dissectors/packet-ntlmssp.c -@@ -2438,7 +2438,9 @@ decrypt_data_payload(tvbuff_t *tvb, int offset, uint32_t encrypted_block_length, - decrypted_payloads = g_slist_prepend(decrypted_payloads, - packet_ntlmssp_info->decrypted_payload); - if (key != NULL) { -- g_hash_table_insert(hash_packet, key, packet_ntlmssp_info); -+ uint8_t *perm_key = g_new(uint8_t, NTLMSSP_KEY_LEN); -+ memcpy(perm_key, key, NTLMSSP_KEY_LEN); -+ g_hash_table_insert(hash_packet, perm_key, packet_ntlmssp_info); - } - - /* Do the decryption of the payload */ -@@ -2888,7 +2890,7 @@ header_hash(const void *pointer) - static gboolean - header_equal(gconstpointer pointer1, gconstpointer pointer2) - { -- if (!memcmp(pointer1, pointer2, 16)) { -+ if (!memcmp(pointer1, pointer2, NTLMSSP_KEY_LEN)) { - return TRUE; - } - else { -@@ -2899,7 +2901,7 @@ header_equal(const void *pointer1, const void *pointer2) - static void - ntlmssp_init_protocol(void) - { -- hash_packet = g_hash_table_new(header_hash, header_equal); -+ hash_packet = g_hash_table_new_full(header_hash, header_equal, g_free, NULL); - } - - static void --- -GitLab - diff --git a/wireshark-0011-CVE-2024-9781.patch b/wireshark-0011-CVE-2024-9781.patch deleted file mode 100644 index 3c70357..0000000 --- a/wireshark-0011-CVE-2024-9781.patch +++ /dev/null @@ -1,164 +0,0 @@ -From cad248ce3bf53026cc837fedeaca65d0f20ea3b5 Mon Sep 17 00:00:00 2001 -From: Gerald Combs -Date: Tue, 8 Oct 2024 11:56:28 -0700 -Subject: [PATCH] AppleTalk: Make sure we have valid addresses - -Make sure ATP, ZIP, and ASP have valid addresses. Use sizeof instead of -a hard-coded value in a few places. - -Fixes #20114 - -(cherry picked from commit 3de741321f85c205c0a8266c40f33cb0013bd1d2) - -Conflicts: - epan/dissectors/packet-atalk.c - epan/dissectors/packet-reload-framing.c ---- - epan/dissectors/packet-atalk.c | 44 ++++++++++++++++++++++++---------- - 1 file changed, 32 insertions(+), 12 deletions(-) - epan/dissectors/packet-reload-framing.c | 12 +++++++++--- - 1 file changed, 9 insertions(+), 3 deletions(-) - -diff --git a/epan/dissectors/packet-atalk.c b/epan/dissectors/packet-atalk.c -index 396e7af5194..065d6aedb68 100644 ---- a/epan/dissectors/packet-atalk.c -+++ b/epan/dissectors/packet-atalk.c -@@ -232,9 +232,18 @@ static int hf_asp_attn_code = -1; - static int hf_asp_seq = -1; - static int hf_asp_size = -1; - -+/* -+ * Structure used to represent a DDP address; gives the layout of the -+ * data pointed to by an Appletalk "address" structure. -+ */ -+struct atalk_ddp_addr { -+ guint16 net; -+ guint8 node; -+}; -+ - typedef struct { - guint32 conversation; -- guint8 src[4]; -+ guint8 src[sizeof(struct atalk_ddp_addr)]; - guint16 tid; - } asp_request_key; - -@@ -502,6 +511,10 @@ static const value_string asp_error_vals[] = { - {0, NULL } }; - value_string_ext asp_error_vals_ext = VALUE_STRING_EXT_INIT(asp_error_vals); - -+static bool is_ddp_address(address *addr) { -+ return addr->type == atalk_address_type && addr->len == sizeof(struct atalk_ddp_addr); -+} -+ - /* - * hf_index must be a FT_UINT_STRING type - * Are these always in a Mac extended character set? Should we have a -@@ -744,6 +757,12 @@ dissect_atp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) - conversation_t *conversation; - asp_request_val *request_val = NULL; - -+ // ATP is carried over DDP -+ if (!(is_ddp_address(&pinfo->src) && is_ddp_address(&pinfo->dst))) { -+ return 0; -+ } -+ -+ - col_set_str(pinfo->cinfo, COL_PROTOCOL, "ATP"); - - ctrlinfo = tvb_get_guint8(tvb, offset); -@@ -770,7 +789,7 @@ dissect_atp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) - asp_request_key request_key; - - request_key.conversation = conversation->conv_index; -- memcpy(request_key.src, (!atp_asp_dsi_info.reply)?pinfo->src.data:pinfo->dst.data, 4); -+ memcpy(request_key.src, (!atp_asp_dsi_info.reply)?pinfo->src.data:pinfo->dst.data, sizeof(struct atalk_ddp_addr)); - request_key.tid = atp_asp_dsi_info.tid; - - request_val = (asp_request_val *) wmem_map_lookup(atp_request_hash, &request_key); -@@ -1018,7 +1037,7 @@ get_transaction(tvbuff_t *tvb, packet_info *pinfo, struct atp_asp_dsi_info *atp_ - conversation = find_or_create_conversation(pinfo); - - request_key.conversation = conversation->conv_index; -- memcpy(request_key.src, (!atp_asp_dsi_info->reply)?pinfo->src.data:pinfo->dst.data, 4); -+ memcpy(request_key.src, (!atp_asp_dsi_info->reply)?pinfo->src.data:pinfo->dst.data, sizeof(struct atalk_ddp_addr)); - request_key.tid = atp_asp_dsi_info->tid; - - request_val = (asp_request_val *) wmem_map_lookup(asp_request_hash, &request_key); -@@ -1051,6 +1070,11 @@ dissect_asp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) - if (data == NULL) - return 0; - -+ // ASP is carried over ATP/DDP -+ if (!(is_ddp_address(&pinfo->src) && is_ddp_address(&pinfo->dst))) { -+ return 0; -+ } -+ - col_set_str(pinfo->cinfo, COL_PROTOCOL, "ASP"); - col_clear(pinfo->cinfo, COL_INFO); - -@@ -1183,15 +1207,6 @@ dissect_asp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) - /* ----------------------------- - ZIP protocol cf. inside appletalk chap. 8 - */ --/* -- * Structure used to represent a DDP address; gives the layout of the -- * data pointed to by an Appletalk "address" structure. -- */ --struct atalk_ddp_addr { -- guint16 net; -- guint8 node; --}; -- - - static int atalk_str_len(const address* addr _U_) - { -@@ -1241,6 +1256,11 @@ dissect_atp_zip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) - if (data == NULL) - return 0; - -+ // ATP ZIP is carried over DDP -+ if (!(is_ddp_address(&pinfo->src) && is_ddp_address(&pinfo->dst))) { -+ return 0; -+ } -+ - col_set_str(pinfo->cinfo, COL_PROTOCOL, "ZIP"); - col_clear(pinfo->cinfo, COL_INFO); - -diff --git a/epan/dissectors/packet-reload-framing.c b/epan/dissectors/packet-reload-framing.c -index eac1744c315..688068bbe61 100644 ---- a/epan/dissectors/packet-reload-framing.c -+++ b/epan/dissectors/packet-reload-framing.c -@@ -124,8 +124,14 @@ dissect_reload_framing_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tr - effective_length = tvb_captured_length(tvb); - - /* First, make sure we have enough data to do the check. */ -- if (effective_length < MIN_HDR_LENGTH) -+ if (effective_length < MIN_HDR_LENGTH) { - return 0; -+ } -+ -+ /* Next, make sure we can create transaction ID keys. */ -+ if (!(pinfo->src.data && pinfo->dst.data)) { -+ return 0; -+ } - - conversation = find_conversation_pinfo(pinfo, 0); - if (conversation) -@@ -194,14 +200,14 @@ dissect_reload_framing_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tr - transaction_id_key[1].length = 1; - transaction_id_key[1].key = &pinfo->srcport; - transaction_id_key[2].length = (pinfo->src.len) / (guint)sizeof(guint32); -- transaction_id_key[2].key = (guint32 *)g_malloc(pinfo->src.len); -+ transaction_id_key[2].key = (guint32 *)wmem_alloc(wmem_file_scope(), pinfo->src.len); - memcpy(transaction_id_key[2].key, pinfo->src.data, pinfo->src.len); - } - else { - transaction_id_key[1].length = 1; - transaction_id_key[1].key = &pinfo->destport; - transaction_id_key[2].length = (pinfo->dst.len) / (guint)sizeof(guint32); -- transaction_id_key[2].key = (guint32 *)g_malloc(pinfo->dst.len); -+ transaction_id_key[2].key = (guint32 *)wmem_alloc(wmem_file_scope(), pinfo->dst.len); - memcpy(transaction_id_key[2].key, pinfo->dst.data, pinfo->dst.len); - } - transaction_id_key[3].length=0; diff --git a/wireshark.spec b/wireshark.spec index f338a4e..e54710d 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -1,12 +1,12 @@ %undefine __cmake_in_source_build %global with_lua 1 %global with_maxminddb 1 -%global plugins_version 4.2 +%global plugins_version 4.4 Summary: Network traffic analyzer Name: wireshark -Version: 4.2.6 -Release: 4%{?dist} +Version: 4.4.2 +Release: 1%{?dist} Epoch: 1 License: BSD-1-Clause AND BSD-2-Clause AND BSD-3-Clause AND MIT AND GPL-2.0-or-later AND LGPL-2.0-or-later AND Zlib AND ISC AND (BSD-3-Clause OR GPL-2.0-only) AND (GPL-2.0-or-later AND Zlib) Url: http://www.wireshark.org/ @@ -28,9 +28,6 @@ Patch5: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch Patch7: wireshark-0007-cmakelists.patch Patch8: wireshark-0008-pkgconfig.patch -Patch9: wireshark-0009-sync-pipe-stderr-messages.patch -Patch10: wireshark-0010-CVE-2024-8250.patch -Patch11: wireshark-0011-CVE-2024-9781.patch #install tshark together with wireshark GUI Requires: %{name}-cli = %{epoch}:%{version}-%{release} @@ -210,7 +207,7 @@ fi %files cli %license COPYING -%doc AUTHORS INSTALL NEWS README* +%doc AUTHORS INSTALL README* %{_bindir}/capinfos %{_bindir}/captype %{_bindir}/editcap @@ -283,6 +280,11 @@ fi %{_libdir}/pkgconfig/%{name}.pc %changelog +* Thu Nov 28 2024 Michal Ruprich - 1:4.4.2-1 +- Resolves: RHEL-69442 - Rebase wireshark to 4.4.2 +- Resolves: RHEL-68453 - Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark +- Resolves: RHEL-68452 - Buffer Over-read in Wireshark + * Tue Oct 29 2024 Troy Dawson - 1:4.2.6-4 - Bump release for October 2024 mass rebuild: Resolves: RHEL-64018