rpms
/
wireshark
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8
Branches Tags
rpms:c8
rpms:c9
rpms:c8-beta
rpms:c9-beta
rpms:c9s
rpms:c8s
rpms:imports/c9/wireshark-3.4.10-6.el9
rpms:imports/c8-beta/wireshark-2.6.2-17.el8
rpms:imports/c9-beta/wireshark-3.4.10-6.el9
rpms:imports/c9/wireshark-3.4.10-4.el9
rpms:imports/c9-beta/wireshark-3.4.10-4.el9
rpms:imports/c8/wireshark-2.6.2-15.el8
rpms:imports/c8-beta/wireshark-2.6.2-15.el8
rpms:imports/c8s/wireshark-2.6.2-15.el8
rpms:imports/c9/wireshark-3.4.10-1.el9
rpms:imports/c9-beta/wireshark-3.4.10-1.el9
rpms:imports/c9-beta/wireshark-3.4.7-3.el9
rpms:imports/c8/wireshark-2.6.2-14.el8
rpms:imports/c8-beta/wireshark-2.6.2-14.el8
rpms:imports/c8-beta/wireshark-2.6.2-12.el8
rpms:imports/c8-beta/wireshark-2.6.2-11.el8
rpms:imports/c8s/wireshark-2.6.2-14.el8
rpms:imports/c8s/wireshark-2.6.2-12.el8
rpms:imports/c8/wireshark-2.6.2-12.el8
rpms:imports/c8/wireshark-2.6.2-11.el8
rpms:imports/c8/wireshark-2.6.2-9.el8
...
pull from: rpms:c9
Branches Tags
rpms:c9
rpms:c8-beta
rpms:c9-beta
rpms:c9s
rpms:c8
rpms:c8s
rpms:imports/c9/wireshark-3.4.10-6.el9
rpms:imports/c8-beta/wireshark-2.6.2-17.el8
rpms:imports/c9-beta/wireshark-3.4.10-6.el9
rpms:imports/c9/wireshark-3.4.10-4.el9
rpms:imports/c9-beta/wireshark-3.4.10-4.el9
rpms:imports/c8/wireshark-2.6.2-15.el8
rpms:imports/c8-beta/wireshark-2.6.2-15.el8
rpms:imports/c8s/wireshark-2.6.2-15.el8
rpms:imports/c9/wireshark-3.4.10-1.el9
rpms:imports/c9-beta/wireshark-3.4.10-1.el9
rpms:imports/c9-beta/wireshark-3.4.7-3.el9
rpms:imports/c8/wireshark-2.6.2-14.el8
rpms:imports/c8-beta/wireshark-2.6.2-14.el8
rpms:imports/c8-beta/wireshark-2.6.2-12.el8
rpms:imports/c8-beta/wireshark-2.6.2-11.el8
rpms:imports/c8s/wireshark-2.6.2-14.el8
rpms:imports/c8s/wireshark-2.6.2-12.el8
rpms:imports/c8/wireshark-2.6.2-12.el8
rpms:imports/c8/wireshark-2.6.2-11.el8
rpms:imports/c8/wireshark-2.6.2-9.el8

No commits in common. "c8" and "c9" have entirely different histories.
c8 ... c9

38 changed files with 1035 additions and 2742 deletions
Show Stats Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/wireshark-2.6.2.tar.xz
SOURCES/wireshark-3.4.10.tar.xz

2
.wireshark.metadata
View File

@ -1 +1 @@
52517c30926211b0b718815b51a3f06a18d8f5da SOURCES/wireshark-2.6.2.tar.xz
63839abd94d3ae376f860e2d2969777680106578 SOURCES/wireshark-3.4.10.tar.xz

60
SOURCES/SIGNATURES-2.6.2.txt
View File

@ -1,60 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-2.6.2.tar.xz: 28392140 bytes
SHA256(wireshark-2.6.2.tar.xz)=49b2895ee3ba17ef9ef0aebfdc4d32a778e0f36ccadde184516557d5f3357094
RIPEMD160(wireshark-2.6.2.tar.xz)=e9b782d49d9a063ba556320e9f2c08dea079967d
SHA1(wireshark-2.6.2.tar.xz)=52517c30926211b0b718815b51a3f06a18d8f5da
Wireshark-win64-2.6.2.exe: 59963968 bytes
SHA256(Wireshark-win64-2.6.2.exe)=88aa2ca018090fc73ffb273aa1ba9f690ec06deb77d1ec7ff9b39fe646ca2877
RIPEMD160(Wireshark-win64-2.6.2.exe)=3b947ada3e64bfb1c1b16a470926d94ed9db391b
SHA1(Wireshark-win64-2.6.2.exe)=90217eb0ed020a53a9ae80682c0881d347d11b4a
Wireshark-win32-2.6.2.exe: 54249888 bytes
SHA256(Wireshark-win32-2.6.2.exe)=3d886e435570b7326f53d00996040ef65b9e2a5bffe48645ce29ea5a23930801
RIPEMD160(Wireshark-win32-2.6.2.exe)=c2c5afa101559976439f36401ea1cc4564fa624e
SHA1(Wireshark-win32-2.6.2.exe)=eb7c50e80d6e7ec834599c1facfd6a3fd66aebf8
Wireshark-win32-2.6.2.msi: 43728896 bytes
SHA256(Wireshark-win32-2.6.2.msi)=99d5d94345a20e177736533840ff59859a76e864247a8146a73fca227f004043
RIPEMD160(Wireshark-win32-2.6.2.msi)=7f21412e4d335f6e797356b968fbef14afb03b8c
SHA1(Wireshark-win32-2.6.2.msi)=05f1f9c4b9bed8c4447e5e31f907c578f52cf067
Wireshark-win64-2.6.2.msi: 49364992 bytes
SHA256(Wireshark-win64-2.6.2.msi)=381076d09c757038072f761f7eee9d5aa45fa8423b771ba34ddbd8b56f2c429c
RIPEMD160(Wireshark-win64-2.6.2.msi)=a080eec0f8bd089f493d0c76837d7fe03c1fa0dd
SHA1(Wireshark-win64-2.6.2.msi)=2c6b5bf555729d1e5ee3a1dda8d2b14d3bb01759
WiresharkPortable_2.6.2.paf.exe: 37482552 bytes
SHA256(WiresharkPortable_2.6.2.paf.exe)=d36727bdb8cc3a72bfb80084d3c634c3bfa4661f4de68d644b43ef5d41c52b69
RIPEMD160(WiresharkPortable_2.6.2.paf.exe)=a98756bf5a67e47e1ca9ecd8836f2e6913a56f27
SHA1(WiresharkPortable_2.6.2.paf.exe)=dd11e62f34212be77abee9d2227a2fd3b613b0a5
Wireshark 2.6.2 Intel 64.dmg: 169012317 bytes
SHA256(Wireshark 2.6.2 Intel 64.dmg)=ef54b04a73df4069e29e77bc1940f3b767ee498c4e28f739eabda78ef71ab4a9
RIPEMD160(Wireshark 2.6.2 Intel 64.dmg)=f93d2cc4057337ca76d1aa435b0039a60927bebb
SHA1(Wireshark 2.6.2 Intel 64.dmg)=3a46de720848b286e7c115c75c7b00bcd08155aa
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAltPqKQACgkQgiRKeOb+
rurNbg//dw5903/0W2vw1a6u8F9JVvXfctb9/t1IOD2yT2omPXFTfqEkcwcY5c8W
FoSsflHM6g4rf8jqpqyipSPb6lYRJjm1fZGDzTilVPe+pcAV/HZ2QSdwOgw9FiAs
sV2eZdqPMVqdeLgDGtC4aHHabwsytFNaWtZLVyKr4ojdUfJNIBa40iUrItxXfgxA
GDCnVpdapuygk4rMeDpi3qZtvEKmgZ9Yj5aseX+wBYIT21EShP/gHSKNSA8x3gGz
xnpvOrz2qyJmWB6sBmIQndEXrYdazKr14Fzhmc2ajFMOJLwTGIZg5wl+UDnmPikW
6R1gRzSwkjEtgTKlZ9Gcel8eg6fNjW9HC9d4VjZzG4N693YrYwlpu0FIvaK+QGxE
yEJKPJnlaCi37Q6GBiKIpC5NUkTnt38Gb5DJ4/N3tk4P2LGlSyyMxLc5U096Zd8V
KCE/OVUuZs/4NsgIYaTYWDyTeNjjN2ZXnyx0N3x8yzWHcB6gYVPJc2lKouZe9XqZ
9Gz1Fr0/LEbx+r0iFOEm9pX/W8a5pzZnMn5YYUeTue61ZZp/yBOf7oTqjCVvSPHU
rZhsHMLcZnBNFoYKr03dcvukgSNsndTJPXvAEIX9FVmQUcQAEsdXRFO/csihG7l/
7KWgNjReI7eoWkBUH8sx7J+4wZVy9leWjHTtkZKTeOo6OO1vJx4=
=OiJq
-----END PGP SIGNATURE-----

60
SOURCES/SIGNATURES-3.4.10.txt Normal file
View File

@ -0,0 +1,60 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-3.4.10.tar.xz: 32344804 bytes
SHA256(wireshark-3.4.10.tar.xz)=8aa7ef4a44ae62bb8db463cf761e2cc03b97305e0e77ed5be53fa83729187cef
RIPEMD160(wireshark-3.4.10.tar.xz)=eef58ec4e28c6eecc382c1f000257ab60ee6c40c
SHA1(wireshark-3.4.10.tar.xz)=63839abd94d3ae376f860e2d2969777680106578
Wireshark-win64-3.4.10.exe: 71382832 bytes
SHA256(Wireshark-win64-3.4.10.exe)=faa83ac4f289d07d8e1bacb7e7611758b231a9c00b18e816654f40e7437529fd
RIPEMD160(Wireshark-win64-3.4.10.exe)=63068a04839ff02828a6915fe648da25cdeadc84
SHA1(Wireshark-win64-3.4.10.exe)=00c419e3382d24289cfc9d74be6f37934b784066
Wireshark-win32-3.4.10.exe: 55424616 bytes
SHA256(Wireshark-win32-3.4.10.exe)=3bceac74d2d7c388e01b6c25b20088c234fefbcd83e3c960b3e0fcc1eca7839d
RIPEMD160(Wireshark-win32-3.4.10.exe)=84acc6b49f1e8735ec53127b1d9de14a1d121b2f
SHA1(Wireshark-win32-3.4.10.exe)=d6486f9015e60e633f0f2a7fd5152959c4bb749b
Wireshark-win64-3.4.10.msi: 49291264 bytes
SHA256(Wireshark-win64-3.4.10.msi)=b31288207b23700931ddb83785bcc9a9a775758029fbc1cdd653f65b8d802e7d
RIPEMD160(Wireshark-win64-3.4.10.msi)=d93a0cfebe7c2e412ade6e25c3a225b643d498e0
SHA1(Wireshark-win64-3.4.10.msi)=e36624c35824966255f768dc74148a7fe4a895d2
Wireshark-win32-3.4.10.msi: 43925504 bytes
SHA256(Wireshark-win32-3.4.10.msi)=6b6770e596968fdb0e68af3e3dba77631004f374accda085dc59df799011fa0f
RIPEMD160(Wireshark-win32-3.4.10.msi)=374b51b4934bd5d98023df4b8be355bf2c1515e9
SHA1(Wireshark-win32-3.4.10.msi)=df8a5c168bad317ff7b6ed1f12dec4926a2983f2
WiresharkPortable_3.4.10.paf.exe: 38220424 bytes
SHA256(WiresharkPortable_3.4.10.paf.exe)=85f2382b854be81ee7bc3deedaab41214e60e17a83c25822d4e5831c1d88e379
RIPEMD160(WiresharkPortable_3.4.10.paf.exe)=644f056554925fc37a44cfb247d0678efcb01c81
SHA1(WiresharkPortable_3.4.10.paf.exe)=8b36a16b9b602a1f5bb8cc37453fd1678e8fa476
Wireshark 3.4.10 Intel 64.dmg: 131298336 bytes
SHA256(Wireshark 3.4.10 Intel 64.dmg)=1267edf27870fe17e504f2377f78eb7510c4a13e4b53b9b00e171303208749c4
RIPEMD160(Wireshark 3.4.10 Intel 64.dmg)=880a76731ddaed630bfc575e36627cad1e239249
SHA1(Wireshark 3.4.10 Intel 64.dmg)=8783733e2f6f124c102b51f2e245d9deab11ff6d
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAmGVXKYACgkQgiRKeOb+
rurDaQ//bZ7JSUS+v+eN1Te+TOBEmurQPc9oiY4/nQKa9vb4pKK3kP36zsUE59qT
hDCWWxijG4fgriFeMNKPJ9YErzEWyPkIEtXwyke2ubuIiNkRKhvSfz8BME49M9lD
ybPz/Rer2a/QS0+tU1LSd7NBArJdfxn3QtYbOLBkrqTSCH3eaxXQfKvM9mta10ZW
9YWxOVF8Lz4QqbolTb16ZgfcCI1XryOGs4W4Hd/YpaUnXvW6eYjIWs+KvCFQv/90
3nVjZbeMmW+lyLk1QhoLYo/wW+E80Cf8q5eCx/ohTauBIkcz2okpmB//UmYS4Ldv
YYyngLMIJpyZxry5YSg8lqBEwSOJh25cSxrKIdthzJMBFHAvtb7QKzGPPLBbvnnt
IBGq+u80/HqPRLdeBmbdS8e/YtHFSxTdLDb0wfNQ5p/Re/r9x35dFU/6Pafbr19E
s+FhEAcM66P7hECP91oDd6w3TuE9ZtdKzGNPUSezUSSn5D5FduLQ/lqGfnUV0qBm
ADi5tqoSkluGWfUefZ2KiUOlhQ4Lr82JaZbBnws8rY+krjRrGUxtnuwdKUTRNcTU
o5eWlVCvORvaKDJxaWw/3WoSpiP0dmio8XAz7gPxufyBcbw/xIQ+v53rmxIT7O6/
b97ZED+ZpU7kpYS8pnvTPPbj3nB4HHPpUkygHUvoUMxibFjOj2o=
=SVDw
-----END PGP SIGNATURE-----

2
SOURCES/wireshark-0002-Customize-permission-denied-error.patch
View File

@ -26,7 +26,7 @@ index 2f9d2cc..b18e47f 100644
- g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s",
- argv[0], g_strerror(errno));
+ if (errno == EPERM || errno == EACCES)
+ securitymsg = "\nAre you a member of the 'wireshark' group? Try running\n'usermod -a -G wireshark _your_username_' as root.";
+ securitymsg = "\nAre you a member of the 'wireshark' group? Try running\n'usermod -a -G wireshark _your_username_' as root.";
+ g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s%s",
+ argv[0], g_strerror(errno), securitymsg);
+

2
SOURCES/wireshark-0004-Restore-Fedora-specific-groups.patch
View File

@ -10,6 +10,6 @@ index 334db48..669c6f1 100644
@@ -108,4 +108,4 @@ Terminal=false
MimeType=application/vnd.tcpdump.pcap;application/x-pcapng;application/x-snoop;application/x-iptrace;application/x-lanalyzer;application/x-nettl;application/x-radcom;application/x-etherpeek;application/x-visualnetworks;application/x-netinstobserver;application/x-5view;application/x-tektronix-rf5;application/x-micropross-mplog;application/x-apple-packetlogger;application/x-endace-erf;application/ipfix;application/x-ixia-vwr;
# Category entry according to:
# http://standards.freedesktop.org/menu-spec/1.0/
# https://specifications.freedesktop.org/menu-spec/1.0/
-Categories=Network;Monitor;Qt;
+Categories=Application;Network;Monitor;Qt;

129
SOURCES/wireshark-0006-Move-tmp-to-var-tmp.patch
View File

@ -6,41 +6,18 @@ Subject: [PATCH] Move /tmp to /var/tmp
Fedora is using tmpfs which is limited by the size of RAM, thus we need
to use different directory on different filesystem.
---
ui/gtk/about_dlg.c | 3 +-
ui/qt/about_dialog.cpp | 3 +-
ui/qt/iax2_analysis_dialog.cpp | 5 +--
ui/qt/rtp_analysis_dialog.cpp | 5 +--
ui/qt/rtp_audio_stream.cpp | 3 +-
wsutil/Makefile.am | 6 ++--
wsutil/tempfile.c | 9 +++---
wsutil/tempfile.h | 4 +--
wsutil/wstmpdir.c | 70 ++++++++++++++++++++++++++++++++++++++++++
wsutil/wstmpdir.h | 39 +++++++++++++++++++++++
10 files changed, 132 insertions(+), 15 deletions(-)
8 files changed, 132 insertions(+), 11 deletions(-)
create mode 100644 wsutil/wstmpdir.c
create mode 100644 wsutil/wstmpdir.h
diff --git a/ui/gtk/about_dlg.c b/ui/gtk/about_dlg.c
index 22ca841..6bcb527 100644
--- a/ui/gtk/about_dlg.c
+++ b/ui/gtk/about_dlg.c
@@ -28,6 +28,7 @@
#include <gtk/gtk.h>
#include <wsutil/filesystem.h>
+#include <wsutil/wstmpdir.h> /* for get_tmp_dir() */
#include <wsutil/copyright_info.h>
#include <version_info.h>
#ifdef HAVE_LIBSMI
@@ -427,7 +428,7 @@ about_folders_page_new(void)
"capture files");
/* temp */
- about_folders_row(table, "Temp", g_get_tmp_dir(),
+ about_folders_row(table, "Temp", get_tmp_dir(),
"untitled capture files");
/* pers conf */
diff --git a/ui/qt/about_dialog.cpp b/ui/qt/about_dialog.cpp
index 31dc581..2f74285 100644
--- a/ui/qt/about_dialog.cpp
@ -54,14 +31,14 @@ index 31dc581..2f74285 100644
#include <QDesktopServices>
#include <QUrl>
@@ -206,7 +206,7 @@ FolderListModel::FolderListModel(QObject * parent):
appendRow( QStringList() << tr("\"File\" dialogs") << get_last_open_dir() << tr("capture files"));
appendRow(QStringList() << tr("\"File\" dialogs") << get_last_open_dir() << tr("capture files"));
/* temp */
- appendRow( QStringList() << tr("Temp") << g_get_tmp_dir() << tr("untitled capture files"));
+ appendRow( QStringList() << tr("Temp") << get_tmp_dir() << tr("untitled capture files"));
- appendRow(QStringList() << tr("Temp") << g_get_tmp_dir() << tr("untitled capture files"));
+ appendRow(QStringList() << tr("Temp") << get_tmp_dir() << tr("untitled capture files"));
/* pers conf */
appendRow( QStringList() << tr("Personal configuration")
appendRow(QStringList() << tr("Personal configuration")
diff --git a/ui/qt/iax2_analysis_dialog.cpp b/ui/qt/iax2_analysis_dialog.cpp
index ee4e5fd..fe17a95 100644
--- a/ui/qt/iax2_analysis_dialog.cpp
@ -133,64 +110,51 @@ index fde66c8..b9531d2 100644
tempfile_ = new QTemporaryFile(tempname, this);
tempfile_->open();
diff --git a/wsutil/Makefile.am b/wsutil/Makefile.am
index 2af1b6c..aa149a2 100644
--- a/wsutil/Makefile.am
+++ b/wsutil/Makefile.am
@@ -90,6 +90,7 @@ WSUTIL_PUBLIC_INCLUDES = \
ws_pipe.h \
ws_printf.h \
wsjsmn.h \
+ wstmpdir.h \
wsgcrypt.h \
wsgetopt.h \
wspcap.h \
@@ -168,6 +169,7 @@ libwsutil_la_SOURCES = \
ws_pipe.c \
wsgcrypt.c \
wsjsmn.c \
+ wstmpdir.c \
xtea.c
if HAVE_PLUGINS
diff --git a/wsutil/tempfile.c b/wsutil/tempfile.c
index 8e1f8dc..dcf2f78 100644
index 5082452..f751a7c 100644
--- a/wsutil/tempfile.c
+++ b/wsutil/tempfile.c
@@ -36,6 +36,7 @@
@@ -12,10 +12,12 @@
#include <glib.h>
#include "tempfile.h"
#include <wsutil/file_util.h>
+#include <wsutil/file_util.h>
+#include <wsutil/wstmpdir.h> /* for get_tmp_dir() */
#ifndef __set_errno
#define __set_errno(x) errno=(x)
@@ -83,13 +83,14 @@ mkstemps(char *path_template, int suffixlen)
*/
char *get_tempfile_path(const char *filename)
{
- return g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s", g_get_tmp_dir(), filename);
+ return g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s", get_tmp_dir(), filename);
}
#define MAX_TEMPFILES 3
/**
- * Create a tempfile with the given prefix (e.g. "wireshark").
+ * Create a tempfile with the given prefix (e.g. "wireshark"). The path
+ * is created using get_tmp_dir and mkdtemp
/**
* Create a tempfile with the given prefix (e.g. "wireshark"). The path
- * is created using g_file_open_tmp.
+ * is created using get_tmp_dir.
*
* @param namebuf If not NULL, receives the full path of the temp file.
* Should NOT be freed.
@@ -199,7 +200,7 @@ create_tempfile(char **namebuf, const char *pfx, const char *sfx)
tf[idx].path = (char *)g_malloc(tf[idx].len);
}
- tmp_dir = g_get_tmp_dir();
* @param namebuf [in,out] If not NULL, receives the full path of the temp file.
* Must be freed.
@@ -30,6 +31,9 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err)
{
int fd;
gchar *safe_pfx = NULL;
+ gchar *tmp_file;
+ const char *tmp_dir;
+ int old_mask;
if (pfx) {
/* The characters in "delimiters" come from:
@@ -49,7 +53,15 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err)
gchar* filetmpl = g_strdup_printf("%sXXXXXX%s", safe_pfx ? safe_pfx : "", sfx ? sfx : "");
g_free(safe_pfx);
- fd = g_file_open_tmp(filetmpl, namebuf, err);
+ tmp_dir = get_tmp_dir();
#ifdef _WIN32
_tzset();
+ tmp_file = g_strconcat(tmp_dir, "/", filetmpl, NULL);
+
+ if (namebuf)
+ *namebuf = tmp_file;
+
+ old_mask = ws_umask(0077);
+ fd = mkstemps(tmp_file, sfx ? (int) strlen(sfx) : 0);
+ ws_umask(old_mask);
g_free(filetmpl);
return fd;
diff --git a/wsutil/tempfile.h b/wsutil/tempfile.h
index 1dca2df..bb3160c 100644
--- a/wsutil/tempfile.h
@ -199,17 +163,17 @@ index 1dca2df..bb3160c 100644
/**
* Create a tempfile with the given prefix (e.g. "wireshark"). The path
- * is created using g_get_tmp_dir and mkstemp.
- * is created using g_file_open_tmp.
+ * is created using get_tmp_dir and mkstemp.
*
* @param namebuf [in,out] If not NULL, receives the full path of the temp file.
* Must NOT be freed.
* Must be freed.
diff --git a/wsutil/wstmpdir.c b/wsutil/wstmpdir.c
new file mode 100644
index 0000000..d8b733b
--- /dev/null
+++ b/wsutil/wstmpdir.c
@@ -0,0 +1,70 @@
@@ -0,0 +1,71 @@
+/* wstmpdir.c
+ *
+ * Copyright (C) 2013 Red Hat, Inc. All right reserved.
@ -267,6 +231,7 @@ index 0000000..d8b733b
+ k = strlen(tmp);
+ if (k > 1 && G_IS_DIR_SEPARATOR(tmp[k - 1]))
+ tmp[k - 1] = '\0';
+ fprintf(stderr, "Using P_tmpdir: %s\n", P_tmpdir);
+ }
+#endif /* P_tmpdir */
+

17
SOURCES/wireshark-0007-cmakelists.patch
View File

@ -1,16 +1,3 @@
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 9e3b555..b0abd84 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -3069,7 +3069,7 @@ if(RPMBUILD_EXECUTABLE AND GIT_EXECUTABLE)
endif()
execute_process(
- COMMAND git describe --abbrev=8 --match v[1-9]*
+ COMMAND git describe --always --abbrev=8 --match v[1-9]*
OUTPUT_VARIABLE _git_description
OUTPUT_STRIP_TRAILING_WHITESPACE
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
diff --git a/wsutil/CMakeLists.txt b/wsutil/CMakeLists.txt
index 0367cd1..6382a2c 100644
--- a/wsutil/CMakeLists.txt
@ -20,7 +7,7 @@ index 0367cd1..6382a2c 100644
ws_pipe.h
ws_printf.h
+ wstmpdir.h
wsjsmn.h
wsjson.h
xtea.h
)
@@ -118,6 +118,7 @@ set(WSUTIL_COMMON_FILES
@ -29,5 +16,5 @@ index 0367cd1..6382a2c 100644
ws_pipe.c
+ wstmpdir.c
wsgcrypt.c
wsjsmn.c
wsjson.c
xtea.c

86
SOURCES/wireshark-0008-CVE-2018-16056.patch
View File

@ -1,86 +0,0 @@
diff --git a/epan/dissectors/packet-btatt.c b/epan/dissectors/packet-btatt.c
index 803ed14f92..10375c0046 100644
--- a/epan/dissectors/packet-btatt.c
+++ b/epan/dissectors/packet-btatt.c
@@ -4205,6 +4205,19 @@ dissect_handle(proto_tree *tree, packet_info *pinfo, gint hf,
static gint
btatt_dissect_attribute_handle(guint16 handle, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, btatt_data_t *att_data);
+static int
+btatt_call_dissector_by_dissector_name_with_data(const char *dissector_name,
+ tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
+{
+ dissector_handle_t handle;
+
+ handle = find_dissector(dissector_name);
+ if (handle != NULL)
+ return call_dissector_with_data(handle, tvb, pinfo, tree, data);
+ else
+ return call_data_dissector(tvb, pinfo, tree);
+}
+
static gint
dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *pinfo, tvbuff_t *old_tvb,
gint old_offset, gint length, guint16 handle, bluetooth_uuid_t uuid, btatt_data_t *att_data)
@@ -4728,7 +4741,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
proto_tree_add_item(tree, hf_btatt_value_trigger_setting_analog, tvb, offset, 2, ENC_LITTLE_ENDIAN);
offset += 2;
} else if (value == 4) {
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a56"), tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a56", tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
offset += 1;
} else if (value == 5 || value == 6) {
proto_tree_add_item(tree, hf_btatt_value_trigger_setting_analog_one, tvb, offset, 2, ENC_LITTLE_ENDIAN);
@@ -6443,10 +6456,10 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
if (bluetooth_gatt_has_no_parameter(att_data->opcode))
break;
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a56"), tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a56", tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
offset += 1;
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a58"), tvb_new_subset_length_caplen(tvb, offset, 2, 2), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a58", tvb_new_subset_length_caplen(tvb, offset, 2, 2), pinfo, tree, att_data);
offset += 2;
break;
@@ -6543,7 +6556,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
sub_item = proto_tree_add_item(tree, hf_btatt_plx_spot_check_measurement_timestamp, tvb, offset, 7, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_btatt_value);
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
offset += 7;
}
@@ -9116,7 +9129,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
sub_item = proto_tree_add_item(tree, hf_btatt_ots_object_first_created, tvb, offset, 7, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_btatt_value);
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
offset += 7;
break;
@@ -9135,7 +9148,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
sub_item = proto_tree_add_item(tree, hf_btatt_ots_object_last_modified, tvb, offset, 7, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_btatt_value);
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
offset += 7;
break;
@@ -9342,10 +9355,10 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
break;
case 0x06: /* Created Between */
case 0x07: /* Modified Between */
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
offset += 7;
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
offset += 7;
break;

27
SOURCES/wireshark-0009-CVE-2018-16057.patch
View File

@ -1,27 +0,0 @@
diff --git a/epan/dissectors/packet-ieee80211-radiotap-iter.c b/epan/dissectors/packet-ieee80211-radiotap-iter.c
index 56ca297434..4006637fb2 100644
--- a/epan/dissectors/packet-ieee80211-radiotap-iter.c
+++ b/epan/dissectors/packet-ieee80211-radiotap-iter.c
@@ -131,6 +131,7 @@ int ieee80211_radiotap_iterator_init(
iterator->_bitmap_shifter = get_unaligned_le32(&radiotap_header->it_present);
iterator->_arg = (guint8 *)radiotap_header + sizeof(*radiotap_header);
iterator->_reset_on_ext = 0;
+ iterator->_next_ns_data = NULL;
iterator->_next_bitmap = &radiotap_header->it_present;
iterator->_next_bitmap++;
iterator->_vns = vns;
@@ -287,9 +288,14 @@ int ieee80211_radiotap_iterator_next(
}
if (!align) {
/* skip all subsequent data */
+ if (!iterator->_next_ns_data)
+ return -EINVAL;
iterator->_arg = iterator->_next_ns_data;
/* give up on this namespace */
iterator->current_namespace = NULL;
+ iterator->_next_ns_data = NULL;
+ if (!ITERATOR_VALID(iterator, 0))
+ return -EINVAL;
goto next_entry;
}
break;

26
SOURCES/wireshark-0027-ibm-smc.patch → SOURCES/wireshark-0009-smc-support.patch
View File

@ -483,7 +483,7 @@ index 7096d1b0b0..bbfa9c07ef 100644
+ offset += FLAG_BYTE_LEN;
+ offset += TWO_BYTE_RESERVED;
+ proto_tree_add_item(tree, hf_smcd_accept_peer_name, tvb, offset, 32, ENC_ASCII | ENC_NA);
+ /* offset += 32; */
+ offset += 32;
+ }
+ }
+}
@ -552,7 +552,7 @@ index 7096d1b0b0..bbfa9c07ef 100644
+ offset += FLAG_BYTE_LEN;
+ offset += TWO_BYTE_RESERVED;
+ proto_tree_add_item(tree, hf_smcd_confirm_peer_name, tvb, offset, 32, ENC_ASCII | ENC_NA);
+ /* offset += 32; */
+ offset += 32;
+ }
+ }
}
@ -1655,6 +1655,28 @@ index 7096d1b0b0..bbfa9c07ef 100644
/*
diff --git a/epan/dissectors/packet-smc.c b/epan/dissectors/packet-smc.c
index bbfa9c07ef..0a4e96e055 100644
--- a/epan/dissectors/packet-smc.c
+++ b/epan/dissectors/packet-smc.c
@@ -592,7 +592,7 @@ disect_smcd_accept(tvbuff_t* tvb, proto_tree* tree)
offset += FLAG_BYTE_LEN;
offset += TWO_BYTE_RESERVED;
proto_tree_add_item(tree, hf_smcd_accept_peer_name, tvb, offset, 32, ENC_ASCII | ENC_NA);
- offset += 32;
+ /* offset += 32; */
}
}
}
@@ -661,7 +661,7 @@ disect_smcd_confirm(tvbuff_t* tvb, proto_tree* tree)
offset += FLAG_BYTE_LEN;
offset += TWO_BYTE_RESERVED;
proto_tree_add_item(tree, hf_smcd_confirm_peer_name, tvb, offset, 32, ENC_ASCII | ENC_NA);
- offset += 32;
+ /* offset += 32; */
}
}
}
diff --git a/epan/dissectors/packet-smc.c b/epan/dissectors/packet-smc.c
index 0a4e96e055..6ede4690db 100644
--- a/epan/dissectors/packet-smc.c
+++ b/epan/dissectors/packet-smc.c

19
SOURCES/wireshark-0010-CVE-2018-16058.patch
View File

@ -1,19 +0,0 @@
diff --git a/epan/dissectors/packet-btavdtp.c b/epan/dissectors/packet-btavdtp.c
index a0df20a2de..4078228177 100644
--- a/epan/dissectors/packet-btavdtp.c
+++ b/epan/dissectors/packet-btavdtp.c
@@ -719,13 +719,11 @@ dissect_sep(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gint offset,
key[6].length = 0;
key[6].key = NULL;
- sep_data = wmem_new(wmem_file_scope(), sep_entry_t);
+ sep_data = wmem_new0(wmem_file_scope(), sep_entry_t);
sep_data->seid = seid;
sep_data->type = type;
sep_data->media_type = media_type;
- sep_data->int_seid = 0;
sep_data->codec = -1;
- sep_data->content_protection_type = 0;
if (in_use) {
sep_data->state = SEP_STATE_IN_USE;
} else {

56
SOURCES/wireshark-0010-fips-ripemd160.patch Normal file
View File

@ -0,0 +1,56 @@
diff --git a/capinfos.c b/capinfos.c
index 5536766..12b141e 100644
--- a/capinfos.c
+++ b/capinfos.c
@@ -739,7 +739,8 @@ print_stats(const gchar *filename, capture_info *cf_info)
}
if (cap_file_hashes) {
printf ("SHA256: %s\n", file_sha256);
- printf ("RIPEMD160: %s\n", file_rmd160);
+ if(!gcry_fips_mode_active())
+ printf ("RIPEMD160: %s\n", file_rmd160);
printf ("SHA1: %s\n", file_sha1);
}
if (cap_order) printf ("Strict time order: %s\n", order_string(cf_info->order));
@@ -851,7 +852,8 @@ print_stats_table_header(void)
if (cap_packet_rate) print_stats_table_header_label("Average packet rate (packets/sec)");
if (cap_file_hashes) {
print_stats_table_header_label("SHA256");
- print_stats_table_header_label("RIPEMD160");
+ if(!gcry_fips_mode_active())
+ print_stats_table_header_label("RIPEMD160");
print_stats_table_header_label("SHA1");
}
if (cap_order) print_stats_table_header_label("Strict time order");
@@ -1447,7 +1449,10 @@ print_usage(FILE *output)
fprintf(output, " -E display the capture file encapsulation\n");
fprintf(output, " -I display the capture file interface information\n");
fprintf(output, " -F display additional capture file information\n");
- fprintf(output, " -H display the SHA256, RMD160, and SHA1 hashes of the file\n");
+ if(!gcry_fips_mode_active())
+ fprintf(output, " -H display the SHA256 and SHA1 hashes of the file\n");
+ else
+ fprintf(output, " -H display the SHA256, RMD160, and SHA1 hashes of the file\n");
fprintf(output, " -k display the capture comment\n");
fprintf(output, "\n");
fprintf(output, "Size infos:\n");
@@ -1795,7 +1800,8 @@ main(int argc, char *argv[])
gcry_check_version(NULL);
gcry_md_open(&hd, GCRY_MD_SHA256, 0);
if (hd) {
- gcry_md_enable(hd, GCRY_MD_RMD160);
+ if(!gcry_fips_mode_active())
+ gcry_md_enable(hd, GCRY_MD_RMD160);
gcry_md_enable(hd, GCRY_MD_SHA1);
}
hash_buf = (char *)g_malloc(HASH_BUF_SIZE);
@@ -1817,7 +1823,8 @@ main(int argc, char *argv[])
}
gcry_md_final(hd);
hash_to_str(gcry_md_read(hd, GCRY_MD_SHA256), HASH_SIZE_SHA256, file_sha256);
- hash_to_str(gcry_md_read(hd, GCRY_MD_RMD160), HASH_SIZE_RMD160, file_rmd160);
+ if(!gcry_fips_mode_active())
+ hash_to_str(gcry_md_read(hd, GCRY_MD_RMD160), HASH_SIZE_RMD160, file_rmd160);
hash_to_str(gcry_md_read(hd, GCRY_MD_SHA1), HASH_SIZE_SHA1, file_sha1);
}
if (fh) fclose(fh);

142
SOURCES/wireshark-0011-cve-2022-3190.patch Normal file
View File

@ -0,0 +1,142 @@
From 0f27a83c5692b2afebe6e6934c1051f76aa2ecf9 Mon Sep 17 00:00:00 2001
From: Jason Cohen <kryojenik2@gmail.com>
Date: Wed, 31 Aug 2022 11:10:17 -0500
Subject: [PATCH] f5ethtrailer: Improve "old-style" heuristic
Remove a chance for an infinate loop in the disection heuristic.
---
epan/dissectors/packet-f5ethtrailer.c | 108 +++++++++++++-------------
1 file changed, 56 insertions(+), 52 deletions(-)
diff --git a/epan/dissectors/packet-f5ethtrailer.c b/epan/dissectors/packet-f5ethtrailer.c
index b2ba8f899d..915348ea83 100644
--- a/epan/dissectors/packet-f5ethtrailer.c
+++ b/epan/dissectors/packet-f5ethtrailer.c
@@ -2751,69 +2751,73 @@ dissect_dpt_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *d
static gint
dissect_old_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
- proto_tree *type_tree = NULL;
- proto_item *ti = NULL;
guint offset = 0;
- guint processed = 0;
- f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data;
- guint8 type;
- guint8 len;
- guint8 ver;
/* While we still have data in the trailer. For old format trailers, this needs
* type, length, version (3 bytes) and for new format trailers, the magic header (4 bytes).
* All old format trailers are at least 4 bytes long, so just check for length of magic.
*/
- while (tvb_reported_length_remaining(tvb, offset)) {
- type = tvb_get_guint8(tvb, offset);
- len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION;
- ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION);
-
- if (len <= tvb_reported_length_remaining(tvb, offset) && type >= F5TYPE_LOW
- && type <= F5TYPE_HIGH && len >= F5_MIN_SANE && len <= F5_MAX_SANE
- && ver <= F5TRAILER_VER_MAX) {
- /* Parse out the specified trailer. */
- switch (type) {
- case F5TYPE_LOW:
- ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low);
-
- processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_low = 1;
- }
- break;
- case F5TYPE_MED:
- ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med);
-
- processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_med = 1;
- }
- break;
- case F5TYPE_HIGH:
- ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high);
-
- processed =
- dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_high = 1;
- }
- break;
+ while (tvb_reported_length_remaining(tvb, offset) >= F5_MIN_SANE) {
+ /* length field does not include the type and length bytes. Add them back in */
+ guint8 len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION;
+ if (len > tvb_reported_length_remaining(tvb, offset)
+ || len < F5_MIN_SANE || len > F5_MAX_SANE) {
+ /* Invalid length - either a malformed trailer, corrupt packet, or not f5ethtrailer */
+ return offset;
+ }
+ guint8 type = tvb_get_guint8(tvb, offset);
+ guint8 ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION);
+
+ /* Parse out the specified trailer. */
+ proto_tree *type_tree = NULL;
+ proto_item *ti = NULL;
+ f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data;
+ guint processed = 0;
+
+ switch (type) {
+ case F5TYPE_LOW:
+ ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low);
+
+ processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_low = 1;
}
- if (processed == 0) {
- proto_item_set_len(ti, 1);
- return offset;
+ break;
+ case F5TYPE_MED:
+ ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med);
+
+ processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_med = 1;
+ }
+ break;
+ case F5TYPE_HIGH:
+ ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high);
+
+ processed =
+ dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_high = 1;
}
+ break;
+ default:
+ /* Unknown type - malformed trailer, corrupt packet, or not f5ethtrailer - bali out*/
+ return offset;
+ }
+ if (processed == 0) {
+ /* couldn't process trailer - bali out */
+ proto_item_set_len(ti, 1);
+ return offset;
}
offset += processed;
}
-return offset;
+ return offset;
} /* dissect_old_trailer() */
/*---------------------------------------------------------------------------*/
--
GitLab

170
SOURCES/wireshark-0011-tshark-missing-N-option.patch
View File

@ -1,170 +0,0 @@
From 8dfaa8fa7c97cd1372a0a233b83fbc7945447b75 Mon Sep 17 00:00:00 2001
From: Uli Heilmeier <uh@heilmeier.eu>
Date: Fri, 05 Oct 2018 08:54:55 +0200
Subject: [PATCH] *shark: Update help and manpage for name resolving
Add 'v' option for VLAN ID resolving and get rid of
deprecated 'C' option.
Bug: 14826
Change-Id: I63104f4a465d251048693ad02882ea7eb2c4d926
Reviewed-on: https://code.wireshark.org/review/30029
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
---
diff --git a/doc/rawshark.pod b/doc/rawshark.pod
index be6caee..8f10445 100644
--- a/doc/rawshark.pod
+++ b/doc/rawshark.pod
@@ -183,6 +183,8 @@
B<d> to enable resolution from captured DNS packets
+B<v> to enable VLAN IDs to names resolution
+
=item -o E<lt>preferenceE<gt>:E<lt>valueE<gt>
Set a preference value, overriding the default value and any value read
diff --git a/doc/tshark.pod b/doc/tshark.pod
index 263332b..8aff736 100644
--- a/doc/tshark.pod
+++ b/doc/tshark.pod
@@ -676,6 +676,8 @@
B<t> to enable transport-layer port number resolution
+B<v> to enable VLAN IDs to names resolution
+
=item -o E<lt>preferenceE<gt>:E<lt>valueE<gt>
Set a preference value, overriding the default value and any value read
diff --git a/doc/wireshark.pod.template b/doc/wireshark.pod.template
index a25ea65..c45581f 100644
--- a/doc/wireshark.pod.template
+++ b/doc/wireshark.pod.template
@@ -499,6 +499,8 @@
B<d> to enable resolution from captured DNS packets
+B<v> to enable VLAN IDs to names resolution
+
=item -o E<lt>preference/recent settingE<gt>
Set a preference or recent value, overriding the default value and any value
diff --git a/docbook/wsug_src/WSUG_chapter_customize.asciidoc b/docbook/wsug_src/WSUG_chapter_customize.asciidoc
index 67afafc..a7411c4 100644
--- a/docbook/wsug_src/WSUG_chapter_customize.asciidoc
+++ b/docbook/wsug_src/WSUG_chapter_customize.asciidoc
@@ -76,7 +76,7 @@
Processing:
-R <read filter> packet filter in Wireshark display filter syntax
-n disable all name resolutions (def: all enabled)
- -N <name resolve flags> enable specific name resolution(s): "mnNtCd"
+ -N <name resolve flags> enable specific name resolution(s): "mnNtdv"
-d <layer_type>==<selector>,<decode_as_protocol> ...
"Decode As”, see the man page for details
Example: tcp.port==8888,http
@@ -295,6 +295,7 @@
resolution, `n` to enable network address resolution, and `t` to enable
transport-layer port number resolution. This overrides `-n` if both `-N` and
`-n` are present. The letter `d` enables resolution from captured DNS packets.
+The letter `v` enables resolution from VLAN IDs to names.
-o <preference or recent settings>::
diff --git a/docbook/wsug_src/rawshark-h.txt b/docbook/wsug_src/rawshark-h.txt
index 39aeec0..7de64ec 100644
--- a/docbook/wsug_src/rawshark-h.txt
+++ b/docbook/wsug_src/rawshark-h.txt
@@ -13,7 +13,7 @@
-F <field> field to display
-m virtual memory limit, in bytes
-n disable all name resolution (def: all enabled)
- -N <name resolve flags> enable specific name resolution(s): "mnNtd"
+ -N <name resolve flags> enable specific name resolution(s): "mnNtdv"
-p use the system's packet header format
(which may have 64-bit timestamps)
-R <read filter> packet filter in Wireshark display filter syntax
diff --git a/docbook/wsug_src/tshark-h.txt b/docbook/wsug_src/tshark-h.txt
index 9eaccda..ffe12b9 100644
--- a/docbook/wsug_src/tshark-h.txt
+++ b/docbook/wsug_src/tshark-h.txt
@@ -38,7 +38,7 @@
-Y <display filter> packet displaY filter in Wireshark display filter
syntax
-n disable all name resolutions (def: all enabled)
- -N <name resolve flags> enable specific name resolution(s): "mnNtCd"
+ -N <name resolve flags> enable specific name resolution(s): "mnNtdv"
-d <layer_type>==<selector>,<decode_as_protocol> ...
"Decode As", see the man page for details
Example: tcp.port==8888,http
diff --git a/epan/prefs.c b/epan/prefs.c
index 34c05d3..d732eb2 100644
--- a/epan/prefs.c
+++ b/epan/prefs.c
@@ -4932,10 +4932,6 @@
case 't':
name_resolve->transport_name = TRUE;
break;
- case 'C':
- /* DEPRECATED */
- /* name_resolve->concurrent_dns */
- break;
case 'd':
name_resolve->dns_pkt_addr_resolution = TRUE;
break;
diff --git a/rawshark.c b/rawshark.c
index 61875c1..29cb2ba 100644
--- a/rawshark.c
+++ b/rawshark.c
@@ -190,7 +190,7 @@
fprintf(output, " -m virtual memory limit, in bytes\n");
#endif
fprintf(output, " -n disable all name resolution (def: all enabled)\n");
- fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtd\"\n");
+ fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtdv\"\n");
fprintf(output, " -p use the system's packet header format\n");
fprintf(output, " (which may have 64-bit timestamps)\n");
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
diff --git a/tshark.c b/tshark.c
index a152c2b..2d84153 100644
--- a/tshark.c
+++ b/tshark.c
@@ -370,7 +370,7 @@
fprintf(output, " -Y <display filter> packet displaY filter in Wireshark display filter\n");
fprintf(output, " syntax\n");
fprintf(output, " -n disable all name resolutions (def: all enabled)\n");
- fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtCd\"\n");
+ fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtdv\"\n");
fprintf(output, " -d %s ...\n", DECODE_AS_ARG_TEMPLATE);
fprintf(output, " \"Decode As\", see the man page for details\n");
fprintf(output, " Example: tcp.port==8888,http\n");
diff --git a/ui/commandline.c b/ui/commandline.c
index 6a26be3..7c0768a 100644
--- a/ui/commandline.c
+++ b/ui/commandline.c
@@ -123,7 +123,7 @@
fprintf(output, "Processing:\n");
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
fprintf(output, " -n disable all name resolutions (def: all enabled)\n");
- fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtd\"\n");
+ fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtdv\"\n");
fprintf(output, " -d %s ...\n", DECODE_AS_ARG_TEMPLATE);
fprintf(output, " \"Decode As\", see the man page for details\n");
fprintf(output, " Example: tcp.port==8888,http\n");
diff --git a/ui/dissect_opts.c b/ui/dissect_opts.c
index 77e7b58..c6aa771 100644
--- a/ui/dissect_opts.c
+++ b/ui/dissect_opts.c
@@ -79,7 +79,8 @@
"\t'n' to enable network address resolution\n"
"\t'N' to enable using external resolvers (e.g., DNS)\n"
"\t for network address resolution\n"
- "\t't' to enable transport-layer port number resolution");
+ "\t't' to enable transport-layer port number resolution\n"
+ "\t'v' to enable VLAN IDs to names resolution");
return FALSE;
}
break;

109
SOURCES/wireshark-0012-CVE-12086.patch
View File

@ -1,109 +0,0 @@
diff --git a/plugins/epan/opcua/opcua.c b/plugins/epan/opcua/opcua.c
index fc26d9f30d..4ca68a9e83 100644
--- a/plugins/epan/opcua/opcua.c
+++ b/plugins/epan/opcua/opcua.c
@@ -38,7 +38,7 @@ void proto_reg_handoff_opcua(void);
/* declare parse function pointer */
typedef int (*FctParse)(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, gint *pOffset);
-static int proto_opcua = -1;
+int proto_opcua = -1;
static dissector_handle_t opcua_handle;
/** Official IANA registered port for OPC UA Binary Protocol. */
#define OPCUA_PORT_RANGE "4840"
diff --git a/plugins/epan/opcua/opcua_simpletypes.c b/plugins/epan/opcua/opcua_simpletypes.c
index a787f21c35..ab006b7552 100644
--- a/plugins/epan/opcua/opcua_simpletypes.c
+++ b/plugins/epan/opcua/opcua_simpletypes.c
@@ -20,6 +20,7 @@
#include <epan/packet.h>
#include <epan/expert.h>
#include <epan/dissectors/packet-windows-common.h>
+#include <epan/proto_data.h>
#include "opcua_simpletypes.h"
#include "opcua_hfindeces.h"
#include "opcua_statuscode.h"
@@ -80,6 +81,7 @@
/* Chosen arbitrarily */
#define MAX_ARRAY_LEN 10000
+#define MAX_NESTING_DEPTH 100
static int hf_opcua_diag_mask = -1;
static int hf_opcua_diag_mask_symbolicflag = -1;
@@ -168,6 +170,9 @@ int hf_opcua_resultMask_displayname = -1;
int hf_opcua_resultMask_typedefinition = -1;
static expert_field ei_array_length = EI_INIT;
+static expert_field ei_nesting_depth = EI_INIT;
+
+extern int proto_opcua;
/** NodeId encoding mask table */
static const value_string g_nodeidmasks[] = {
@@ -526,6 +531,7 @@ void registerSimpleTypes(int proto)
static ei_register_info ei[] = {
{ &ei_array_length, { "opcua.array.length", PI_UNDECODED, PI_ERROR, "Max array length exceeded", EXPFILL }},
+ { &ei_nesting_depth, { "opcua.nestingdepth", PI_UNDECODED, PI_ERROR, "Max nesting depth exceeded", EXPFILL }},
};
proto_register_field_array(proto, hf, array_length(hf));
@@ -802,9 +808,19 @@ void parseDiagnosticInfo(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, gi
guint8 EncodingMask;
proto_tree *subtree;
proto_item *ti;
+ guint opcua_nested_count;
subtree = proto_tree_add_subtree_format(tree, tvb, *pOffset, -1, ett_opcua_diagnosticinfo, &ti, "%s: DiagnosticInfo", szFieldName);
+ /* prevent a too high nesting depth */
+ opcua_nested_count = GPOINTER_TO_UINT(p_get_proto_data(pinfo->pool, pinfo, proto_opcua, 0));
+ if (++opcua_nested_count > MAX_NESTING_DEPTH)
+ {
+ expert_add_info(pinfo, ti, &ei_nesting_depth);
+ return;
+ }
+ p_add_proto_data(pinfo->pool, pinfo, proto_opcua, 0, GUINT_TO_POINTER(opcua_nested_count));
+
/* parse encoding mask */
EncodingMask = tvb_get_guint8(tvb, iOffset);
proto_tree_add_bitmask(subtree, tvb, iOffset, hf_opcua_diag_mask, ett_opcua_diagnosticinfo_encodingmask, diag_mask, ENC_LITTLE_ENDIAN);
@@ -912,6 +928,16 @@ void parseVariant(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, gint *pOf
gint iOffset = *pOffset;
guint8 EncodingMask;
gint32 ArrayDimensions = 0;
+ guint opcua_nested_count;
+
+ /* prevent a too high nesting depth */
+ opcua_nested_count = GPOINTER_TO_UINT(p_get_proto_data(pinfo->pool, pinfo, proto_opcua, 0));
+ if (++opcua_nested_count > MAX_NESTING_DEPTH)
+ {
+ expert_add_info(pinfo, ti, &ei_nesting_depth);
+ return;
+ }
+ p_add_proto_data(pinfo->pool, pinfo, proto_opcua, 0, GUINT_TO_POINTER(opcua_nested_count));
EncodingMask = tvb_get_guint8(tvb, iOffset);
proto_tree_add_item(subtree, hf_opcua_variant_encodingmask, tvb, iOffset, 1, ENC_LITTLE_ENDIAN);
@@ -1167,10 +1193,20 @@ void parseExtensionObject(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, g
guint32 TypeId;
proto_tree *extobj_tree;
proto_item *ti;
+ guint opcua_nested_count;
/* add extension object subtree */
extobj_tree = proto_tree_add_subtree_format(tree, tvb, *pOffset, -1, ett_opcua_extensionobject, &ti, "%s: ExtensionObject", szFieldName);
+ /* prevent a too high nesting depth */
+ opcua_nested_count = GPOINTER_TO_UINT(p_get_proto_data(pinfo->pool, pinfo, proto_opcua, 0));
+ if (++opcua_nested_count > MAX_NESTING_DEPTH)
+ {
+ expert_add_info(pinfo, ti, &ei_nesting_depth);
+ return;
+ }
+ p_add_proto_data(pinfo->pool, pinfo, proto_opcua, 0, GUINT_TO_POINTER(opcua_nested_count));
+
/* add nodeid subtree */
TypeId = getExtensionObjectType(tvb, &iOffset);
parseExpandedNodeId(extobj_tree, tvb, pinfo, &iOffset, "TypeId");

29
SOURCES/wireshark-0012-cve-2023-0668.patch Normal file
View File

@ -0,0 +1,29 @@
From c4f37d77b29ec6a9754795d0efb6f68d633728d9 Mon Sep 17 00:00:00 2001
From: John Thacker <johnthacker@gmail.com>
Date: Sat, 20 May 2023 23:08:08 -0400
Subject: [PATCH] synphasor: Use val_to_str_const
Don't use a value from packet data to directly index a value_string,
particularly when the value string doesn't cover all possible values.
Fix #19087
---
epan/dissectors/packet-synphasor.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/epan/dissectors/packet-synphasor.c b/epan/dissectors/packet-synphasor.c
index 536847f7502..fdc9e282b3a 100644
--- a/epan/dissectors/packet-synphasor.c
+++ b/epan/dissectors/packet-synphasor.c
@@ -1211,7 +1211,7 @@ static gint dissect_PHSCALE(tvbuff_t *tvb, proto_tree *tree, gint offset, gint c
data_flag_tree = proto_tree_add_subtree_format(single_phasor_scaling_and_flags_tree, tvb, offset, 4,
ett_conf_phflags, NULL, "Phasor Data flags: %s",
- conf_phasor_type[tvb_get_guint8(tvb, offset + 2)].strptr);
+ val_to_str_const(tvb_get_guint8(tvb, offset + 2), conf_phasor_type, "Unknown"));
/* first and second bytes - phasor modification flags*/
phasor_flag1_tree = proto_tree_add_subtree_format(data_flag_tree, tvb, offset, 2, ett_conf_phmod_flags,
--
GitLab

31
SOURCES/wireshark-0013-CVE-18225.patch
View File

@ -1,31 +0,0 @@
diff --git a/epan/dissectors/packet-coap.c b/epan/dissectors/packet-coap.c
index b37b6c231c..b7afe05f82 100644
--- a/epan/dissectors/packet-coap.c
+++ b/epan/dissectors/packet-coap.c
@@ -450,8 +450,11 @@ dissect_coap_opt_object_security(tvbuff_t *tvb, proto_item *head_item, proto_tre
coinfo->object_security = TRUE;
coinfo->oscore_info->piv = NULL;
+ coinfo->oscore_info->piv_len = 0;
coinfo->oscore_info->kid_context = NULL;
+ coinfo->oscore_info->kid_context_len = 0;
coinfo->oscore_info->kid = NULL;
+ coinfo->oscore_info->kid_len = 0;
if (opt_length == 0) { /* option length is zero, means flag byte is 0x00*/
/* add info to the head of the packet detail */
@@ -1144,11 +1147,9 @@ dissect_coap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* d
/* Indicate to OSCORE that this response contains its own PIV */
coinfo->oscore_info->piv_in_response = TRUE;
coap_trans->oscore_info->piv_in_response = TRUE;
- } else {
- if (coap_trans->oscore_info->piv) {
- /* Use the PIV from the request */
- coinfo->oscore_info->piv = (guint8 *) wmem_memdup(wmem_packet_scope(), coap_trans->oscore_info->piv, coap_trans->oscore_info->piv_len);
- }
+ } else if (coap_trans->oscore_info->piv_len > 0) {
+ /* Use the PIV from the request */
+ coinfo->oscore_info->piv = (guint8 *) wmem_memdup(wmem_packet_scope(), coap_trans->oscore_info->piv, coap_trans->oscore_info->piv_len);
coinfo->oscore_info->piv_len = coap_trans->oscore_info->piv_len;
}
coinfo->oscore_info->response = TRUE;

116
SOURCES/wireshark-0013-cve-2023-0666.patch Normal file
View File

@ -0,0 +1,116 @@
From 28fdce547c417b868c521f87fb58f71ca6b1e3f7 Mon Sep 17 00:00:00 2001
From: Gerald Combs <gerald@wireshark.org>
Date: Thu, 18 May 2023 13:52:48 -0700
Subject: [PATCH] RTPS: Fixup our g_strlcpy dest_sizes
Use the proper dest_size in various g_strlcpy calls.
Fixes #19085
---
epan/dissectors/packet-rtps.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/epan/dissectors/packet-rtps.c b/epan/dissectors/packet-rtps.c
index 2884e86faa1..a39202952f6 100644
--- a/epan/dissectors/packet-rtps.c
+++ b/epan/dissectors/packet-rtps.c
@@ -4944,7 +4944,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
++tk_id;
}
- g_strlcpy(type_name, rtps_util_typecode_id_to_string(tk_id), 40);
+ g_strlcpy(type_name, rtps_util_typecode_id_to_string(tk_id), sizeof(type_name));
/* Structure of the typecode data:
*
@@ -5115,7 +5115,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
member_name, -1, NULL, ndds_40_hack);
}
/* Finally prints the name of the struct (if provided) */
- g_strlcpy(type_name, "}", 40);
+ g_strlcpy(type_name, "}", sizeof(type_name));
break;
} /* end of case UNION */
@@ -5286,7 +5286,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
}
}
/* Finally prints the name of the struct (if provided) */
- g_strlcpy(type_name, "}", 40);
+ g_strlcpy(type_name, "}", sizeof(type_name));
break;
}
@@ -5378,7 +5378,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
offset += 4;
alias_name = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, alias_name_length, ENC_ASCII);
offset += alias_name_length;
- g_strlcpy(type_name, alias_name, 40);
+ g_strlcpy(type_name, alias_name, sizeof(type_name));
break;
}
@@ -5413,7 +5413,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
if (tk_id == RTI_CDR_TK_VALUE_PARAM) {
type_id_name = "valueparam";
}
- g_snprintf(type_name, 40, "%s '%s'", type_id_name, value_name);
+ g_snprintf(type_name, sizeof(type_name), "%s '%s'", type_id_name, value_name);
break;
}
} /* switch(tk_id) */
@@ -5577,7 +5577,7 @@ static gint rtps_util_add_type_library_type(proto_tree *tree,
long_number = tvb_get_guint32(tvb, offset_tmp, encoding);
name = tvb_get_string_enc(wmem_packet_scope(), tvb, offset_tmp+4, long_number, ENC_ASCII);
if (info)
- g_strlcpy(info->member_name, name, long_number);
+ g_strlcpy(info->member_name, name, sizeof(info->member_name));
proto_item_append_text(tree, " %s", name);
offset += member_length;
@@ -5753,13 +5753,13 @@ static gint rtps_util_add_type_member(proto_tree *tree,
proto_item_append_text(tree, " %s (ID: %d)", name, member_id);
if (member_object) {
member_object->member_id = member_id;
- g_strlcpy(member_object->member_name, name, long_number < 256 ? long_number : 256);
+ g_strlcpy(member_object->member_name, name, sizeof(member_object->member_name));
member_object->type_id = member_type_id;
}
if (info && info->extensibility == EXTENSIBILITY_MUTABLE) {
mutable_member_mapping * mutable_mapping = NULL;
mutable_mapping = wmem_new(wmem_file_scope(), mutable_member_mapping);
- g_strlcpy(mutable_mapping->member_name, name, long_number < 256 ? long_number : 256);
+ g_strlcpy(mutable_mapping->member_name, name, sizeof(mutable_mapping->member_name));
mutable_mapping->struct_type_id = info->type_id;
mutable_mapping->member_type_id = member_type_id;
mutable_mapping->member_id = member_id;
@@ -5814,7 +5814,7 @@ static gint rtps_util_add_type_union_member(proto_tree *tree,
union_member_mapping * mapping = NULL;
mapping = wmem_new(wmem_file_scope(), union_member_mapping);
- g_strlcpy(mapping->member_name, object.member_name, 256);
+ g_strlcpy(mapping->member_name, object.member_name, sizeof(mapping->member_name));
mapping->member_type_id = object.type_id;
mapping->discriminator = HASHMAP_DISCRIMINATOR_CONSTANT;
mapping->union_type_id = union_type_id + mapping->discriminator;
@@ -5827,7 +5827,7 @@ static gint rtps_util_add_type_union_member(proto_tree *tree,
union_member_mapping * mapping = NULL;
mapping = wmem_new(wmem_file_scope(), union_member_mapping);
- g_strlcpy(mapping->member_name, object.member_name, 256);
+ g_strlcpy(mapping->member_name, object.member_name, sizeof(mapping->member_name));
mapping->member_type_id = object.type_id;
mapping->discriminator = -1;
mapping->union_type_id = union_type_id + mapping->discriminator;
@@ -5847,7 +5847,7 @@ static gint rtps_util_add_type_union_member(proto_tree *tree,
ti = proto_tree_add_item(labels, hf_rtps_type_object_union_label, tvb, offset_tmp, 4, encoding);
offset_tmp += 4;
- g_strlcpy(mapping->member_name, object.member_name, 256);
+ g_strlcpy(mapping->member_name, object.member_name, sizeof(mapping->member_name));
mapping->member_type_id = object.type_id;
mapping->discriminator = discriminator_case;
mapping->union_type_id = union_type_id + discriminator_case;
--
GitLab

57
SOURCES/wireshark-0014-CVE-18226.patch
View File

@ -1,57 +0,0 @@
diff --git a/epan/dissectors/packet-steam-ihs-discovery.c b/epan/dissectors/packet-steam-ihs-discovery.c
index 1bec81e594..9d238f4e88 100644
--- a/epan/dissectors/packet-steam-ihs-discovery.c
+++ b/epan/dissectors/packet-steam-ihs-discovery.c
@@ -491,9 +491,7 @@ steamdiscover_dissect_body_status(tvbuff_t *tvb, packet_info *pinfo, proto_tree
protobuf_desc_t pb = { tvb, offset, bytes_left };
protobuf_desc_t pb2 = { tvb, 0, 0 };
protobuf_tag_t tag = { 0, 0, 0 };
- wmem_allocator_t* strpool;
guint8 *hostname;
- strpool = wmem_allocator_new(WMEM_ALLOCATOR_SIMPLE);
nstime_t timestamp;
proto_tree *user_tree;
proto_item *user_it;
@@ -522,7 +520,7 @@ steamdiscover_dissect_body_status(tvbuff_t *tvb, packet_info *pinfo, proto_tree
value = get_varint64(pb.tvb, pb.offset, pb.bytes_left, &len);
proto_tree_add_item(tree, hf_steam_ihs_discovery_body_status_hostname, pb.tvb,
pb.offset+len, (gint)value, ENC_UTF_8|ENC_NA);
- hostname = tvb_get_string_enc(strpool, pb.tvb, pb.offset+len, (gint)value, ENC_UTF_8);
+ hostname = tvb_get_string_enc(wmem_packet_scope(), pb.tvb, pb.offset+len, (gint)value, ENC_UTF_8);
if(hostname && strlen(hostname)) {
col_add_fstr(pinfo->cinfo, COL_INFO, "%s from %s", hf_steam_ihs_discovery_header_msgtype_strings[STEAMDISCOVER_MSGTYPE_CLIENTBROADCASTMSGSTATUS].strptr, hostname);
}
@@ -615,7 +613,6 @@ steamdiscover_dissect_body_status(tvbuff_t *tvb, packet_info *pinfo, proto_tree
}
protobuf_seek_forward(&pb, len);
}
- wmem_destroy_allocator(strpool);
}
/* Dissect a CMsgRemoteDeviceAuthorizationRequest protobuf message body.
@@ -648,8 +645,6 @@ steamdiscover_dissect_body_authrequest(tvbuff_t *tvb, packet_info *pinfo, proto_
gint64 value;
protobuf_desc_t pb = { tvb, offset, bytes_left };
protobuf_tag_t tag = { 0, 0, 0 };
- wmem_allocator_t *strpool;
- strpool = wmem_allocator_new(WMEM_ALLOCATOR_SIMPLE);
guint8* devicename;
while (protobuf_iter_next(&pb, &tag)) {
switch(tag.field_number) {
@@ -665,7 +660,7 @@ steamdiscover_dissect_body_authrequest(tvbuff_t *tvb, packet_info *pinfo, proto_
value = get_varint64(pb.tvb, pb.offset, pb.bytes_left, &len);
proto_tree_add_item(tree, hf_steam_ihs_discovery_body_authrequest_devicename, pb.tvb,
pb.offset+len, (gint)value, ENC_UTF_8|ENC_NA);
- devicename = tvb_get_string_enc(strpool, pb.tvb, pb.offset+len, (gint)value, ENC_UTF_8);
+ devicename = tvb_get_string_enc(wmem_packet_scope(), pb.tvb, pb.offset+len, (gint)value, ENC_UTF_8);
if (devicename && strlen(devicename)) {
col_append_fstr(pinfo->cinfo, COL_INFO, " from %s", devicename);
}
@@ -684,7 +679,6 @@ steamdiscover_dissect_body_authrequest(tvbuff_t *tvb, packet_info *pinfo, proto_
}
protobuf_seek_forward(&pb, len);
}
- wmem_destroy_allocator(strpool);
}
/* Dissect a CMsgRemoteDeviceAuthorizationResponse protobuf message body.

93
SOURCES/wireshark-0014-cve-2023-2858.patch Normal file
View File

@ -0,0 +1,93 @@
From 74017383c8c73f25d12ef847c96854641f88fae4 Mon Sep 17 00:00:00 2001
From: Guy Harris <gharris@sonic.net>
Date: Fri, 19 May 2023 16:29:45 -0700
Subject: [PATCH] netscaler: add more checks to make sure the record is within
the page.
Whie we're at it, restructure some other checks to test-before-casting -
it's OK to test afterwards, but testing before makes it follow the
pattern used elsewhere.
Fixes #19081.
(cherry picked from commit cb190d6839ddcd4596b0205844f45553f1e77105)
---
wiretap/netscaler.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/wiretap/netscaler.c b/wiretap/netscaler.c
index 8dcbd42a089..b94caca0869 100644
--- a/wiretap/netscaler.c
+++ b/wiretap/netscaler.c
@@ -1114,13 +1114,13 @@ static gboolean nstrace_set_start_time(wtap *wth, int file_version, int *err,
#define PACKET_DESCRIBE(rec,buf,FULLPART,fullpart,ver,type,HEADERVER) \
do {\
- nspr_pktrace##fullpart##_v##ver##_t *type = (nspr_pktrace##fullpart##_v##ver##_t *) &nstrace_buf[nstrace_buf_offset];\
/* Make sure the record header is entirely contained in the page */\
- if ((nstrace_buflen - nstrace_buf_offset) < sizeof *type) {\
+ if ((nstrace_buflen - nstrace_buf_offset) < sizeof(nspr_pktrace##fullpart##_v##ver##_t)) {\
*err = WTAP_ERR_BAD_FILE;\
*err_info = g_strdup("nstrace: record header crosses page boundary");\
return FALSE;\
}\
+ nspr_pktrace##fullpart##_v##ver##_t *type = (nspr_pktrace##fullpart##_v##ver##_t *) &nstrace_buf[nstrace_buf_offset];\
/* Check sanity of record size */\
if (pletoh16(&type->nsprRecordSize) < sizeof *type) {\
*err = WTAP_ERR_BAD_FILE;\
@@ -1186,6 +1186,8 @@ static gboolean nstrace_read_v10(wtap *wth, wtap_rec *rec, Buffer *buf,
case NSPR_ABSTIME_V10:
{
+ if (!nstrace_ensure_buflen(nstrace, nstrace_buf_offset, sizeof(nspr_pktracefull_v10_t), err, err_info))
+ return FALSE;
nspr_pktracefull_v10_t *fp = (nspr_pktracefull_v10_t *) &nstrace_buf[nstrace_buf_offset];
if (pletoh16(&fp->nsprRecordSize) == 0) {
*err = WTAP_ERR_BAD_FILE;
@@ -1199,6 +1201,8 @@ static gboolean nstrace_read_v10(wtap *wth, wtap_rec *rec, Buffer *buf,
case NSPR_RELTIME_V10:
{
+ if (!nstrace_ensure_buflen(nstrace, nstrace_buf_offset, sizeof(nspr_pktracefull_v10_t), err, err_info))
+ return FALSE;
nspr_pktracefull_v10_t *fp = (nspr_pktracefull_v10_t *) &nstrace_buf[nstrace_buf_offset];
if (pletoh16(&fp->nsprRecordSize) == 0) {
*err = WTAP_ERR_BAD_FILE;
@@ -1216,6 +1220,8 @@ static gboolean nstrace_read_v10(wtap *wth, wtap_rec *rec, Buffer *buf,
default:
{
+ if (!nstrace_ensure_buflen(nstrace, nstrace_buf_offset, sizeof(nspr_pktracefull_v10_t), err, err_info))
+ return FALSE;
nspr_pktracefull_v10_t *fp = (nspr_pktracefull_v10_t *) &nstrace_buf[nstrace_buf_offset];
if (pletoh16(&fp->nsprRecordSize) == 0) {
*err = WTAP_ERR_BAD_FILE;
@@ -1500,14 +1506,14 @@ static gboolean nstrace_read_v20(wtap *wth, wtap_rec *rec, Buffer *buf,
#define PACKET_DESCRIBE(rec,buf,FULLPART,ver,enumprefix,type,structname,HEADERVER)\
do {\
- nspr_##structname##_t *fp = (nspr_##structname##_t *) &nstrace_buf[nstrace_buf_offset];\
/* Make sure the record header is entirely contained in the page */\
- if ((nstrace->nstrace_buflen - nstrace_buf_offset) < sizeof *fp) {\
+ if ((nstrace->nstrace_buflen - nstrace_buf_offset) < sizeof(nspr_##structname##_t)) {\
*err = WTAP_ERR_BAD_FILE;\
*err_info = g_strdup("nstrace: record header crosses page boundary");\
g_free(nstrace_tmpbuff);\
return FALSE;\
}\
+ nspr_##structname##_t *fp = (nspr_##structname##_t *) &nstrace_buf[nstrace_buf_offset];\
(rec)->rec_type = REC_TYPE_PACKET;\
TIMEDEFV##ver((rec),fp,type);\
FULLPART##SIZEDEFV##ver((rec),fp,ver);\
@@ -1615,7 +1621,6 @@ static gboolean nstrace_read_v30(wtap *wth, wtap_rec *rec, Buffer *buf,
g_free(nstrace_tmpbuff);
return FALSE;
}
-
hdp = (nspr_hd_v20_t *) &nstrace_buf[nstrace_buf_offset];
if (nspr_getv20recordsize(hdp) == 0) {
*err = WTAP_ERR_BAD_FILE;
--
GitLab

725
SOURCES/wireshark-0015-CVE-18227.patch
View File

@ -1,725 +0,0 @@
diff --git a/epan/dissectors/packet-mswsp.c b/epan/dissectors/packet-mswsp.c
index 421713067b..295192a0ab 100644
--- a/epan/dissectors/packet-mswsp.c
+++ b/epan/dissectors/packet-mswsp.c
@@ -359,6 +359,7 @@ static int SMB2 = 2;
void proto_reg_handoff_mswsp(void);
+static expert_field ei_mswsp_invalid_variant_type = EI_INIT;
static expert_field ei_missing_msg_context = EI_INIT;
static expert_field ei_mswsp_msg_cpmsetbinding_ccolumns = EI_INIT;
@@ -3068,7 +3069,7 @@ static int parse_lcid(tvbuff_t *tvb, int offset, proto_tree *parent_tree, const
/*****************************************************************************************/
/* 2.2.1.1 CBaseStorageVariant */
-static int parse_CBaseStorageVariant(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CBaseStorageVariant *value, const char *text);
+static int parse_CBaseStorageVariant(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CBaseStorageVariant *value, const char *text);
/* 2.2.1.2 CFullPropSpec */
static int parse_CFullPropSpec(tvbuff_t *tvb, int offset, proto_tree *tree, proto_tree *pad_tree, struct CFullPropSpec *v, const char *fmt, ...);
@@ -3080,10 +3081,10 @@ static int parse_CContentRestriction(tvbuff_t *tvb, int offset, proto_tree *pare
static int parse_CNatLanguageRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CNatLanguageRestriction *v, const char *fmt, ...);
/* 2.2.1.6 CNodeRestriction */
-static int parse_CNodeRestriction(tvbuff_t *tvb, int offset, proto_tree *tree, proto_tree *pad_tree, struct CNodeRestriction *v, const char* fmt, ...);
+static int parse_CNodeRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree, proto_tree *pad_tree, struct CNodeRestriction *v, const char* fmt, ...);
/* 2.2.1.7 CPropertyRestriction */
-static int parse_CPropertyRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CPropertyRestriction *v, const char *fmt, ...);
+static int parse_CPropertyRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CPropertyRestriction *v, const char *fmt, ...);
/* 2.2.1.8 CReuseWhere */
static int parse_CReuseWhere(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree _U_, struct CReuseWhere *v, const char *fmt, ...);
@@ -3092,27 +3093,27 @@ static int parse_CReuseWhere(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
static int parse_CSort(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree _U_, const char *fmt, ...);
/* 2.2.1.12 CCoercionRestriction */
-static int parse_CCoercionRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CCoercionRestriction *v, const char *fmt, ...);
+static int parse_CCoercionRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CCoercionRestriction *v, const char *fmt, ...);
/* 2.2.1.16 CRestrictionArray */
-static int parse_CRestrictionArray(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CRestrictionArray(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.17 CRestriction */
-static int parse_CRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CRestriction *v, const char *fmt, ...);
+static int parse_CRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CRestriction *v, const char *fmt, ...);
/* 2.2.1.18 CColumnSet */
static int parse_CColumnSet(tvbuff_t *tvb, int offset, proto_tree *tree, const char *fmt, ...);
/* 2.2.1.20 CCategorizationSpec */
-static int parse_CCategorizationSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CCategorizationSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.21 CCategSpec */
-static int parse_CCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CCategSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.22 CRangeCategSpec */
-static int parse_CRangeCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CRangeCategSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.23 RANGEBOUNDARY */
-static int parse_RANGEBOUNDARY(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_RANGEBOUNDARY(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.24 CAggregSet */
static int parse_CAggregSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
@@ -3127,19 +3128,19 @@ static int parse_CSortAggregSet(tvbuff_t *tvb, int offset, proto_tree *parent_tr
static int parse_CAggregSortKey(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.28 CInGroupSortAggregSets */
-static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.29 CInGroupSortAggregSet */
-static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.30 CDbColId */
static int parse_CDbColId(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *text);
/* 2.2.1.31 CDbProp */
-static int parse_CDbProp(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct GuidPropertySet *propset, const char *fmt, ...);
+static int parse_CDbProp(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct GuidPropertySet *propset, const char *fmt, ...);
/* 2.2.1.32 CDbPropSet */
-static int parse_CDbPropSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CDbPropSet(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.33 CPidMapper */
static int parse_CPidMapper(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
@@ -3157,7 +3158,7 @@ static int parse_CRowsetProperties(tvbuff_t *tvb, int offset, proto_tree *parent
static int parse_CSortSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.44 CTableColumn */
-static int parse_CTableColumn(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CTableColumn *col, const char *fmt, ...);
+static int parse_CTableColumn(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CTableColumn *col, const char *fmt, ...);
/*
@@ -3231,11 +3232,11 @@ static int parse_CSortSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pr
return offset;
}
-static int parse_CTableColumn(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CTableColumn *col, const char *fmt, ...)
+static int parse_CTableColumn(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CTableColumn *col, const char *fmt, ...)
{
- proto_item *item;
+ proto_item *item, *ti_type;
proto_tree *tree;
va_list ap;
struct vtype_data *type;
@@ -3266,8 +3267,14 @@ static int parse_CTableColumn(tvbuff_t *tvb, int offset, proto_tree *parent_tree
}
}
type = vType_get_type(vtype_val);
- DISSECTOR_ASSERT(type != NULL);
- proto_tree_add_string_format_value(tree, hf_mswsp_ctablecolumn_vtype, tvb, offset, 4, type->str, "%s%s", type->str, modifier);
+ if (type == NULL) {
+ /*
+ * Not a valid type.
+ */
+ ti_type = proto_tree_add_string(tree, hf_mswsp_ctablecolumn_vtype, tvb, offset, 4, "Unknown CTableColumn type");
+ expert_add_info(pinfo, ti_type, &ei_mswsp_invalid_variant_type);
+ } else
+ proto_tree_add_string_format_value(tree, hf_mswsp_ctablecolumn_vtype, tvb, offset, 4, type->str, "%s%s", type->str, modifier);
offset += 4;
used = tvb_get_guint8(tvb, offset);
@@ -3487,7 +3494,7 @@ static int parse_relop(tvbuff_t *tvb, int offset, proto_tree *tree, guint32 *re
}
return offset + 4;
}
-static int parse_CPropertyRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CPropertyRestriction *v, const char *fmt, ...)
+static int parse_CPropertyRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CPropertyRestriction *v, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -3505,7 +3512,7 @@ static int parse_CPropertyRestriction(tvbuff_t *tvb, int offset, proto_tree *par
offset = parse_CFullPropSpec(tvb, offset, tree, pad_tree, &v->property, "Property");
- offset = parse_CBaseStorageVariant(tvb, offset, tree, pad_tree, &v->prval, "prval");
+ offset = parse_CBaseStorageVariant(tvb, pinfo, offset, tree, pad_tree, &v->prval, "prval");
offset = parse_padding(tvb, offset, 4, pad_tree, "padding_lcid");
@@ -3517,7 +3524,7 @@ static int parse_CPropertyRestriction(tvbuff_t *tvb, int offset, proto_tree *par
return offset;
}
-static int parse_CCoercionRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CCoercionRestriction *v, const char *fmt, ...)
+static int parse_CCoercionRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CCoercionRestriction *v, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -3535,7 +3542,7 @@ static int parse_CCoercionRestriction(tvbuff_t *tvb, int offset, proto_tree *par
offset += 4;
- offset = parse_CRestriction(tvb, offset, tree, pad_tree, &v->child, "child");
+ offset = parse_CRestriction(tvb, pinfo, offset, tree, pad_tree, &v->child, "child");
proto_item_set_end(item, tvb, offset);
return offset;
@@ -3732,7 +3739,7 @@ static int parse_rType(tvbuff_t *tvb, int offset, proto_tree *tree, enum rType *
return offset + 4;
}
-static int parse_CRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CRestriction *v, const char *fmt, ...)
+static int parse_CRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CRestriction *v, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -3761,18 +3768,18 @@ static int parse_CRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree
case RTProximity:
case RTPhrase: {
v->u.RTAnd = EP_ALLOC(struct CNodeRestriction);
- offset = parse_CNodeRestriction(tvb, offset, tree, pad_tree, v->u.RTAnd, "CNodeRestriction");
+ offset = parse_CNodeRestriction(tvb, pinfo, offset, tree, pad_tree, v->u.RTAnd, "CNodeRestriction");
break;
}
case RTNot: {
v->u.RTNot = EP_ALLOC(struct CRestriction);
- offset = parse_CRestriction(tvb, offset, tree, pad_tree,
+ offset = parse_CRestriction(tvb, pinfo, offset, tree, pad_tree,
v->u.RTNot, "CRestriction");
break;
}
case RTProperty: {
v->u.RTProperty = EP_ALLOC(struct CPropertyRestriction);
- offset = parse_CPropertyRestriction(tvb, offset, tree, pad_tree,
+ offset = parse_CPropertyRestriction(tvb, pinfo, offset, tree, pad_tree,
v->u.RTProperty, "CPropertyRestriction");
break;
}
@@ -3780,7 +3787,7 @@ static int parse_CRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree
case RTCoerce_Multiply:
case RTCoerce_Absolute: {
v->u.RTCoerce_Add = EP_ALLOC(struct CCoercionRestriction);
- offset = parse_CCoercionRestriction(tvb, offset, tree, pad_tree,
+ offset = parse_CCoercionRestriction(tvb, pinfo, offset, tree, pad_tree,
v->u.RTCoerce_Add, "CCoercionRestriction");
break;
}
@@ -3810,7 +3817,7 @@ static int parse_CRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree
return offset;
}
-static int parse_CRestrictionArray(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+static int parse_CRestrictionArray(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
guint8 present, count;
@@ -3840,14 +3847,14 @@ static int parse_CRestrictionArray(tvbuff_t *tvb, int offset, proto_tree *parent
for (i=0; i<count; i++) {
struct CRestriction r;
- offset = parse_CRestriction(tvb, offset, tree, pad_tree, &r, "Restriction[%d]", i);
+ offset = parse_CRestriction(tvb, pinfo, offset, tree, pad_tree, &r, "Restriction[%d]", i);
}
}
proto_item_set_end(item, tvb, offset);
return offset;
}
-static int parse_CNodeRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CNodeRestriction *v, const char *fmt, ...)
+static int parse_CNodeRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CNodeRestriction *v, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -3867,7 +3874,7 @@ static int parse_CNodeRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_
for (i=0; i<v->cNode; i++) {
struct CRestriction r;
ZERO_STRUCT(r);
- offset = parse_CRestriction(tvb, offset, tree, pad_tree, &r, "paNode[%u]", i);
+ offset = parse_CRestriction(tvb, pinfo, offset, tree, pad_tree, &r, "paNode[%u]", i);
offset = parse_padding(tvb, offset, 4, tree, "padding_paNode[%u]", i); /*at begin or end of loop ????*/
}
@@ -4208,117 +4215,7 @@ static const char *str_CBaseStorageVariant(struct CBaseStorageVariant *value, gb
return wmem_strbuf_get_str(strbuf);
}
-static int parse_vType(tvbuff_t *tvb, int offset, guint16 *vtype)
-{
- guint16 tmp_vtype = tvb_get_letohs(tvb, offset);
- guint16 modifier = tmp_vtype & 0xFF00;
-
- switch (tmp_vtype & 0xFF) {
- case VT_EMPTY:
- *vtype = VT_EMPTY;
- break;
- case VT_NULL:
- *vtype = VT_NULL;
- break;
- case VT_I2:
- *vtype = VT_I2;
- break;
- case VT_I4:
- *vtype = VT_I4;
- break;
- case VT_R4:
- *vtype = VT_R4;
- break;
- case VT_R8:
- *vtype = VT_R8;
- break;
- case VT_CY:
- *vtype = VT_CY;
- break;
- case VT_DATE:
- *vtype = VT_DATE;
- break;
- case VT_BSTR:
- *vtype = VT_BSTR;
- break;
- case VT_ERROR:
- *vtype = VT_ERROR;
- break;
- case VT_BOOL:
- *vtype = VT_BOOL;
- break;
- case VT_VARIANT:
- *vtype = VT_VARIANT;
- break;
- case VT_DECIMAL:
- *vtype = VT_DECIMAL;
- break;
- case VT_I1:
- *vtype = VT_I1;
- break;
- case VT_UI1:
- *vtype = VT_UI1;
- break;
- case VT_UI2:
- *vtype = VT_UI2;
- break;
- case VT_UI4:
- *vtype = VT_UI4;
- break;
- case VT_I8:
- *vtype = VT_I8;
- break;
- case VT_UI8:
- *vtype = VT_UI8;
- break;
- case VT_INT:
- *vtype = VT_INT;
- break;
- case VT_UINT:
- *vtype = VT_UINT;
- break;
- case VT_LPSTR:
- *vtype = VT_LPSTR;
- break;
- case VT_LPWSTR:
- *vtype = VT_LPWSTR;
- break;
- case VT_COMPRESSED_LPWSTR:
- *vtype = VT_COMPRESSED_LPWSTR;
- break;
- case VT_FILETIME:
- *vtype = VT_FILETIME;
- break;
- case VT_BLOB:
- *vtype = VT_BLOB;
- break;
- case VT_BLOB_OBJECT:
- *vtype = VT_BLOB_OBJECT;
- break;
- case VT_CLSID:
- *vtype = VT_CLSID;
- break;
- default:
- DISSECTOR_ASSERT(FALSE);
- break;
- }
- if (modifier) {
- switch (modifier) {
- case VT_VECTOR:
- *vtype |= VT_VECTOR;
- break;
- case VT_ARRAY:
- *vtype |= VT_ARRAY;
- break;
- default:
- DISSECTOR_ASSERT(FALSE);
- break;
- }
- }
- return offset + 2;
-}
-
-static int parse_CBaseStorageVariant(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree _U_, struct CBaseStorageVariant *value, const char *text)
+static int parse_CBaseStorageVariant(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree _U_, struct CBaseStorageVariant *value, const char *text)
{
int i, len;
proto_item *ti, *ti_type, *ti_val;
@@ -4329,9 +4226,19 @@ static int parse_CBaseStorageVariant(tvbuff_t *tvb, int offset, proto_tree *pare
tree = proto_tree_add_subtree(parent_tree, tvb, offset, 0, ett_CBaseStorageVariant, &ti, text);
- parse_vType(tvb, offset, &value->vType);
- value->type = vType_get_type(value->vType);
- DISSECTOR_ASSERT(value->type != NULL);
+ value->vType = tvb_get_letohs(tvb, offset);
+ value->type = vType_get_type(value->vType & 0xFF);
+ if (value->type == NULL) {
+ /*
+ * Not a valid type.
+ */
+ ti_type = proto_tree_add_string(tree, hf_mswsp_cbasestorvariant_vtype, tvb, offset, 2, "Unknown CBaseStorageVariant type");
+ offset += 2;
+ expert_add_info(pinfo, ti_type, &ei_mswsp_invalid_variant_type);
+
+ THROW_MESSAGE(ReportedBoundsError, "Unknown CBaseStorageVariant type");
+ return offset;
+ }
ti_type = proto_tree_add_string(tree, hf_mswsp_cbasestorvariant_vtype, tvb, offset, 2, value->type->str);
offset += 2;
@@ -4452,7 +4359,7 @@ static int parse_CDbColId(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pr
return offset;
}
-static int parse_CDbProp(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct GuidPropertySet *propset, const char *fmt, ...)
+static int parse_CDbProp(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct GuidPropertySet *propset, const char *fmt, ...)
{
static const value_string EMPTY_VS[] = {{0, NULL}};
const value_string *vs = (propset && propset->id_map) ? propset->id_map : EMPTY_VS;
@@ -4485,7 +4392,7 @@ static int parse_CDbProp(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pro
offset = parse_CDbColId(tvb, offset, tree, pad_tree, "colid");
- offset = parse_CBaseStorageVariant(tvb, offset, tree, pad_tree, &value, "vValue");
+ offset = parse_CBaseStorageVariant(tvb, pinfo, offset, tree, pad_tree, &value, "vValue");
str = str_CBaseStorageVariant(&value, TRUE);
proto_item_append_text(item, " %s", str);
@@ -4494,7 +4401,7 @@ static int parse_CDbProp(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pro
return offset;
}
-static int parse_CDbPropSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+static int parse_CDbPropSet(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
int i, num;
e_guid_t guid;
@@ -4530,14 +4437,14 @@ static int parse_CDbPropSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
for (i = 0; i<num; i++) {
offset = parse_padding(tvb, offset, 4, pad_tree, "aProp[%d]", i);
- offset = parse_CDbProp(tvb, offset, tree, pad_tree, pset, "aProp[%d]", i);
+ offset = parse_CDbProp(tvb, pinfo, offset, tree, pad_tree, pset, "aProp[%d]", i);
}
proto_item_set_end(item, tvb, offset);
return offset;
}
-static int parse_PropertySetArray(tvbuff_t *tvb, int offset, int size_offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+static int parse_PropertySetArray(tvbuff_t *tvb, packet_info *pinfo, int offset, int size_offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
const int offset_in = offset;
guint32 size, num;
@@ -4563,7 +4470,7 @@ static int parse_PropertySetArray(tvbuff_t *tvb, int offset, int size_offset, pr
offset += 4;
for (i = 0; i < (int)num; i++) {
- offset = parse_CDbPropSet(tvb, offset, tree, pad_tree, "PropertySet[%d]", i);
+ offset = parse_CDbPropSet(tvb, pinfo, offset, tree, pad_tree, "PropertySet[%d]", i);
}
proto_item_set_end(item, tvb, offset);
@@ -4601,7 +4508,7 @@ int parse_CColumnSet(tvbuff_t *tvb, int offset, proto_tree *tree, const char *fm
}
/* 2.2.1.23 RANGEBOUNDARY */
-int parse_RANGEBOUNDARY(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+int parse_RANGEBOUNDARY(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
guint32 ulType;
guint8 labelPresent;
@@ -4622,7 +4529,7 @@ int parse_RANGEBOUNDARY(tvbuff_t *tvb, int offset, proto_tree *parent_tree, prot
offset += 4;
ZERO_STRUCT(prval);
- offset = parse_CBaseStorageVariant(tvb, offset, tree, pad_tree, &prval, "prVal");
+ offset = parse_CBaseStorageVariant(tvb, pinfo, offset, tree, pad_tree, &prval, "prVal");
labelPresent = tvb_get_guint8(tvb, offset);
proto_tree_add_item(tree, hf_mswsp_rangeboundry_labelpresent, tvb, offset, 1, ENC_LITTLE_ENDIAN);
@@ -4650,7 +4557,7 @@ int parse_RANGEBOUNDARY(tvbuff_t *tvb, int offset, proto_tree *parent_tree, prot
/* 2.2.1.22 CRangeCategSpec */
-int parse_CRangeCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+int parse_CRangeCategSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
proto_item *item;
proto_tree *tree;
@@ -4671,7 +4578,7 @@ int parse_CRangeCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pr
offset += 4;
for (i=0; i<cRange; i++) {
- offset = parse_RANGEBOUNDARY(tvb, offset, tree, pad_tree, "aRangeBegin[%u]", i);
+ offset = parse_RANGEBOUNDARY(tvb, pinfo, offset, tree, pad_tree, "aRangeBegin[%u]", i);
}
@@ -4680,7 +4587,7 @@ int parse_CRangeCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pr
}
/* 2.2.1.21 CCategSpec */
-int parse_CCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+int parse_CCategSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
proto_item *item;
proto_tree *tree;
@@ -4700,7 +4607,7 @@ int parse_CCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_t
offset = parse_CSort(tvb, offset, tree, pad_tree, "CSort");
- offset = parse_CRangeCategSpec(tvb, offset, tree, pad_tree, "CRangeCategSpec");
+ offset = parse_CRangeCategSpec(tvb, pinfo, offset, tree, pad_tree, "CRangeCategSpec");
proto_item_set_end(item, tvb, offset);
return offset;
@@ -4867,7 +4774,7 @@ static int parse_CInGroupSortAggregSet_type(tvbuff_t *tvb, int offset, proto_tre
}
/* 2.2.1.29 CInGroupSortAggregSet */
-static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
proto_item *item;
proto_tree *tree;
@@ -4885,7 +4792,7 @@ static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, int offset, proto_tree *pa
if (type == GroupIdValue) {
struct CBaseStorageVariant id;
- offset = parse_CBaseStorageVariant(tvb, offset, tree, pad_tree, &id, "inGroupId");
+ offset = parse_CBaseStorageVariant(tvb, pinfo, offset, tree, pad_tree, &id, "inGroupId");
}
offset = parse_CSortSet(tvb, offset, tree, pad_tree, "SortSet");
@@ -4896,7 +4803,7 @@ static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, int offset, proto_tree *pa
/* 2.2.1.28 CInGroupSortAggregSets */
-static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
guint32 cCount, i;
proto_item *item;
@@ -4916,7 +4823,7 @@ static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, int offset, proto_tree *p
for (i=0; i<cCount; i++) {
/* 2.2.1.29 CInGroupSortAggregSet */
- offset = parse_CInGroupSortAggregSet(tvb, offset, tree, pad_tree, "SortSets[%u]", i);
+ offset = parse_CInGroupSortAggregSet(tvb, pinfo, offset, tree, pad_tree, "SortSets[%u]", i);
}
proto_item_set_end(item, tvb, offset);
@@ -4924,7 +4831,7 @@ static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, int offset, proto_tree *p
}
/* 2.2.1.20 CCategorizationSpec */
-int parse_CCategorizationSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+int parse_CCategorizationSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
proto_item *item;
proto_tree *tree;
@@ -4941,7 +4848,7 @@ int parse_CCategorizationSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree
offset = parse_CColumnSet(tvb, offset, tree, "csColumns");
/* 2.2.1.21 CCategSpec */
- offset = parse_CCategSpec(tvb, offset, tree, pad_tree, "Spec");
+ offset = parse_CCategSpec(tvb, pinfo, offset, tree, pad_tree, "Spec");
/* 2.2.1.24 CAggregSet */
offset = parse_CAggregSet(tvb, offset, tree, pad_tree, "AggregSet");
@@ -4950,7 +4857,7 @@ int parse_CCategorizationSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree
offset = parse_CSortAggregSet(tvb, offset, tree, pad_tree, "SortAggregSet");
/* 2.2.1.28 CInGroupSortAggregSets */
- offset = parse_CInGroupSortAggregSets(tvb, offset, tree, pad_tree, "InGroupSortAggregSets");
+ offset = parse_CInGroupSortAggregSets(tvb, pinfo, offset, tree, pad_tree, "InGroupSortAggregSets");
proto_tree_add_item(tree, hf_mswsp_categorizationspec_cmaxres, tvb, offset, 4, ENC_LITTLE_ENDIAN);
offset += 4;
@@ -5273,17 +5180,14 @@ static int parse_CRowVariantArrayInfo(tvbuff_t *tvb, int offset, proto_tree *tre
return offset;
}
-static int parse_VariantColVector(tvbuff_t *tvb, int offset, proto_tree *tree, guint64 base_address, gboolean is_64bit, struct CRowVariant *variant)
+static int parse_VariantColVector(tvbuff_t *tvb, int offset, proto_tree *tree, guint64 base_address, gboolean is_64bit, struct CRowVariant *variant, struct vtype_data *vt_list_type)
{
guint32 i = 0;
guint64 count = 0;
int buf_offset = 0;
proto_tree *sub_tree;
- struct vtype_data *vt_list_type =
- vType_get_type((enum vType)(variant->vtype & 0x00FF));
wmem_strbuf_t *strbuf;
- DISSECTOR_ASSERT(vt_list_type != NULL);
offset = parse_CRowVariantArrayInfo(tvb, offset, tree, is_64bit, variant);
if (is_64bit) {
buf_offset =
@@ -5335,10 +5239,10 @@ static int parse_VariantColVector(tvbuff_t *tvb, int offset, proto_tree *tree, g
return offset;
}
-static int parse_VariantCol(tvbuff_t *tvb, int offset, proto_tree *parent_tree, guint64 base_address, guint32 length _U_, gboolean is_64bit, struct CRowVariant *variant, const char *fmt, ...)
+static int parse_VariantCol(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, guint64 base_address, guint32 length _U_, gboolean is_64bit, struct CRowVariant *variant, const char *fmt, ...)
{
proto_tree *tree;
- proto_item *item;
+ proto_item *item, *ti_type;
va_list ap;
struct vtype_data *vt_type;
@@ -5354,8 +5258,6 @@ static int parse_VariantCol(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
variant->vtype = tvb_get_letohs(tvb, offset);
vt_type = vType_get_type((enum vType)variant->vtype);
- DISSECTOR_ASSERT(vt_type != NULL);
-
vtype_high = (variant->vtype & 0xFF00);
if (vtype_high) {
if (vtype_high == VT_VECTOR) {
@@ -5367,6 +5269,17 @@ static int parse_VariantCol(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
}
}
+ if (vt_type == NULL) {
+ /*
+ * Not a valid type.
+ */
+ ti_type = proto_tree_add_string(tree, hf_mswsp_ctablecolumn_vtype, tvb, offset, 4, "Unknown variant column type");
+ expert_add_info(pinfo, ti_type, &ei_mswsp_invalid_variant_type);
+ offset += 2;
+
+ THROW_FORMATTED(ReportedBoundsError, "Unknown variant column type%s", modifier);
+ return offset;
+ }
proto_tree_add_string_format_value(tree, hf_mswsp_rowvariant_vtype, tvb, offset, 2, vt_type->str, "%s%s", vt_type->str, modifier);
offset += 2;
@@ -5382,7 +5295,7 @@ static int parse_VariantCol(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
if (vtype_high == VT_VECTOR || vtype_high == VT_ARRAY) {
offset = parse_VariantColVector(tvb, offset, tree, base_address,
- is_64bit, variant);
+ is_64bit, variant, vt_type);
} else {
wmem_strbuf_t *strbuf = wmem_strbuf_new(wmem_packet_scope(), "");
if (size != -1) {
@@ -5421,7 +5334,7 @@ static int parse_VariantCol(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
return offset;
}
-static int parse_RowsBufferCol(tvbuff_t *tvb, int offset, guint32 row, guint32 col, struct CPMSetBindingsIn *bindingsin, struct rows_data *rowsin, gboolean b_is_64bit, proto_tree *parent_tree, const char *fmt, ...)
+static int parse_RowsBufferCol(tvbuff_t *tvb, packet_info *pinfo, int offset, guint32 row, guint32 col, struct CPMSetBindingsIn *bindingsin, struct rows_data *rowsin, gboolean b_is_64bit, proto_tree *parent_tree, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -5463,13 +5376,13 @@ static int parse_RowsBufferCol(tvbuff_t *tvb, int offset, guint32 row, guint32 c
len = tvb_get_letohs(tvb, buf_offset + pcol->lengthoffset) - pcol->valuesize;
}
if (pcol->vtype == VT_VARIANT) {
- parse_VariantCol(tvb, tmp_offset, tree, base_address, len, b_is_64bit, &variant, "CRowVariant");
+ parse_VariantCol(tvb, pinfo, tmp_offset, tree, base_address, len, b_is_64bit, &variant, "CRowVariant");
}
}
return offset;
}
-static int parse_RowsBuffer(tvbuff_t *tvb, int offset, guint32 num_rows, struct CPMSetBindingsIn *bindingsin, struct rows_data *rowsin, gboolean is64bit, proto_tree *parent_tree, const char *fmt, ...)
+static int parse_RowsBuffer(tvbuff_t *tvb, packet_info *pinfo, int offset, guint32 num_rows, struct CPMSetBindingsIn *bindingsin, struct rows_data *rowsin, gboolean is64bit, proto_tree *parent_tree, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -5488,7 +5401,7 @@ static int parse_RowsBuffer(tvbuff_t *tvb, int offset, guint32 num_rows, struct
proto_tree *row_tree;
row_tree = proto_tree_add_subtree_format(tree, tvb, offset, 0, ett_GetRowsRow, NULL, "Row[%d]", num);
for (col = 0; col < bindingsin->ccolumns; col++) {
- parse_RowsBufferCol(tvb, offset, num, col, bindingsin, rowsin, is64bit, row_tree, "Col[%d]", col);
+ parse_RowsBufferCol(tvb, pinfo, offset, num, col, bindingsin, rowsin, is64bit, row_tree, "Col[%d]", col);
}
}
return offset;
@@ -5557,11 +5470,11 @@ static int dissect_CPMConnect(tvbuff_t *tvb, packet_info *pinfo, proto_tree *par
offset = parse_padding(tvb, offset, 8, pad_tree, "_paddingcPropSets");
- offset = parse_PropertySetArray(tvb, offset, blob_size1_off, tree, pad_tree, "PropSets");
+ offset = parse_PropertySetArray(tvb, pinfo, offset, blob_size1_off, tree, pad_tree, "PropSets");
offset = parse_padding(tvb, offset, 8, pad_tree, "paddingExtPropset");
- offset = parse_PropertySetArray(tvb, offset, blob_size2_off, tree, pad_tree, "ExtPropset");
+ offset = parse_PropertySetArray(tvb, pinfo, offset, blob_size2_off, tree, pad_tree, "ExtPropset");
offset = parse_padding(tvb, offset, 8, pad_tree, "???");
@@ -5616,7 +5529,7 @@ static int dissect_CPMCreateQuery(tvbuff_t *tvb, packet_info *pinfo, proto_tree
offset += 1;
if (CRestrictionPresent) {
- offset = parse_CRestrictionArray(tvb, offset, tree, pad_tree, "RestrictionArray");
+ offset = parse_CRestrictionArray(tvb, pinfo, offset, tree, pad_tree, "RestrictionArray");
}
CSortSetPresent = tvb_get_guint8(tvb, offset);
@@ -5625,7 +5538,7 @@ static int dissect_CPMCreateQuery(tvbuff_t *tvb, packet_info *pinfo, proto_tree
if (CSortSetPresent) {
offset = parse_padding(tvb, offset, 4, tree, "paddingCSortSetPresent");
- offset = parse_CInGroupSortAggregSets(tvb, offset, tree, pad_tree, "GroupSortAggregSets");
+ offset = parse_CInGroupSortAggregSets(tvb, pinfo, offset, tree, pad_tree, "GroupSortAggregSets");
}
@@ -5641,7 +5554,7 @@ static int dissect_CPMCreateQuery(tvbuff_t *tvb, packet_info *pinfo, proto_tree
proto_tree_add_uint(tree, hf_mswsp_msg_cpmcreatequery_ccateg_count, tvb, offset, 4, count);
offset += 4;
for (i=0; i<count; i++) {
- offset = parse_CCategorizationSpec(tvb, offset, tree, pad_tree, "categories[%u]", i);
+ offset = parse_CCategorizationSpec(tvb, pinfo, offset, tree, pad_tree, "categories[%u]", i);
}
}
@@ -5803,7 +5716,7 @@ static int dissect_CPMGetRows(tvbuff_t *tvb, packet_info *pinfo, proto_tree *par
if (b_has_arch && bindingsin && rowsin) {
offset = parse_padding(tvb, offset, rowsin->cbreserved, pad_tree,
"paddingRows");
- parse_RowsBuffer(tvb, offset, num_rows, bindingsin, rowsin, b_64bit_mode, tree, "Rows");
+ parse_RowsBuffer(tvb, pinfo, offset, num_rows, bindingsin, rowsin, b_64bit_mode, tree, "Rows");
} else {
gint nbytes = tvb_reported_length_remaining(tvb, offset);
proto_tree_add_expert_format(tree, pinfo, &ei_missing_msg_context, tvb, offset, nbytes, "Undissected %d bytes (due to missing preceding msg(s))", nbytes);
@@ -5950,7 +5863,7 @@ static int dissect_CPMSetBindings(tvbuff_t *tvb, packet_info *pinfo, proto_tree
sizeof(struct CTableColumn) * num);
for (n=0; n<num; n++) {
offset = parse_padding(tvb, offset, 4, pad_tree, "padding_aColumns[%u]", n);
- offset = parse_CTableColumn(tvb, offset, tree, pad_tree, &request.acolumns[n],"aColumns[%u]", n);
+ offset = parse_CTableColumn(tvb, pinfo, offset, tree, pad_tree, &request.acolumns[n],"aColumns[%u]", n);
}
data = find_or_create_message_data(ct, pinfo,0xD0,in, private_data);
if (data) {
@@ -8051,6 +7964,7 @@ proto_register_mswsp(void)
};
static ei_register_info ei[] = {
+ { &ei_mswsp_invalid_variant_type, { "mswsp.invalid_variant_type", PI_PROTOCOL, PI_ERROR, "Invalid variant type", EXPFILL }},
{ &ei_missing_msg_context, { "mswsp.msg.cpmgetrows.missing_msg_context", PI_SEQUENCE, PI_WARN, "previous messages needed for context not captured", EXPFILL }},
{ &ei_mswsp_msg_cpmsetbinding_ccolumns, { "mswsp.msg.cpmsetbinding.ccolumns.invalude", PI_PROTOCOL, PI_WARN, "Invalid number of cColumns for packet", EXPFILL }}
};

67
SOURCES/wireshark-0015-cve-2023-2856.patch Normal file
View File

@ -0,0 +1,67 @@
From da017472e69453011ea28571f192cbc79cba7f5c Mon Sep 17 00:00:00 2001
From: Guy Harris <gharris@sonic.net>
Date: Thu, 18 May 2023 15:03:23 -0700
Subject: [PATCH] vms: fix the search for the packet length field.
The packet length field is of the form
Total Length = DDD = ^xXXX
where "DDD" is the length in decimal and "XXX" is the length in
hexadecimal.
Search for "length ". not just "Length", as we skip past "Length ", not
just "Length", so if we assume we found "Length " but only found
"Length", we'd skip past the end of the string.
While we're at it, fail if we don't find a length field, rather than
just blithely acting as if the packet length were zero.
Fixes #19083.
(cherry picked from commit db5135826de3a5fdb3618225c2ff02f4207012ca)
---
wiretap/vms.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/wiretap/vms.c b/wiretap/vms.c
index 00da6ff359e..c21b26e6be0 100644
--- a/wiretap/vms.c
+++ b/wiretap/vms.c
@@ -322,6 +322,7 @@ parse_vms_packet(FILE_T fh, wtap_rec *rec, Buffer *buf, int *err, gchar **err_in
{
char line[VMS_LINE_LENGTH + 1];
int num_items_scanned;
+ gboolean have_pkt_len = FALSE;
guint32 pkt_len = 0;
int pktnum;
int csec = 101;
@@ -378,7 +379,7 @@ parse_vms_packet(FILE_T fh, wtap_rec *rec, Buffer *buf, int *err, gchar **err_in
return FALSE;
}
}
- if ( (! pkt_len) && (p = strstr(line, "Length"))) {
+ if ( (! have_pkt_len) && (p = strstr(line, "Length "))) {
p += sizeof("Length ");
while (*p && ! g_ascii_isdigit(*p))
p++;
@@ -394,9 +395,15 @@ parse_vms_packet(FILE_T fh, wtap_rec *rec, Buffer *buf, int *err, gchar **err_in
*err_info = g_strdup_printf("vms: Length field '%s' not valid", p);
return FALSE;
}
+ have_pkt_len = TRUE;
break;
}
} while (! isdumpline(line));
+ if (! have_pkt_len) {
+ *err = WTAP_ERR_BAD_FILE;
+ *err_info = g_strdup_printf("vms: Length field not found");
+ return FALSE;
+ }
if (pkt_len > WTAP_MAX_PACKET_SIZE_STANDARD) {
/*
* Probably a corrupt capture file; return an error,
--
GitLab

46
SOURCES/wireshark-0016-CVE-19622.patch
View File

@ -1,46 +0,0 @@
diff --git a/epan/dissectors/packet-mmse.c b/epan/dissectors/packet-mmse.c
index ffb4faa003..1e3d13abeb 100644
--- a/epan/dissectors/packet-mmse.c
+++ b/epan/dissectors/packet-mmse.c
@@ -487,6 +487,12 @@ get_value_length(tvbuff_t *tvb, guint offset, guint *byte_count, packet_info *pi
field = tvb_get_guintvar(tvb, offset, byte_count, pinfo, &ei_mmse_oversized_uintvar);
(*byte_count)++;
}
+
+ /* The packet says there are this many bytes; ensure they're there.
+ * We do this here because several callers do math on the length we
+ * return here and may not catch an overflow.
+ */
+ tvb_ensure_bytes_exist(tvb, offset, field);
return field;
}
@@ -689,7 +695,7 @@ static void
dissect_mmse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint8 pdut,
const char *message_type)
{
- guint offset;
+ guint offset, old_offset;
guint8 field = 0;
const char *strval;
guint length;
@@ -711,6 +717,7 @@ dissect_mmse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint8 pdut,
proto_tree_add_uint(mmse_tree, hf_mmse_message_type, tvb, 0, 2, pdut);
offset = 2; /* Skip Message-Type */
+ old_offset = 1;
/*
* Cycle through MMS-headers
@@ -1209,6 +1216,11 @@ dissect_mmse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint8 pdut,
break;
}
DebugLog(("\tEnd(case)\n"));
+
+ if (offset <= old_offset) {
+ REPORT_DISSECTOR_BUG("Offset isn't increasing (offset=%u, old offset=%u)", offset, old_offset);
+ }
+ old_offset = offset;
}
DebugLog(("\tEnd(switch)\n"));

103
SOURCES/wireshark-0016-cve-2023-2855.patch Normal file
View File

@ -0,0 +1,103 @@
From 0181fafb2134a177328443a60b5e29c4ee1041cb Mon Sep 17 00:00:00 2001
From: Guy Harris <gharris@sonic.net>
Date: Tue, 16 May 2023 12:05:07 -0700
Subject: [PATCH] candump: check for a too-long frame length.
If the frame length is longer than the maximum, report an error in the
file.
Fixes #19062, preventing the overflow on a buffer on the stack (assuming
your compiler doesn't call a bounds-checknig version of memcpy() if the
size of the target space is known).
---
wiretap/candump.c | 39 +++++++++++++++++++++++++++++++--------
1 file changed, 31 insertions(+), 8 deletions(-)
diff --git a/wiretap/candump.c b/wiretap/candump.c
index 62f89e7b564..43863b45cf7 100644
--- a/wiretap/candump.c
+++ b/wiretap/candump.c
@@ -34,8 +34,9 @@ void register_candump(void);
wtap_rec *rec, Buffer *buf,
int *err, gchar **err_info);
-static void
-candump_write_packet(wtap_rec *rec, Buffer *buf, const msg_t *msg)
+static gboolean
+candump_write_packet(wtap_rec *rec, Buffer *buf, const msg_t *msg, int *err,
+ gchar **err_info)
{
static const char *can_proto_name = "can-hostendian";
static const char *canfd_proto_name = "canfd";
@@ -56,6 +57,18 @@ candump_write_packet(wtap_rec *rec, Buffer *buf, const msg_t *msg)
{
canfd_frame_t canfd_frame = {0};
+ /*
+ * There's a maximum of CANFD_MAX_DLEN bytes in a CAN-FD frame.
+ */
+ if (msg->data.length > CANFD_MAX_DLEN) {
+ *err = WTAP_ERR_BAD_FILE;
+ if (err_info != NULL) {
+ *err_info = g_strdup_printf("candump: File has %u-byte CAN FD packet, bigger than maximum of %u",
+ msg->data.length, CANFD_MAX_DLEN);
+ }
+ return FALSE;
+ }
+
canfd_frame.can_id = msg->id;
canfd_frame.flags = msg->flags;
canfd_frame.len = msg->data.length;
@@ -67,6 +80,18 @@ candump_write_packet(wtap_rec *rec, Buffer *buf, const msg_t *msg)
{
can_frame_t can_frame = {0};
+ /*
+ * There's a maximum of CAN_MAX_DLEN bytes in a CAN frame.
+ */
+ if (msg->data.length > CAN_MAX_DLEN) {
+ *err = WTAP_ERR_BAD_FILE;
+ if (err_info != NULL) {
+ *err_info = g_strdup_printf("candump: File has %u-byte CAN packet, bigger than maximum of %u",
+ msg->data.length, CAN_MAX_DLEN);
+ }
+ return FALSE;
+ }
+
can_frame.can_id = msg->id;
can_frame.can_dlc = msg->data.length;
memcpy(can_frame.data, msg->data.data, msg->data.length);
@@ -82,6 +107,8 @@ candump_write_packet(wtap_rec *rec, Buffer *buf, const msg_t *msg)
rec->rec_header.packet_header.caplen = packet_length;
rec->rec_header.packet_header.len = packet_length;
+
+ return TRUE;
}
static gboolean
@@ -188,9 +215,7 @@ candump_read(wtap *wth, wtap_rec *rec, Buffer *buf, int *err, gchar **err_info,
ws_debug_printf("%s: Stopped at offset %" PRIi64 "\n", G_STRFUNC, file_tell(wth->fh));
#endif
- candump_write_packet(rec, buf, &msg);
-
- return TRUE;
+ return candump_write_packet(rec, buf, &msg, err, err_info);
}
static gboolean
@@ -214,9 +239,7 @@ candump_seek_read(wtap *wth , gint64 seek_off, wtap_rec *rec,
if (!candump_parse(wth->random_fh, &msg, NULL, err, err_info))
return FALSE;
- candump_write_packet(rec, buf, &msg);
-
- return TRUE;
+ return candump_write_packet(rec, buf, &msg, err, err_info);
}
/*
--
GitLab

41
SOURCES/wireshark-0017-CVE-19623.patch
View File

@ -1,41 +0,0 @@
diff --git a/epan/dissectors/packet-lbmpdm.c b/epan/dissectors/packet-lbmpdm.c
index 0df59329fd..16001b859c 100644
--- a/epan/dissectors/packet-lbmpdm.c
+++ b/epan/dissectors/packet-lbmpdm.c
@@ -12,6 +12,7 @@
#include "config.h"
#include <epan/packet.h>
+#include <epan/exceptions.h>
#include "packet-lbm.h"
/* Magic number for message header to check if data is big-endian or little-endian. */
@@ -837,7 +838,6 @@ static int dissect_segment_ofstable(tvbuff_t * tvb, int offset, packet_info * pi
proto_tree * subtree = NULL;
int datalen = 0;
int seglen = 0;
- int datalen_remaining = 0;
int ofs = 0;
int field_count = 0;
int idx;
@@ -862,9 +862,8 @@ static int dissect_segment_ofstable(tvbuff_t * tvb, int offset, packet_info * pi
id_list[idx] = -1;
ofs_list[idx] = -1;
}
- datalen_remaining = datalen;
ofs = offset + L_LBMPDM_SEG_HDR_T;
- for (idx = 0; (idx < field_count) && (datalen_remaining >= L_LBMPDM_OFFSET_ENTRY_T); idx++, ofs += L_LBMPDM_OFFSET_ENTRY_T)
+ for (idx = 0; idx < field_count; idx++, ofs += L_LBMPDM_OFFSET_ENTRY_T)
{
proto_item * offset_item = NULL;
proto_tree * offset_tree = NULL;
@@ -875,6 +874,9 @@ static int dissect_segment_ofstable(tvbuff_t * tvb, int offset, packet_info * pi
id_list[idx] = (gint32)lbmpdm_fetch_uint32_encoded(tvb, ofs + O_LBMPDM_OFFSET_ENTRY_T_ID, encoding);
proto_tree_add_item(offset_tree, hf_lbmpdm_offset_entry_offset, tvb, ofs + O_LBMPDM_OFFSET_ENTRY_T_OFFSET, L_LBMPDM_OFFSET_ENTRY_T_OFFSET, encoding);
ofs_list[idx] = (gint32)lbmpdm_fetch_uint32_encoded(tvb, ofs + O_LBMPDM_OFFSET_ENTRY_T_OFFSET, encoding);
+ if (id_list[idx] < 0 || ofs_list[idx] < 0) {
+ THROW(ReportedBoundsError);
+ }
if (id_list[idx] > max_index)
{
max_index = id_list[idx];

98
SOURCES/wireshark-0017-cve-2023-2952.patch Normal file
View File

@ -0,0 +1,98 @@
From e18d0e369729b0fff5f76f41cbae67e97c2e52e5 Mon Sep 17 00:00:00 2001
From: Gerald Combs <gerald@wireshark.org>
Date: Tue, 23 May 2023 13:52:03 -0700
Subject: [PATCH] XRA: Fix an infinite loop
C compilers don't care what size a value was on the wire. Use
naturally-sized ints, including in dissect_message_channel_mb where we
would otherwise overflow and loop infinitely.
Fixes #19100
(cherry picked from commit ce87eac0325581b600b3093fcd75080df14ccfda)
Conflicts:
epan/dissectors/packet-xra.c
---
epan/dissectors/packet-xra.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/epan/dissectors/packet-xra.c b/epan/dissectors/packet-xra.c
index ef8437e9382..4c3713db94b 100644
--- a/epan/dissectors/packet-xra.c
+++ b/epan/dissectors/packet-xra.c
@@ -445,7 +445,7 @@ dissect_xra_tlv_cw_info(tvbuff_t * tvb, proto_tree * tree, void* data _U_, guint
it = proto_tree_add_item (tree, hf_xra_tlv_cw_info, tvb, 0, tlv_length, ENC_NA);
xra_tlv_cw_info_tree = proto_item_add_subtree (it, ett_xra_tlv_cw_info);
- guint32 tlv_index =0;
+ unsigned tlv_index = 0;
while (tlv_index < tlv_length) {
guint8 type = tvb_get_guint8 (tvb, tlv_index);
++tlv_index;
@@ -500,7 +500,7 @@ dissect_xra_tlv_ms_info(tvbuff_t * tvb, proto_tree * tree, void* data _U_, guint
it = proto_tree_add_item (tree, hf_xra_tlv_ms_info, tvb, 0, tlv_length, ENC_NA);
xra_tlv_ms_info_tree = proto_item_add_subtree (it, ett_xra_tlv_ms_info);
- guint32 tlv_index =0;
+ unsigned tlv_index = 0;
while (tlv_index < tlv_length) {
guint8 type = tvb_get_guint8 (tvb, tlv_index);
++tlv_index;
@@ -534,7 +534,7 @@ dissect_xra_tlv_burst_info(tvbuff_t * tvb, proto_tree * tree, void* data _U_, gu
it = proto_tree_add_item (tree, hf_xra_tlv_burst_info, tvb, 0, tlv_length, ENC_NA);
xra_tlv_burst_info_tree = proto_item_add_subtree (it, ett_xra_tlv_burst_info);
- guint32 tlv_index =0;
+ unsigned tlv_index = 0;
while (tlv_index < tlv_length) {
guint8 type = tvb_get_guint8 (tvb, tlv_index);
++tlv_index;
@@ -574,7 +574,7 @@ dissect_xra_tlv(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree, void* da
it = proto_tree_add_item (tree, hf_xra_tlv, tvb, 0, tlv_length, ENC_NA);
xra_tlv_tree = proto_item_add_subtree (it, ett_xra_tlv);
- guint32 tlv_index =0;
+ unsigned tlv_index = 0;
tvbuff_t *xra_tlv_cw_info_tvb, *xra_tlv_ms_info_tvb, *xra_tlv_burst_info_tvb;
while (tlv_index < tlv_length) {
@@ -718,7 +718,7 @@ dissect_message_channel_mb(tvbuff_t * tvb, packet_info * pinfo, proto_tree* tree
if(packet_start_pointer_field_present) {
proto_tree_add_item_ret_uint (tree, hf_plc_mb_mc_psp, tvb, 1, 2, FALSE, &packet_start_pointer);
- guint16 docsis_start = 3 + packet_start_pointer;
+ unsigned docsis_start = 3 + packet_start_pointer;
while (docsis_start + 6 < remaining_length) {
/*DOCSIS header in packet*/
guint8 fc = tvb_get_guint8(tvb,docsis_start + 0);
@@ -727,7 +727,7 @@ dissect_message_channel_mb(tvbuff_t * tvb, packet_info * pinfo, proto_tree* tree
docsis_start += 1;
continue;
}
- guint16 docsis_length = 256*tvb_get_guint8(tvb,docsis_start + 2) + tvb_get_guint8(tvb,docsis_start + 3);
+ unsigned docsis_length = 256*tvb_get_guint8(tvb,docsis_start + 2) + tvb_get_guint8(tvb,docsis_start + 3);
if (docsis_start + 6 + docsis_length <= remaining_length) {
/*DOCSIS packet included in packet*/
tvbuff_t *docsis_tvb;
@@ -797,7 +797,7 @@ dissect_ncp_message_block(tvbuff_t * tvb, proto_tree * tree) {
static int
dissect_plc(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree, void* data _U_) {
- guint16 offset = 0;
+ int offset = 0;
proto_tree *plc_tree;
proto_item *plc_item;
tvbuff_t *mb_tvb;
@@ -857,7 +857,7 @@ dissect_plc(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree, void* data _
static int
dissect_ncp(tvbuff_t * tvb, proto_tree * tree, void* data _U_) {
- guint16 offset = 0;
+ int offset = 0;
proto_tree *ncp_tree;
proto_item *ncp_item;
tvbuff_t *ncp_mb_tvb;
--
GitLab

17
SOURCES/wireshark-0018-CVE-19624.patch
View File

@ -1,17 +0,0 @@
diff --git a/epan/dissectors/packet-pvfs2.c b/epan/dissectors/packet-pvfs2.c
index e2b61bef7a..1c1012ceca 100644
--- a/epan/dissectors/packet-pvfs2.c
+++ b/epan/dissectors/packet-pvfs2.c
@@ -2314,6 +2314,12 @@ dissect_pvfs2_getconfig_response(tvbuff_t *tvb, proto_tree *parent_tree,
/* Get pointer to server config data */
ptr = tvb_get_ptr(tvb, offset, total_config_bytes);
+ if (!ptr)
+ {
+ /* Not enough data. Bail out. */
+ return offset;
+ }
+
/* Check if all data is available */
length_remaining = tvb_captured_length_remaining(tvb, offset);

19
SOURCES/wireshark-0019-CVE-19625.patch
View File

@ -1,19 +0,0 @@
diff --git a/epan/tvbuff_composite.c b/epan/tvbuff_composite.c
index 5832477f81..e5ab7c8b17 100644
--- a/epan/tvbuff_composite.c
+++ b/epan/tvbuff_composite.c
@@ -51,12 +51,9 @@ composite_free(tvbuff_t *tvb)
}
static guint
-composite_offset(const tvbuff_t *tvb, const guint counter)
+composite_offset(const tvbuff_t *tvb _U_, const guint counter)
{
- const struct tvb_composite *composite_tvb = (const struct tvb_composite *) tvb;
- const tvbuff_t *member = (const tvbuff_t *)composite_tvb->composite.tvbs->data;
-
- return tvb_offset_from_real_beginning_counter(member, counter);
+ return counter;
}
static const guint8*

16
SOURCES/wireshark-0020-CVE-19626.patch
View File

@ -1,16 +0,0 @@
diff --git a/epan/dissectors/packet-dcom.c b/epan/dissectors/packet-dcom.c
index d12216a767..79cf6a6009 100644
--- a/epan/dissectors/packet-dcom.c
+++ b/epan/dissectors/packet-dcom.c
@@ -1725,8 +1725,10 @@ dissect_dcom_BSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, di, drep,
&u32ArraySize);
- if ((guint32)offset + u32ArraySize*2 > G_MAXINT)
+ if ((guint32)offset + u32ArraySize*2 > G_MAXINT) {
+ pszStr[0] = 0;
return offset;
+ }
realOffset = offset + u32ArraySize*2;

17
SOURCES/wireshark-0021-CVE-19627.patch
View File

@ -1,17 +0,0 @@
diff --git a/wiretap/vwr.c b/wiretap/vwr.c
index 8725ba9c3c..173614ec34 100644
--- a/wiretap/vwr.c
+++ b/wiretap/vwr.c
@@ -2155,9 +2155,10 @@ static gboolean vwr_read_s3_W_rec(vwr_t *vwr, wtap_rec *record,
end_time = e_time / NS_IN_US; /* convert to microseconds first */
/* extract the 32 LSBs of the signature timestamp field */
- m_ptr = &(rec[stats_offset+8+12]);
+ int m_ptr_offset = stats_offset + 8 + 12;
+ m_ptr = rec + m_ptr_offset;
pay_off = 42; /* 24 (MAC) + 8 (SNAP) + IP */
- sig_off = find_signature(m_ptr, rec_size - 20, pay_off, flow_id, flow_seq);
+ sig_off = find_signature(m_ptr, rec_size - m_ptr_offset, pay_off, flow_id, flow_seq);
if (m_ptr[sig_off] == 0xdd)
sig_ts = get_signature_ts(m_ptr, sig_off, rec_size - vVW510021_W_STATS_TRAILER_LEN);
else

17
SOURCES/wireshark-0022-CVE-19628.patch
View File

@ -1,17 +0,0 @@
diff --git a/epan/dissectors/packet-zbee-zcl-lighting.c b/epan/dissectors/packet-zbee-zcl-lighting.c
index 2f8d880447..4757c272ce 100644
--- a/epan/dissectors/packet-zbee-zcl-lighting.c
+++ b/epan/dissectors/packet-zbee-zcl-lighting.c
@@ -876,7 +876,11 @@ decode_color_xy(gchar *s, guint16 value)
static void
decode_color_temperature(gchar *s, guint16 value)
{
- g_snprintf(s, ITEM_LABEL_LENGTH, "%d [Mired] (%d [K])", value, 1000000/value);
+ if (value == 0) {
+ g_snprintf(s, ITEM_LABEL_LENGTH, "%u [Mired]", value);
+ } else {
+ g_snprintf(s, ITEM_LABEL_LENGTH, "%u [Mired] (%u [K])", value, 1000000/value);
+ }
return;
} /*decode_power_conf_voltage*/

10
SOURCES/wireshark-0023-desktop-file.patch
View File

@ -1,10 +0,0 @@
diff --git a/wireshark.desktop b/wireshark.desktop
index 9b7339b..cfc787a 100644
--- a/wireshark.desktop
+++ b/wireshark.desktop
@@ -108,4 +108,4 @@ Terminal=false
MimeType=application/vnd.tcpdump.pcap;application/x-pcapng;application/x-snoop;application/x-iptrace;application/x-lanalyzer;application/x-nettl;application/x-radcom;application/x-etherpeek;application/x-visualnetworks;application/x-netinstobserver;application/x-5view;application/x-tektronix-rf5;application/x-micropross-mplog;application/x-apple-packetlogger;application/x-endace-erf;application/ipfix;application/x-ixia-vwr;
# Category entry according to:
# http://standards.freedesktop.org/menu-spec/1.0/
-Categories=Application;Network;Monitor;Qt;
+Categories=Network;Monitor;Qt;

114
SOURCES/wireshark-0024-covscan.patch
View File

@ -1,114 +0,0 @@
diff --git a/tshark.c b/tshark.c
index 00c28db781..e02b61b663 100644
--- a/tshark.c
+++ b/tshark.c
@@ -1977,10 +1977,10 @@ real_main(int argc, char *argv[])
/* Activate the export PDU tap */
comment = g_strdup_printf("Dump of PDUs from %s", cf_name);
err = exp_pdu_open(&exp_pdu_tap_data, exp_fd, comment);
+ g_free(comment);
if (err != 0) {
cfile_dump_open_failure_message("TShark", exp_pdu_filename, err,
WTAP_FILE_TYPE_SUBTYPE_PCAPNG);
- g_free(comment);
exit_status = INVALID_EXPORT;
goto clean_exit;
}
diff --git a/ui/export_pdu_ui_utils.c b/ui/export_pdu_ui_utils.c
index a567a61991..c9e40b7a24 100644
--- a/ui/export_pdu_ui_utils.c
+++ b/ui/export_pdu_ui_utils.c
@@ -43,8 +43,8 @@ exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data)
comment = g_strdup_printf("Dump of PDUs from %s", cfile.filename);
err = exp_pdu_open(exp_pdu_tap_data, import_file_fd, comment);
+ g_free(comment);
if (err != 0) {
- g_free(comment);
cfile_dump_open_failure_alert_box(capfile_name ? capfile_name : "temporary file",
err, WTAP_FILE_TYPE_SUBTYPE_PCAPNG);
goto end;
diff --git a/ui/tap_export_pdu.c b/ui/tap_export_pdu.c
index 25232f0452..d3302a5aca 100644
--- a/ui/tap_export_pdu.c
+++ b/ui/tap_export_pdu.c
@@ -82,7 +82,7 @@ export_pdu_packet(void *tapdata, packet_info *pinfo, epan_dissect_t *edt, const
}
int
-exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int fd, char *comment)
+exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int fd, const char *comment)
{
int err;
@@ -103,7 +103,6 @@ exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int fd, char *comment)
/* options */
wtap_block_add_string_option(shb_hdr, OPT_COMMENT, comment, strlen(comment));
- g_free(comment);
/*
* UTF-8 string containing the name of the operating system used to create
diff --git a/ui/tap_export_pdu.h b/ui/tap_export_pdu.h
index ea5c4077e1..9ae2dea65f 100644
--- a/ui/tap_export_pdu.h
+++ b/ui/tap_export_pdu.h
@@ -41,7 +41,7 @@ char *exp_pdu_pre_open(const char *tap_name, const char *filter,
*
* @return 0 on success or a wtap error code.
*/
-int exp_pdu_open(exp_pdu_t *data, int fd, char *comment);
+int exp_pdu_open(exp_pdu_t *data, int fd, const char *comment);
/* Stops the PDUs export. */
int exp_pdu_close(exp_pdu_t *exp_pdu_tap_data);
diff --git a/ui/cli/tap-wspstat.c b/ui/cli/tap-wspstat.c
index 22862cdaf8..fd6f3ad427 100644
--- a/ui/cli/tap-wspstat.c
+++ b/ui/cli/tap-wspstat.c
@@ -252,9 +252,9 @@ wspstat_init(const char *opt_arg, void *userdata _U_)
/* error, we failed to attach to the tap. clean up */
g_free(sp->pdu_stats);
g_free(sp->filter);
- g_free(sp);
g_hash_table_foreach( sp->hash, (GHFunc) wsp_free_hash_table, NULL ) ;
g_hash_table_destroy( sp->hash );
+ g_free(sp);
fprintf(stderr, "tshark: Couldn't register wsp,stat tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
diff --git a/epan/dissectors/packet-isobus-vt.c b/epan/dissectors/packet-isobus-vt.c
index 1f9fa98..79f1c1f 100644
--- a/epan/dissectors/packet-isobus-vt.c
+++ b/epan/dissectors/packet-isobus-vt.c
@@ -1546,16 +1546,8 @@ dissect_vt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, enum vt_directio
}
else
{
- if(status == 0)
- {
- col_append_fstr(pinfo->cinfo, COL_INFO, "Status of Auxiliary Input %s was successfully changed to enabled",
- get_object_id_string(auxiliary_input_object_id));
- }
- else
- {
- col_append_fstr(pinfo->cinfo, COL_INFO, "Status of Auxiliary Input %s was successfully changed to enabled",
- get_object_id_string(auxiliary_input_object_id));
- }
+ col_append_fstr(pinfo->cinfo, COL_INFO, "Status of Auxiliary Input %s was successfully changed to enabled",
+ get_object_id_string(auxiliary_input_object_id));
}
}
}
diff --git a/epan/dfilter/dfilter.c b/epan/dfilter/dfilter.c
index a975f84..3e440b3 100644
--- a/epan/dfilter/dfilter.c
+++ b/epan/dfilter/dfilter.c
@@ -221,6 +221,7 @@ dfilter_compile(const gchar *text, dfilter_t **dfp, gchar **err_msg)
}
if ( !( expanded_text = dfilter_macro_apply(text, err_msg) ) ) {
+ *dfp = NULL;
return FALSE;
}

33
SOURCES/wireshark-0025-drop-count.patch
View File

@ -1,33 +0,0 @@
diff --git a/wiretap/pcapng.c b/wiretap/pcapng.c
index 7b398cf..91fd9b8 100644
--- a/wiretap/pcapng.c
+++ b/wiretap/pcapng.c
@@ -3230,6 +3230,10 @@ pcapng_write_enhanced_packet_block(wtap_dumper *wdh, const wtap_rec *rec,
have_options = TRUE;
options_total_length = options_total_length + 8;
}
+ if (rec->presence_flags & WTAP_HAS_DROP_COUNT) {
+ have_options = TRUE;
+ options_total_length = options_total_length + 12;
+ }
if (have_options) {
/* End-of options tag */
options_total_length += 4;
@@ -3353,6 +3357,17 @@ pcapng_write_enhanced_packet_block(wtap_dumper *wdh, const wtap_rec *rec,
wdh->bytes_dumped += 4;
pcapng_debug("pcapng_write_enhanced_packet_block: Wrote Options packet flags: %x", rec->rec_header.packet_header.pack_flags);
}
+ if (rec->presence_flags & WTAP_HAS_DROP_COUNT) {
+ option_hdr.type = OPT_EPB_DROPCOUNT;
+ option_hdr.value_length = 8;
+ if (!wtap_dump_file_write(wdh, &option_hdr, 4, err))
+ return FALSE;
+ wdh->bytes_dumped += 4;
+ if (!wtap_dump_file_write(wdh, &rec->rec_header.packet_header.drop_count, 8, err))
+ return FALSE;
+ wdh->bytes_dumped += 8;
+ pcapng_debug("pcapng_write_enhanced_packet_block: Wrote Options drop count: %" G_GINT64_MODIFIER "u", rec->rec_header.packet_header.drop_count);
+ }
/* Write end of options if we have options */
if (have_options) {
if (!wtap_dump_file_write(wdh, &zero_pad, 4, err))

875
SOURCES/wireshark-0026-mptcp.patch
View File

@ -1,875 +0,0 @@
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index 36e8afb2a3..73f4a2647a 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -285,7 +285,9 @@ static int hf_mptcp_analysis_subflows_stream_id = -1;
static int hf_mptcp_analysis_subflows = -1;
static int hf_mptcp_number_of_removed_addresses = -1;
static int hf_mptcp_related_mapping = -1;
-static int hf_mptcp_duplicated_data = -1;
+static int hf_mptcp_reinjection_of = -1;
+static int hf_mptcp_reinjected_in = -1;
+
static int hf_tcp_option_fast_open_cookie_request = -1;
static int hf_tcp_option_fast_open_cookie = -1;
@@ -1455,8 +1457,8 @@ mptcp_init_subflow(tcp_flow_t *flow)
DISSECTOR_ASSERT(flow->mptcp_subflow == 0);
flow->mptcp_subflow = sf;
- sf->mappings = wmem_itree_new(wmem_file_scope());
- sf->dsn_map = wmem_itree_new(wmem_file_scope());
+ sf->ssn2dsn_mappings = wmem_itree_new(wmem_file_scope());
+ sf->dsn2packet_map = wmem_itree_new(wmem_file_scope());
}
@@ -2607,13 +2609,13 @@ guint64 rawdsn64low, guint64 rawdsn64high
mptcp_dsn2packet_mapping_t *packet = NULL;
proto_item *item = NULL;
- results = wmem_itree_find_intervals(subflow->mappings,
+ results = wmem_itree_find_intervals(subflow->dsn2packet_map,
wmem_packet_scope(),
rawdsn64low,
rawdsn64high
);
- for(packet_it=wmem_list_head(results);
+ for(packet_it = wmem_list_head(results);
packet_it != NULL;
packet_it = wmem_list_frame_next(packet_it))
{
@@ -2621,43 +2623,18 @@ guint64 rawdsn64low, guint64 rawdsn64high
packet = (mptcp_dsn2packet_mapping_t *) wmem_list_frame_data(packet_it);
DISSECTOR_ASSERT(packet);
- item = proto_tree_add_uint(tree, hf_mptcp_duplicated_data, tvb, 0, 0, packet->frame);
+ if(pinfo->num > packet->frame) {
+ item = proto_tree_add_uint(tree, hf_mptcp_reinjection_of, tvb, 0, 0, packet->frame);
+ }
+ else {
+ item = proto_tree_add_uint(tree, hf_mptcp_reinjected_in, tvb, 0, 0, packet->frame);
+ }
PROTO_ITEM_SET_GENERATED(item);
}
return packet;
}
-/* Finds mappings that cover the sent data */
-static mptcp_dss_mapping_t *
-mptcp_add_matching_dss_on_subflow(packet_info *pinfo _U_, proto_tree *tree, tvbuff_t *tvb, struct mptcp_subflow *subflow,
-guint32 relseq, guint32 seglen
-)
-{
- wmem_list_t *results = NULL;
- wmem_list_frame_t *dss_it = NULL;
- mptcp_dss_mapping_t *mapping = NULL;
- proto_item *item = NULL;
-
- results = wmem_itree_find_intervals(subflow->mappings,
- wmem_packet_scope(),
- relseq,
- (seglen) ? relseq + seglen - 1 : relseq
- );
-
- for(dss_it=wmem_list_head(results);
- dss_it!= NULL;
- dss_it= wmem_list_frame_next(dss_it))
- {
- mapping = (mptcp_dss_mapping_t *) wmem_list_frame_data(dss_it);
- DISSECTOR_ASSERT(mapping);
-
- item = proto_tree_add_uint(tree, hf_mptcp_related_mapping, tvb, 0, 0, mapping->frame);
- PROTO_ITEM_SET_GENERATED(item);
- }
-
- return mapping;
-}
/* Lookup mappings that describe the packet and then converts the tcp seq number
* into the MPTCP Data Sequence Number (DSN)
@@ -2698,13 +2675,29 @@ mptcp_analysis_dsn_lookup(packet_info *pinfo , tvbuff_t *tvb,
rawdsn = tcpd->fwd->mptcp_subflow->meta->base_dsn;
convert = DSN_CONV_NONE;
}
+ /* if it's a non-syn packet without data (just used to convey TCP options)
+ * then there would be no mappings */
+ else if(relseq == 1 && tcph->th_seglen == 0) {
+ rawdsn = tcpd->fwd->mptcp_subflow->meta->base_dsn + 1;
+ convert = DSN_CONV_NONE;
+ }
else {
- /* display packets that conveyed the mappings covering the data range */
- mapping = mptcp_add_matching_dss_on_subflow(pinfo, parent_tree, tvb,
- tcpd->fwd->mptcp_subflow, relseq,
- (tcph->th_have_seglen) ? tcph->th_seglen : 0
- );
- if(mapping == NULL) {
+
+ wmem_list_frame_t *dss_it = NULL;
+ wmem_list_t *results = NULL;
+ guint32 ssn_low = relseq;
+ guint32 seglen = tcph->th_seglen;
+
+ results = wmem_itree_find_intervals(tcpd->fwd->mptcp_subflow->ssn2dsn_mappings,
+ wmem_packet_scope(),
+ ssn_low,
+ (seglen) ? ssn_low + seglen - 1 : ssn_low
+ );
+ dss_it = wmem_list_head(results); /* assume it's always ok */
+ if(dss_it) {
+ mapping = (mptcp_dss_mapping_t *) wmem_list_frame_data(dss_it);
+ }
+ if(dss_it == NULL || mapping == NULL) {
expert_add_info(pinfo, parent_tree, &ei_mptcp_mapping_missing);
return;
}
@@ -2713,6 +2706,19 @@ mptcp_analysis_dsn_lookup(packet_info *pinfo , tvbuff_t *tvb,
}
DISSECTOR_ASSERT(mapping);
+ if(seglen) {
+ /* Finds mappings that cover the sent data and adds them to the dissection tree */
+ for(dss_it = wmem_list_head(results);
+ dss_it != NULL;
+ dss_it = wmem_list_frame_next(dss_it))
+ {
+ mapping = (mptcp_dss_mapping_t *) wmem_list_frame_data(dss_it);
+ DISSECTOR_ASSERT(mapping);
+
+ item = proto_tree_add_uint(parent_tree, hf_mptcp_related_mapping, tvb, 0, 0, mapping->frame);
+ PROTO_ITEM_SET_GENERATED(item);
+ }
+ }
convert = (mapping->extended_dsn) ? DSN_CONV_NONE : DSN_CONV_32_TO_64;
DISSECTOR_ASSERT(mptcp_map_relssn_to_rawdsn(mapping, relseq, &rawdsn));
@@ -2732,39 +2738,40 @@ mptcp_analysis_dsn_lookup(packet_info *pinfo , tvbuff_t *tvb,
proto_item_append_text(item, " (Relative)");
}
- /* register */
- if (!PINFO_FD_VISITED(pinfo))
- {
- mptcp_dsn2packet_mapping_t *packet;
- packet = wmem_new0(wmem_file_scope(), mptcp_dsn2packet_mapping_t);
- packet->frame = pinfo->fd->num;
- packet->subflow = tcpd;
-
- /* tcph->th_mptcp->mh_rawdsn64 */
- if (tcph->th_have_seglen) {
- wmem_itree_insert(tcpd->fwd->mptcp_subflow->dsn_map,
+ /* register dsn->packet mapping */
+ if(mptcp_intersubflows_retransmission
+ && !PINFO_FD_VISITED(pinfo)
+ && tcph->th_seglen > 0
+ ) {
+ mptcp_dsn2packet_mapping_t *packet = 0;
+ packet = wmem_new0(wmem_file_scope(), mptcp_dsn2packet_mapping_t);
+ packet->frame = pinfo->fd->num;
+ packet->subflow = tcpd;
+
+ wmem_itree_insert(tcpd->fwd->mptcp_subflow->dsn2packet_map,
tcph->th_mptcp->mh_rawdsn64,
tcph->th_mptcp->mh_rawdsn64 + (tcph->th_seglen - 1 ),
packet
);
- }
}
PROTO_ITEM_SET_GENERATED(item);
/* We can do this only if rawdsn64 is valid !
if enabled, look for overlapping mappings on other subflows */
- if(mptcp_intersubflows_retransmission) {
+ if(mptcp_intersubflows_retransmission
+ && tcph->th_have_seglen
+ && tcph->th_seglen) {
wmem_list_frame_t *subflow_it = NULL;
- /* results should be some kind of in case 2 DSS are needed to cover this packet */
+ /* results should be some kind of list in case 2 DSS are needed to cover this packet */
for(subflow_it = wmem_list_head(mptcpd->subflows); subflow_it != NULL; subflow_it = wmem_list_frame_next(subflow_it)) {
struct tcp_analysis *sf_tcpd = (struct tcp_analysis *)wmem_list_frame_data(subflow_it);
struct mptcp_subflow *sf = mptcp_select_subflow_from_meta(sf_tcpd, tcpd->fwd->mptcp_subflow->meta);
/* for current subflow */
if (sf == tcpd->fwd->mptcp_subflow) {
- /* skip, was done just before */
+ /* skip, this is the current subflow */
}
/* in case there were retransmissions on other subflows */
else {
@@ -2776,7 +2783,7 @@ mptcp_analysis_dsn_lookup(packet_info *pinfo , tvbuff_t *tvb,
}
}
else {
- /* ignore and continue */
+ /* could not get the rawdsn64, ignore and continue */
}
}
@@ -4590,7 +4597,6 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
if (!PINFO_FD_VISITED(pinfo))
{
-
/* register SSN range described by the mapping into a subflow interval_tree */
mptcp_dss_mapping_t *mapping = NULL;
mapping = wmem_new0(wmem_file_scope(), mptcp_dss_mapping_t);
@@ -4601,7 +4607,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
mapping->ssn_low = mph->mh_dss_ssn;
mapping->ssn_high = mph->mh_dss_ssn + mph->mh_dss_length-1;
- wmem_itree_insert(tcpd->fwd->mptcp_subflow->mappings,
+ wmem_itree_insert(tcpd->fwd->mptcp_subflow->ssn2dsn_mappings,
mph->mh_dss_ssn,
mapping->ssn_high,
mapping
@@ -7564,15 +7570,19 @@ proto_register_tcp(void)
"This frame has some of the MPTCP analysis shown", HFILL }},
{ &hf_mptcp_related_mapping,
- { "Related mapping", "mptcp.related_mapping", FT_FRAMENUM , BASE_NONE, NULL, 0x0,
- "Packet in which mapping describing current packet was sent", HFILL }},
+ { "Related mapping", "mptcp.related_mapping", FT_FRAMENUM , BASE_NONE, NULL, 0x0,
+ "Packet in which current packet DSS mapping was sent", HFILL }},
+
+ { &hf_mptcp_reinjection_of,
+ { "Reinjection of", "mptcp.reinjection_of", FT_FRAMENUM , BASE_NONE, NULL, 0x0,
+ "This is a retransmission of data sent on another subflow", HFILL }},
- { &hf_mptcp_duplicated_data,
- { "Was data duplicated", "mptcp.duplicated_dsn", FT_FRAMENUM , BASE_NONE, NULL, 0x0,
+ { &hf_mptcp_reinjected_in,
+ { "Data reinjected in", "mptcp.reinjected_in", FT_FRAMENUM , BASE_NONE, NULL, 0x0,
"This was retransmitted on another subflow", HFILL }},
{ &hf_mptcp_analysis_subflows,
- { "TCP subflow stream id(s):", "mptcp.analysis.subflows", FT_NONE, BASE_NONE, NULL, 0x0,
+ { "TCP subflow stream id(s):", "mptcp.analysis.subflows", FT_NONE, BASE_NONE, NULL, 0x0,
"List all TCP connections mapped to this MPTCP connection", HFILL }},
{ &hf_mptcp_stream,
@@ -7752,13 +7762,16 @@ proto_register_tcp(void)
&mptcp_relative_seq);
prefs_register_bool_preference(mptcp_module, "analyze_mappings",
- "In depth analysis of Data Sequence Signal (DSS) mappings.",
+ "Deeper analysis of Data Sequence Signal (DSS)",
+ "Scales logarithmically with the number of packets"
"You need to capture the handshake for this to work."
"\"Map TCP subflows to their respective MPTCP connections\"",
&mptcp_analyze_mappings);
prefs_register_bool_preference(mptcp_module, "intersubflows_retransmission",
"Check for data duplication across subflows",
+ "(Greedy algorithm: Scales linearly with number of subflows and"
+ " logarithmic scaling with number of packets)"
"You need to enable DSS mapping analysis for this option to work",
&mptcp_intersubflows_retransmission);
diff --git a/epan/dissectors/packet-tcp.h b/epan/dissectors/packet-tcp.h
index 7f84351ade..c1811fa049 100644
--- a/epan/dissectors/packet-tcp.h
+++ b/epan/dissectors/packet-tcp.h
@@ -257,15 +257,16 @@ struct mptcp_subflow {
guint8 address_id; /* sent during an MP_JOIN */
- /* Attempt to map DSN to packets
- * Ideally this was to generate application latency
- * each node contains a GSList * ?
- * this should be done in tap or 3rd party tools
+ /* map DSN to packets
+ * Used when looking for reinjections across subflows
*/
- wmem_itree_t *dsn_map;
+ wmem_itree_t *dsn2packet_map;
- /* Map SSN to a DSS mappings, each node registers a mptcp_dss_mapping_t */
- wmem_itree_t *mappings;
+ /* Map SSN to a DSS mappings
+ * a DSS can map DSN to SSNs possibily over several packets,
+ * hence some packets may have been mapped by previous DSS,
+ * whence the necessity to be able to look for SSN -> DSN */
+ wmem_itree_t *ssn2dsn_mappings;
/* meta flow to which it is attached. Helps setting forward and backward meta flow */
mptcp_meta_flow_t *meta;
};
diff --git a/epan/wmem/wmem_interval_tree.c b/epan/wmem/wmem_interval_tree.c
index d52267de18..48888996b7 100644
--- a/epan/wmem/wmem_interval_tree.c
+++ b/epan/wmem/wmem_interval_tree.c
@@ -121,7 +121,7 @@ wmem_itree_insert(wmem_itree_t *tree, const guint64 low, const guint64 high, voi
node = wmem_tree_insert(tree, range, data, (compare_func)wmem_tree_compare_ranges);
/* Even If no rotations, still a need to update max_edge */
- update_max_edge(node);
+ update_max_edge(node->parent);
}
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index 74e9b6b10c..efcfa005af 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -4361,6 +4361,35 @@ get_or_create_mptcpd_from_key(struct tcp_analysis* tcpd, tcp_flow_t *fwd, guint6
return mptcpd;
}
+/* record this mapping */
+static
+void analyze_mapping(struct tcp_analysis *tcpd, packet_info *pinfo, guint16 len, guint64 dsn, gboolean extended, guint32 ssn) {
+
+ /* store mapping only if analysis is enabled and mapping is not unlimited */
+ if (!mptcp_analyze_mappings || !len) {
+ return;
+ }
+
+ if (PINFO_FD_VISITED(pinfo)) {
+ return;
+ }
+
+ /* register SSN range described by the mapping into a subflow interval_tree */
+ mptcp_dss_mapping_t *mapping = NULL;
+ mapping = wmem_new0(wmem_file_scope(), mptcp_dss_mapping_t);
+
+ mapping->rawdsn = dsn;
+ mapping->extended_dsn = extended;
+ mapping->frame = pinfo->fd->num;
+ mapping->ssn_low = ssn;
+ mapping->ssn_high = ssn + len - 1;
+
+ wmem_itree_insert(tcpd->fwd->mptcp_subflow->ssn2dsn_mappings,
+ mapping->ssn_low,
+ mapping->ssn_high,
+ mapping
+ );
+}
/*
* The TCP Extensions for Multipath Operation with Multiple Addresses
@@ -4449,8 +4478,11 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
}
offset += 1;
- /* optlen == 12 => SYN or SYN/ACK; optlen == 20 => ACK */
- if (optlen == 12 || optlen == 20) {
+ /* optlen == 12 => SYN or SYN/ACK; optlen == 20 => ACK;
+ * optlen == 22 => ACK + data (v1 only);
+ * optlen == 24 => ACK + data + csum (v1 only)
+ */
+ if (optlen == 12 || optlen == 20 || optlen == 22 || optlen == 24) {
mph->mh_key = tvb_get_ntoh64(tvb,offset);
proto_tree_add_uint64(mptcp_tree, hf_tcp_option_mptcp_sender_key, tvb, offset, 8, mph->mh_key);
@@ -4468,9 +4500,10 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
PROTO_ITEM_SET_GENERATED(item);
/* last ACK of 3WHS, repeats both keys */
- if (optlen == 20) {
+ if (optlen >= 20) {
guint64 recv_key = tvb_get_ntoh64(tvb,offset);
proto_tree_add_uint64(mptcp_tree, hf_tcp_option_mptcp_recv_key, tvb, offset, 8, recv_key);
+ offset += 8;
if(tcpd->rev->mptcp_subflow->meta
&& (tcpd->rev->mptcp_subflow->meta->static_flags & MPTCP_META_HAS_KEY)) {
@@ -4484,6 +4517,26 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
mptcpd = get_or_create_mptcpd_from_key(tcpd, tcpd->rev, recv_key, mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK);
}
}
+
+ /* MPTCP v1 ACK + data, contains data_len and optional checksum */
+ if (optlen >= 22) {
+ proto_tree_add_item(mptcp_tree, hf_tcp_option_mptcp_data_lvl_len, tvb, offset, 2, ENC_BIG_ENDIAN);
+ mph->mh_dss_length = tvb_get_ntohs(tvb,offset);
+ offset += 2;
+
+ if (mph->mh_dss_length == 0) {
+ expert_add_info(pinfo, mptcp_tree, &ei_mptcp_infinite_mapping);
+ }
+
+ /* when data len is present, this MP_CAPABLE also carries an implicit mapping ... */
+ analyze_mapping(tcpd, pinfo, mph->mh_dss_length, tcpd->fwd->mptcp_subflow->meta->base_dsn + 1, TRUE, tcph->th_seq);
+
+ /* ... with optional checksum */
+ if (optlen == 24)
+ {
+ proto_tree_add_checksum(mptcp_tree, tvb, offset, hf_tcp_option_mptcp_checksum, -1, NULL, pinfo, 0, ENC_BIG_ENDIAN, PROTO_CHECKSUM_NO_FLAGS);
+ }
+ }
}
break;
@@ -4650,29 +4703,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
/* ignore and continue */
}
- /* if mapping analysis enabled and not a */
- if(mptcp_analyze_mappings && mph->mh_dss_length)
- {
-
- if (!PINFO_FD_VISITED(pinfo))
- {
- /* register SSN range described by the mapping into a subflow interval_tree */
- mptcp_dss_mapping_t *mapping = NULL;
- mapping = wmem_new0(wmem_file_scope(), mptcp_dss_mapping_t);
-
- mapping->rawdsn = mph->mh_dss_rawdsn;
- mapping->extended_dsn = (mph->mh_dss_flags & MPTCP_DSS_FLAG_DATA_ACK_8BYTES);
- mapping->frame = pinfo->fd->num;
- mapping->ssn_low = mph->mh_dss_ssn;
- mapping->ssn_high = mph->mh_dss_ssn + mph->mh_dss_length-1;
-
- wmem_itree_insert(tcpd->fwd->mptcp_subflow->ssn2dsn_mappings,
- mph->mh_dss_ssn,
- mapping->ssn_high,
- mapping
- );
- }
- }
+ analyze_mapping(tcpd, pinfo, mph->mh_dss_length, mph->mh_dss_rawdsn, mph->mh_dss_flags & MPTCP_DSS_FLAG_DATA_ACK_8BYTES, mph->mh_dss_ssn);
if ((int)optlen >= offset-start_offset+4)
{
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index efcfa005af..238b592927 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -246,7 +246,8 @@ static int hf_tcp_option_mptcp_flags = -1;
static int hf_tcp_option_mptcp_backup_flag = -1;
static int hf_tcp_option_mptcp_checksum_flag = -1;
static int hf_tcp_option_mptcp_B_flag = -1;
-static int hf_tcp_option_mptcp_H_flag = -1;
+static int hf_tcp_option_mptcp_H_v0_flag = -1;
+static int hf_tcp_option_mptcp_H_v1_flag = -1;
static int hf_tcp_option_mptcp_F_flag = -1;
static int hf_tcp_option_mptcp_m_flag = -1;
static int hf_tcp_option_mptcp_M_flag = -1;
@@ -593,10 +594,18 @@ static guint32 mptcp_stream_count;
*/
static wmem_tree_t *mptcp_tokens = NULL;
-static const int *tcp_option_mptcp_capable_flags[] = {
+static const int *tcp_option_mptcp_capable_v0_flags[] = {
&hf_tcp_option_mptcp_checksum_flag,
&hf_tcp_option_mptcp_B_flag,
- &hf_tcp_option_mptcp_H_flag,
+ &hf_tcp_option_mptcp_H_v0_flag,
+ &hf_tcp_option_mptcp_reserved_flag,
+ NULL
+};
+
+static const int *tcp_option_mptcp_capable_v1_flags[] = {
+ &hf_tcp_option_mptcp_checksum_flag,
+ &hf_tcp_option_mptcp_B_flag,
+ &hf_tcp_option_mptcp_H_v1_flag,
&hf_tcp_option_mptcp_reserved_flag,
NULL
};
@@ -2574,6 +2583,24 @@ mptcp_cryptodata_sha1(const guint64 key, guint32 *token, guint64 *idsn)
*idsn = GUINT64_FROM_BE(_isdn);
}
+/* Generate the initial data sequence number and MPTCP connection token from the key. */
+static void
+mptcp_cryptodata_sha256(const guint64 key, guint32 *token, guint64 *idsn)
+{
+ guint8 digest_buf[HASH_SHA2_256_LENGTH];
+ guint64 pseudokey = GUINT64_TO_BE(key);
+ guint32 _token;
+ guint64 _isdn;
+
+ gcry_md_hash_buffer(GCRY_MD_SHA256, digest_buf, (const guint8 *)&pseudokey, 8);
+
+ /* memcpy to prevent -Wstrict-aliasing errors with GCC 4 */
+ memcpy(&_token, digest_buf, sizeof(_token));
+ *token = GUINT32_FROM_BE(_token);
+ memcpy(&_isdn, digest_buf + HASH_SHA2_256_LENGTH - sizeof(_isdn), sizeof(_isdn));
+ *idsn = GUINT64_FROM_BE(_isdn);
+}
+
/* Print formatted list of tcp stream ids that are part of the connection */
static void
@@ -4338,7 +4365,7 @@ mptcp_get_meta_from_token(struct tcp_analysis* tcpd, tcp_flow_t *tcp_flow, guint
/* setup from_key */
static
struct mptcp_analysis*
-get_or_create_mptcpd_from_key(struct tcp_analysis* tcpd, tcp_flow_t *fwd, guint64 key, guint8 hmac_algo _U_) {
+get_or_create_mptcpd_from_key(struct tcp_analysis* tcpd, tcp_flow_t *fwd, guint8 version, guint64 key, guint8 hmac_algo _U_) {
guint32 token = 0;
guint64 expected_idsn= 0;
@@ -4348,8 +4375,11 @@ get_or_create_mptcpd_from_key(struct tcp_analysis* tcpd, tcp_flow_t *fwd, guint6
return mptcpd;
}
- /* MPTCP only standardizes SHA1 for now. */
- mptcp_cryptodata_sha1(key, &token, &expected_idsn);
+ /* MPTCP v0 only standardizes SHA1, and v1 SHA256. */
+ if (version == 0)
+ mptcp_cryptodata_sha1(key, &token, &expected_idsn);
+ else if (version == 1)
+ mptcp_cryptodata_sha256(key, &token, &expected_idsn);
mptcpd = mptcp_get_meta_from_token(tcpd, fwd, token);
@@ -4409,6 +4439,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
proto_item *item,*main_item;
proto_tree *mptcp_tree;
+ guint32 version;
guint8 subtype;
guint8 ipver;
int offset = 0;
@@ -4462,18 +4493,19 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
case TCPOPT_MPTCP_MP_CAPABLE:
mph->mh_mpc = TRUE;
- proto_tree_add_item(mptcp_tree, hf_tcp_option_mptcp_version, tvb,
- offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item_ret_uint(mptcp_tree, hf_tcp_option_mptcp_version, tvb,
+ offset, 1, ENC_BIG_ENDIAN, &version);
offset += 1;
item = proto_tree_add_bitmask(mptcp_tree, tvb, offset, hf_tcp_option_mptcp_flags,
- ett_tcp_option_mptcp, tcp_option_mptcp_capable_flags,
+ ett_tcp_option_mptcp,
+ version == 1 ? tcp_option_mptcp_capable_v1_flags : tcp_option_mptcp_capable_v0_flags,
ENC_BIG_ENDIAN);
mph->mh_capable_flags = tvb_get_guint8(tvb, offset);
if ((mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK) == 0) {
expert_add_info(pinfo, item, &ei_mptcp_analysis_missing_algorithm);
}
- if ((mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK) != MPTCP_HMAC_SHA1) {
+ if ((mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK) != MPTCP_HMAC_SHA) {
expert_add_info(pinfo, item, &ei_mptcp_analysis_unsupported_algorithm);
}
offset += 1;
@@ -4488,7 +4520,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
proto_tree_add_uint64(mptcp_tree, hf_tcp_option_mptcp_sender_key, tvb, offset, 8, mph->mh_key);
offset += 8;
- mptcpd = get_or_create_mptcpd_from_key(tcpd, tcpd->fwd, mph->mh_key, mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK);
+ mptcpd = get_or_create_mptcpd_from_key(tcpd, tcpd->fwd, version, mph->mh_key, mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK);
mptcpd->master = tcpd;
item = proto_tree_add_uint(mptcp_tree,
@@ -4514,7 +4546,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
}
}
else {
- mptcpd = get_or_create_mptcpd_from_key(tcpd, tcpd->rev, recv_key, mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK);
+ mptcpd = get_or_create_mptcpd_from_key(tcpd, tcpd->rev, version, recv_key, mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK);
}
}
@@ -7147,10 +7179,14 @@ proto_register_tcp(void)
{ "Extensibility", "tcp.options.mptcp.extensibility.flag", FT_UINT8,
BASE_DEC, NULL, 0x40, NULL, HFILL}},
- { &hf_tcp_option_mptcp_H_flag,
+ { &hf_tcp_option_mptcp_H_v0_flag,
{ "Use HMAC-SHA1", "tcp.options.mptcp.sha1.flag", FT_UINT8,
BASE_DEC, NULL, 0x01, NULL, HFILL}},
+ { &hf_tcp_option_mptcp_H_v1_flag,
+ { "Use HMAC-SHA256", "tcp.options.mptcp.sha256.flag", FT_UINT8,
+ BASE_DEC, NULL, 0x01, NULL, HFILL}},
+
{ &hf_tcp_option_mptcp_F_flag,
{ "DATA_FIN", "tcp.options.mptcp.datafin.flag", FT_UINT8,
BASE_DEC, NULL, MPTCP_DSS_FLAG_DATA_FIN_PRESENT, NULL, HFILL}},
diff --git a/epan/dissectors/packet-tcp.h b/epan/dissectors/packet-tcp.h
index dfee9cdeb4..38630d3a51 100644
--- a/epan/dissectors/packet-tcp.h
+++ b/epan/dissectors/packet-tcp.h
@@ -277,7 +277,8 @@ struct mptcp_subflow {
typedef enum {
MPTCP_HMAC_NOT_SET = 0,
- MPTCP_HMAC_SHA1 = 1,
+ /* this is either SHA1 for MPTCP v0 or sha256 for MPTCP v1 */
+ MPTCP_HMAC_SHA = 1,
MPTCP_HMAC_LAST
} mptcp_hmac_algorithm_t;
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index c4a9a6eb15..ca284604ed 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -271,6 +271,7 @@ static int hf_tcp_option_mptcp_subflow_seq_no = -1;
static int hf_tcp_option_mptcp_data_lvl_len = -1;
static int hf_tcp_option_mptcp_checksum = -1;
static int hf_tcp_option_mptcp_ipver = -1;
+static int hf_tcp_option_mptcp_echo = -1;
static int hf_tcp_option_mptcp_ipv4 = -1;
static int hf_tcp_option_mptcp_ipv6 = -1;
static int hf_tcp_option_mptcp_port = -1;
@@ -4776,33 +4777,32 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
break;
case TCPOPT_MPTCP_ADD_ADDR:
- proto_tree_add_item(mptcp_tree,
- hf_tcp_option_mptcp_ipver, tvb, offset, 1, ENC_BIG_ENDIAN);
ipver = tvb_get_guint8(tvb, offset) & 0x0F;
+ if (ipver == 4 || ipver == 6)
+ proto_tree_add_item(mptcp_tree,
+ hf_tcp_option_mptcp_ipver, tvb, offset, 1, ENC_BIG_ENDIAN);
+ else
+ proto_tree_add_item(mptcp_tree,
+ hf_tcp_option_mptcp_echo, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(mptcp_tree,
hf_tcp_option_mptcp_address_id, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
- switch (ipver) {
- case 4:
- proto_tree_add_item(mptcp_tree,
+ if (optlen == 8 || optlen == 10 || optlen == 16 || optlen == 18) {
+ proto_tree_add_item(mptcp_tree,
hf_tcp_option_mptcp_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN);
- offset += 4;
- break;
+ offset += 4;
+ }
- case 6:
- proto_tree_add_item(mptcp_tree,
+ if (optlen == 20 || optlen == 22 || optlen == 28 || optlen == 30) {
+ proto_tree_add_item(mptcp_tree,
hf_tcp_option_mptcp_ipv6, tvb, offset, 16, ENC_NA);
- offset += 16;
- break;
-
- default:
- break;
+ offset += 16;
}
- if (optlen % 4 == 2) {
+ if (optlen == 10 || optlen == 18 || optlen == 22 || optlen == 30) {
proto_tree_add_item(mptcp_tree,
hf_tcp_option_mptcp_port, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
@@ -7303,6 +7303,10 @@ proto_register_tcp(void)
{ "IP version", "tcp.options.mptcp.ipver", FT_UINT8,
BASE_DEC, NULL, 0x0F, NULL, HFILL}},
+ { &hf_tcp_option_mptcp_echo,
+ { "Echo", "tcp.options.mptcp.echo", FT_UINT8,
+ BASE_DEC, NULL, 0x01, NULL, HFILL}},
+
{ &hf_tcp_option_mptcp_ipv4,
{ "Advertised IPv4 Address", "tcp.options.mptcp.ipv4", FT_IPv4,
BASE_NONE, NULL, 0x0, NULL, HFILL}},
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index 6bc1915e82..b0ed652215 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -2152,13 +2152,19 @@ tcp_analyze_sequence_number(packet_info *pinfo, guint32 seq, guint32 ack, guint3
&& seq==tcpd->fwd->tcp_analyze_seq_info->nextseq
&& ack==tcpd->fwd->tcp_analyze_seq_info->lastack
&& (flags&(TH_SYN|TH_FIN|TH_RST))==0 ) {
- tcpd->fwd->tcp_analyze_seq_info->dupacknum++;
- if(!tcpd->ta) {
- tcp_analyze_get_acked_struct(pinfo->num, seq, ack, TRUE, tcpd);
- }
- tcpd->ta->flags|=TCP_A_DUPLICATE_ACK;
- tcpd->ta->dupack_num=tcpd->fwd->tcp_analyze_seq_info->dupacknum;
- tcpd->ta->dupack_frame=tcpd->fwd->tcp_analyze_seq_info->lastnondupack;
+
+ /* MPTCP tolerates duplicate acks in some circumstances, see RFC 8684 4. */
+ if(tcpd->mptcp_analysis && (tcpd->mptcp_analysis->mp_operations!=tcpd->fwd->mp_operations)) {
+ /* just ignore this DUPLICATE ACK */
+ } else {
+ tcpd->fwd->tcp_analyze_seq_info->dupacknum++;
+ if(!tcpd->ta) {
+ tcp_analyze_get_acked_struct(pinfo->num, seq, ack, TRUE, tcpd);
+ }
+ tcpd->ta->flags|=TCP_A_DUPLICATE_ACK;
+ tcpd->ta->dupack_num=tcpd->fwd->tcp_analyze_seq_info->dupacknum;
+ tcpd->ta->dupack_frame=tcpd->fwd->tcp_analyze_seq_info->lastnondupack;
+ }
}
@@ -2343,6 +2349,10 @@ finished_checking_retransmission_type:
tcpd->fwd->tcp_analyze_seq_info->lastacktime.secs=pinfo->abs_ts.secs;
tcpd->fwd->tcp_analyze_seq_info->lastacktime.nsecs=pinfo->abs_ts.nsecs;
+ /* remember the MPTCP operations if any */
+ if( tcpd->mptcp_analysis ) {
+ tcpd->fwd->mp_operations=tcpd->mptcp_analysis->mp_operations;
+ }
/* if there were any flags set for this segment we need to remember them
* we only remember the flags for the very last segment though.
@@ -2702,24 +2712,17 @@ mptcp_analysis_add_subflows(packet_info *pinfo _U_, tvbuff_t *tvb,
proto_tree *parent_tree, struct mptcp_analysis* mptcpd)
{
wmem_list_frame_t *it;
- proto_tree *tree;
proto_item *item;
- item=proto_tree_add_item(parent_tree, hf_mptcp_analysis_subflows, tvb, 0, 0, ENC_NA);
- PROTO_ITEM_SET_GENERATED(item);
-
- tree=proto_item_add_subtree(item, ett_mptcp_analysis_subflows);
+ wmem_strbuf_t *val = wmem_strbuf_new(wmem_packet_scope(), "");
/* for the analysis, we set each subflow tcp stream id */
for(it = wmem_list_head(mptcpd->subflows); it != NULL; it = wmem_list_frame_next(it)) {
struct tcp_analysis *sf = (struct tcp_analysis *)wmem_list_frame_data(it);
- proto_item *subflow_item;
- subflow_item=proto_tree_add_uint(tree, hf_mptcp_analysis_subflows_stream_id, tvb, 0, 0, sf->stream);
- PROTO_ITEM_SET_HIDDEN(subflow_item);
-
- proto_item_append_text(item, " %d", sf->stream);
+ wmem_strbuf_append_printf(val, "%u ", sf->stream);
}
+ item = proto_tree_add_string(parent_tree, hf_mptcp_analysis_subflows, tvb, 0, 0, wmem_strbuf_get_str(val));
PROTO_ITEM_SET_GENERATED(item);
}
@@ -2962,6 +2965,42 @@ mptcp_add_analysis_subtree(packet_info *pinfo, tvbuff_t *tvb, proto_tree *parent
PROTO_ITEM_SET_GENERATED(item);
+ /* store the TCP Options related to MPTCP then we will avoid false DUP ACKs later */
+ guint8 nbOptionsChanged = 0;
+ if((tcpd->mptcp_analysis->mp_operations&(0x01))!=tcph->th_mptcp->mh_mpc) {
+ tcpd->mptcp_analysis->mp_operations |= 0x01;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x02))!=tcph->th_mptcp->mh_join) {
+ tcpd->mptcp_analysis->mp_operations |= 0x02;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x04))!=tcph->th_mptcp->mh_dss) {
+ tcpd->mptcp_analysis->mp_operations |= 0x04;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x08))!=tcph->th_mptcp->mh_add) {
+ tcpd->mptcp_analysis->mp_operations |= 0x08;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x10))!=tcph->th_mptcp->mh_remove) {
+ tcpd->mptcp_analysis->mp_operations |= 0x10;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x20))!=tcph->th_mptcp->mh_prio) {
+ tcpd->mptcp_analysis->mp_operations |= 0x20;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x40))!=tcph->th_mptcp->mh_fail) {
+ tcpd->mptcp_analysis->mp_operations |= 0x40;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x80))!=tcph->th_mptcp->mh_fastclose) {
+ tcpd->mptcp_analysis->mp_operations |= 0x80;
+ nbOptionsChanged++;
+ }
+ /* we could track MPTCP option changes here, with nbOptionsChanged */
+
item = proto_tree_add_uint(tree, hf_mptcp_stream, tvb, 0, 0, mptcpd->stream);
PROTO_ITEM_SET_GENERATED(item);
@@ -4537,6 +4576,7 @@ get_or_create_mptcpd_from_key(struct tcp_analysis* tcpd, tcp_flow_t *fwd, guint8
DISSECTOR_ASSERT(fwd->mptcp_subflow->meta);
+ fwd->mptcp_subflow->meta->version = version;
fwd->mptcp_subflow->meta->key = key;
fwd->mptcp_subflow->meta->static_flags |= MPTCP_META_HAS_KEY;
fwd->mptcp_subflow->meta->base_dsn = expected_idsn;
@@ -4747,6 +4787,13 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
offset += 4;
mptcpd = mptcp_get_meta_from_token(tcpd, tcpd->rev, mph->mh_token);
+ if (tcpd->fwd->mptcp_subflow->meta->version == 1) {
+ mptcp_meta_flow_t *tmp = tcpd->fwd->mptcp_subflow->meta;
+
+ /* if the negotiated version is v1 the first key was exchanged on SYN/ACK packet: we must swap the meta */
+ tcpd->fwd->mptcp_subflow->meta = tcpd->rev->mptcp_subflow->meta;
+ tcpd->rev->mptcp_subflow->meta = tmp;
+ }
proto_tree_add_item_ret_uint(mptcp_tree, hf_tcp_option_mptcp_sender_rand, tvb, offset,
4, ENC_BIG_ENDIAN, &tcpd->fwd->mptcp_subflow->nonce);
@@ -4897,6 +4944,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
break;
case TCPOPT_MPTCP_ADD_ADDR:
+ mph->mh_add = TRUE;
ipver = tvb_get_guint8(tvb, offset) & 0x0F;
if (ipver == 4 || ipver == 6)
proto_tree_add_item(mptcp_tree,
@@ -4935,6 +4983,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
break;
case TCPOPT_MPTCP_REMOVE_ADDR:
+ mph->mh_remove = TRUE;
item = proto_tree_add_uint(mptcp_tree, hf_mptcp_number_of_removed_addresses, tvb, start_offset+2,
1, optlen - 3);
PROTO_ITEM_SET_GENERATED(item);
@@ -4947,6 +4996,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
break;
case TCPOPT_MPTCP_MP_PRIO:
+ mph->mh_prio = TRUE;
proto_tree_add_bitmask(mptcp_tree, tvb, offset, hf_tcp_option_mptcp_flags,
ett_tcp_option_mptcp, tcp_option_mptcp_join_flags,
ENC_BIG_ENDIAN);
@@ -8040,7 +8090,7 @@ proto_register_tcp(void)
"This was retransmitted on another subflow", HFILL }},
{ &hf_mptcp_analysis_subflows,
- { "TCP subflow stream id(s):", "mptcp.analysis.subflows", FT_NONE, BASE_NONE, NULL, 0x0,
+ { "TCP subflow stream id(s)", "mptcp.analysis.subflows", FT_STRING, BASE_NONE, NULL, 0x0,
"List all TCP connections mapped to this MPTCP connection", HFILL }},
{ &hf_mptcp_stream,
diff --git a/epan/dissectors/packet-tcp.h b/epan/dissectors/packet-tcp.h
index ac250d948e..21e6a61086 100644
--- a/epan/dissectors/packet-tcp.h
+++ b/epan/dissectors/packet-tcp.h
@@ -49,8 +49,11 @@ struct mptcpheader {
gboolean mh_mpc; /* true if seen an mp_capable option */
gboolean mh_join; /* true if seen an mp_join option */
gboolean mh_dss; /* true if seen a dss */
- gboolean mh_fastclose; /* true if seen a fastclose */
+ gboolean mh_add; /* true if seen an MP_ADD */
+ gboolean mh_remove; /* true if seen an MP_REMOVE */
+ gboolean mh_prio; /* true if seen an MP_PRIO */
gboolean mh_fail; /* true if seen an MP_FAIL */
+ gboolean mh_fastclose; /* true if seen a fastclose */
guint8 mh_capable_flags; /* to get hmac version for instance */
guint8 mh_dss_flags; /* data sequence signal flag */
@@ -332,6 +335,7 @@ typedef struct _tcp_flow_t {
gboolean valid_bif; /* if lost pkts, disable BiF until ACK is recvd */
guint32 push_bytes_sent; /* bytes since the last PSH flag */
gboolean push_set_last; /* tracking last time PSH flag was set */
+ guint8 mp_operations; /* tracking of the MPTCP operations */
tcp_analyze_seq_flow_info_t* tcp_analyze_seq_info;
@@ -378,6 +382,9 @@ struct mptcp_analysis {
/* identifier of the tcp stream that saw the initial 3WHS with MP_CAPABLE option */
struct tcp_analysis *master;
+
+ /* Keep track of the last TCP operations seen in order to avoid false DUP ACKs */
+ guint8 mp_operations;
};
struct tcp_analysis {

23
SOURCES/wireshark-0028-find-libssh.patch
View File

@ -1,23 +0,0 @@
diff --git a/cmake/modules/FindLIBSSH.cmake b/cmake/modules/FindLIBSSH.cmake
index 46dbe04..65dd5d2 100644
--- a/cmake/modules/FindLIBSSH.cmake
+++ b/cmake/modules/FindLIBSSH.cmake
@@ -59,15 +59,15 @@ else ()
${LIBSSH_LIBRARY}
)
- file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh.h LIBSSH_VERSION_MAJOR
+ file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh_version.h LIBSSH_VERSION_MAJOR
REGEX "#define[ ]+LIBSSH_VERSION_MAJOR[ ]+[0-9]+")
# Older versions of libssh like libssh-0.2 have LIBSSH_VERSION but not LIBSSH_VERSION_MAJOR
if(LIBSSH_VERSION_MAJOR)
string(REGEX MATCH "[0-9]+" LIBSSH_VERSION_MAJOR ${LIBSSH_VERSION_MAJOR})
- file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh.h LIBSSH_VERSION_MINOR
+ file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh_version.h LIBSSH_VERSION_MINOR
REGEX "#define[ ]+LIBSSH_VERSION_MINOR[ ]+[0-9]+")
string(REGEX MATCH "[0-9]+" LIBSSH_VERSION_MINOR ${LIBSSH_VERSION_MINOR})
- file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh.h LIBSSH_VERSION_PATCH
+ file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh_version.h LIBSSH_VERSION_PATCH
REGEX "#define[ ]+LIBSSH_VERSION_MICRO[ ]+[0-9]+")
string(REGEX MATCH "[0-9]+" LIBSSH_VERSION_PATCH ${LIBSSH_VERSION_PATCH})
set(LIBSSH_VERSION ${LIBSSH_VERSION_MAJOR}.${LIBSSH_VERSION_MINOR}.${LIBSSH_VERSION_PATCH})

321
SPECS/wireshark.spec
View File

@ -1,13 +1,13 @@
%undefine __cmake_in_source_build
%global with_lua 1
%global with_portaudio 1
%global with_maxminddb 1
%global plugins_version 2.6
%global plugins_version 3.4
Summary: Network traffic analyzer
Name: wireshark
Version: 2.6.2
Release: 15%{?dist}
Epoch: 1
Version: 3.4.10
Release: 6%{?dist}
Epoch: 1
License: GPL+
Url: http://www.wireshark.org/
@ -16,53 +16,26 @@ Source1: https://www.wireshark.org/download/src/all-versions/SIGNATURES-%
Source2: 90-wireshark-usbmon.rules
# Fedora-specific
%if %{with_lua} && 0%{?fedora}
Patch1: wireshark-0001-enable-Lua-support.patch
%endif
# Fedora-specific
Patch2: wireshark-0002-Customize-permission-denied-error.patch
Patch0002: wireshark-0002-Customize-permission-denied-error.patch
# Will be proposed upstream
Patch3: wireshark-0003-fix-string-overrun-in-plugins-profinet.patch
Patch0003: wireshark-0003-fix-string-overrun-in-plugins-profinet.patch
# Fedora-specific
Patch4: wireshark-0004-Restore-Fedora-specific-groups.patch
Patch0004: wireshark-0004-Restore-Fedora-specific-groups.patch
# Fedora-specific
Patch5: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch
Patch0005: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch
# Fedora-specific
Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch
Patch7: wireshark-0007-cmakelists.patch
#Various CVEs in RHEL-8
Patch8: wireshark-0008-CVE-2018-16056.patch
Patch9: wireshark-0009-CVE-2018-16057.patch
Patch10: wireshark-0010-CVE-2018-16058.patch
Patch11: wireshark-0011-tshark-missing-N-option.patch
#CVEs backported from wireshark-2.6.4
Patch12: wireshark-0012-CVE-12086.patch
Patch13: wireshark-0013-CVE-18225.patch
Patch14: wireshark-0014-CVE-18226.patch
Patch15: wireshark-0015-CVE-18227.patch
#CVEs backported from wireshark-2.6.5
Patch16: wireshark-0016-CVE-19622.patch
Patch17: wireshark-0017-CVE-19623.patch
Patch18: wireshark-0018-CVE-19624.patch
Patch19: wireshark-0019-CVE-19625.patch
Patch20: wireshark-0020-CVE-19626.patch
Patch21: wireshark-0021-CVE-19627.patch
Patch22: wireshark-0022-CVE-19628.patch
#Removing deprecated word Application from .desktop file
Patch23: wireshark-0023-desktop-file.patch
#Fixing a couple of issues found by covscan
Patch24: wireshark-0024-covscan.patch
Patch25: wireshark-0025-drop-count.patch
Patch26: wireshark-0026-mptcp.patch
Patch27: wireshark-0027-ibm-smc.patch
#Change in libssh header files forces a different technique on finding definitons
Patch28: wireshark-0028-find-libssh.patch
Patch0006: wireshark-0006-Move-tmp-to-var-tmp.patch
Patch0007: wireshark-0007-cmakelists.patch
#Patch0008: wireshark-0008-move-glib.patch
Patch0009: wireshark-0009-smc-support.patch
Patch0010: wireshark-0010-fips-ripemd160.patch
Patch0011: wireshark-0011-cve-2022-3190.patch
Patch0012: wireshark-0012-cve-2023-0668.patch
Patch0013: wireshark-0013-cve-2023-0666.patch
Patch0014: wireshark-0014-cve-2023-2858.patch
Patch0015: wireshark-0015-cve-2023-2856.patch
Patch0016: wireshark-0016-cve-2023-2855.patch
Patch0017: wireshark-0017-cve-2023-2952.patch
#install tshark together with wireshark GUI
Requires: %{name}-cli = %{epoch}:%{version}-%{release}
@ -70,11 +43,7 @@ Requires: %{name}-cli = %{epoch}:%{version}-%{release}
Requires: xdg-utils
Requires: hicolor-icon-theme
%if %{with_portaudio} && 0%{?fedora}
Requires: portaudio
BuildRequires: portaudio-devel
%endif
%if %{with_maxminddb}
%if %{with_maxminddb} && 0%{?fedora}
Requires: libmaxminddb
%endif
@ -84,7 +53,6 @@ BuildRequires: elfutils-devel
BuildRequires: gcc-c++
BuildRequires: glib2-devel
BuildRequires: gnutls-devel
BuildRequires: gtk3-devel
BuildRequires: krb5-devel
BuildRequires: libcap-devel
BuildRequires: libgcrypt-devel
@ -100,7 +68,8 @@ BuildRequires: flex
BuildRequires: pcre-devel
BuildRequires: perl(Pod::Html)
BuildRequires: perl(Pod::Man)
Buildrequires: libssh-devel
BuildRequires: perl(open)
Buildrequires: libssh-devel
BuildRequires: qt5-linguist
BuildRequires: qt5-qtbase-devel
BuildRequires: qt5-qtmultimedia-devel
@ -115,6 +84,10 @@ BuildRequires: compat-lua-devel
Buildrequires: git
Buildrequires: python3-devel
Buildrequires: cmake
#needed for sdjournal external capture interface
BuildRequires: systemd-devel
BuildRequires: libnghttp2-devel
Obsoletes: wireshark-qt, wireshark-gtk
%description
@ -139,8 +112,11 @@ Wireshark.
%package devel
Summary: Development headers and libraries for wireshark
Requires: %{name} = %{epoch}:%{version}-%{release} glibc-devel glib2-devel
Requires: wireshark-cli = %{epoch}:%{version}-%{release}
Requires: %{name} = %{epoch}:%{version}-%{release}
Requires: %{name}-cli = %{epoch}:%{version}-%{release}
Requires: glibc-devel
Requires: glib2-devel
%description devel
The wireshark-devel package contains the header files, developer
@ -155,33 +131,29 @@ and plugins.
%cmake -G "Unix Makefiles" \
-DDISABLE_WERROR=ON \
-DBUILD_wireshark=ON \
-DENABLE_QT5=ON \
%if %{with_lua} && 0%{?fedora}
-DENABLE_LUA=ON \
%else
-DENABLE_LUA=OFF \
%endif
%if %{with_maxminddb}
%if %{with_maxminddb} && 0%{?fedora}
-DBUILD_mmdbresolve=ON \
%else
-DBUILD_mmdbresolve=OFF \
%endif
-DBUILD_randpktdump=OFF \
-DBUILD_androiddump=OFF \
-DBUILD_androiddump=ON \
-DENABLE_SMI=ON \
%if %{with_portaudio} && 0%{?fedora}
-DENABLE_PORTAUDIO=ON \
%else
-DENABLE_PORTAUDIO=OFF \
%endif
-DENABLE_PLUGINS=ON \
-DENABLE_NETLINK=ON \
-DBUILD_dcerpcidl2wrs=OFF
-DBUILD_dcerpcidl2wrs=OFF \
-DBUILD_sdjournal=ON \
%{nil}
make %{?_smp_mflags}
%cmake_build
%install
make DESTDIR=%{buildroot} install
%cmake_install
desktop-file-validate %{buildroot}%{_datadir}/applications/wireshark.desktop
@ -197,7 +169,7 @@ mkdir -p "${IDIR}/epan/wmem"
mkdir -p "${IDIR}/wiretap"
mkdir -p "${IDIR}/wsutil"
mkdir -p %{buildroot}%{_udevrulesdir}
install -m 644 config.h epan/register.h "${IDIR}/"
install -m 644 %{_vpath_builddir}/config.h epan/register.h "${IDIR}/"
install -m 644 cfile.h file.h "${IDIR}/"
install -m 644 ws_symbol_export.h "${IDIR}/"
install -m 644 epan/*.h "${IDIR}/epan/"
@ -216,30 +188,19 @@ touch %{buildroot}%{_bindir}/%{name}
# Remove libtool archives and static libs
find %{buildroot} -type f -name "*.la" -delete
#fix multilib install of devel pkg in wireshark-2.6.2(fixed in 3.0.0)
mv %{buildroot}%{_includedir}/wireshark/config.h \
%{buildroot}%{_includedir}/wireshark/config-%{__isa_bits}.h
cat > %{buildroot}%{_includedir}/wireshark/config.h << EOF
#include <bits/wordsize.h>
#if __WORDSIZE == 32
#include <wireshark/config-32.h>
#elif __WORDSIZE == 64
#include <wireshark/config-64.h>
#else
#error "Unknown word size"
#endif
EOF
%pre cli
getent group wireshark >/dev/null || groupadd -r wireshark
getent group usbmon >/dev/null || groupadd -r usbmon
%post cli
/sbin/ldconfig
/usr/bin/udevadm trigger --subsystem-match=usbmon
%{?ldconfig}
# skip triggering if udevd isn't even accessible, e.g. containers or
# rpm-ostree-based systems
if [ -S /run/udev/control ]; then
/usr/bin/udevadm trigger --subsystem-match=usbmon
fi
%postun cli -p /sbin/ldconfig
%ldconfig_postun cli
%files
%{_datadir}/appdata/%{name}.appdata.xml
@ -262,7 +223,7 @@ getent group usbmon >/dev/null || groupadd -r usbmon
%{_bindir}/sharkd
%{_bindir}/text2pcap
%{_bindir}/tshark
%if %{with_maxminddb}
%if %{with_maxminddb} && 0%{?fedora}
%{_bindir}/mmdbresolve
%endif
%attr(0750, root, wireshark) %caps(cap_net_raw,cap_net_admin=ep) %{_bindir}/dumpcap
@ -275,8 +236,16 @@ getent group usbmon >/dev/null || groupadd -r usbmon
%{_libdir}/wireshark/extcap/ciscodump
%{_libdir}/wireshark/extcap/udpdump
%{_libdir}/wireshark/extcap/sshdump
%{_libdir}/wireshark/*.cmake
%{_libdir}/wireshark/extcap/sdjournal
%{_libdir}/wireshark/extcap/dpauxmon
%{_libdir}/wireshark/extcap/androiddump
%dir %{_libdir}/wireshark/cmake
%{_libdir}/wireshark/cmake/*.cmake
#the version wireshark uses to store plugins is only x.y, not .z
%dir %{_libdir}/wireshark/plugins/%{plugins_version}
%dir %{_libdir}/wireshark/plugins/%{plugins_version}/epan
%dir %{_libdir}/wireshark/plugins/%{plugins_version}/wiretap
%dir %{_libdir}/wireshark/plugins/%{plugins_version}/codecs
%{_libdir}/wireshark/plugins/%{plugins_version}/epan/*.so
%{_libdir}/wireshark/plugins/%{plugins_version}/wiretap/*.so
%{_libdir}/wireshark/plugins/%{plugins_version}/codecs/*.so
@ -297,12 +266,15 @@ getent group usbmon >/dev/null || groupadd -r usbmon
%{_mandir}/man1/captype.*
%{_mandir}/man1/ciscodump.*
%{_mandir}/man1/randpktdump.*
%{_mandir}/man1/dpauxmon.*
%{_mandir}/man1/sdjournal.*
%{_mandir}/man4/extcap.*
%if %{with_maxminddb}
%if %{with_maxminddb} && 0%{?fedora}
%{_mandir}/man1/mmdbresolve.*
%endif
%dir %{_datadir}/wireshark
%{_datadir}/wireshark/*
%{_docdir}/wireshark/*.html
%files devel
%doc doc/README.* ChangeLog
@ -311,64 +283,160 @@ getent group usbmon >/dev/null || groupadd -r usbmon
%{_libdir}/pkgconfig/%{name}.pc
%changelog
* Wed Aug 24 2022 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-15
- Resolves: #2119126 - Wireshark source rpm fails to build due to looking for incorrect libssh header files
* Mon Jun 19 2023 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-6
- Resolves: #2211413 - XRA dissector infinite loop
* Mon Apr 19 2021 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-14
- Resolves: #1851465 - [IBM 8.5 FEAT] wireshark: Update to include SMC support
* Wed Jun 07 2023 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-5
- Resolves: #2210864 - Candump log file parser crash
Resolves: #2210865 - VMS TCPIPtrace file parser crash
Resolves: #2210868 - NetScaler file parser crash
Resolves: #2210870 - RTPS dissector crash
Resolves: #2210871 - IEEE C37.118 Synchrophasor dissector crash
* Tue Apr 13 2021 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-13
- Resolves: #1934617 - [RFE] better MPTCP dissection support
* Fri Jan 20 2023 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-4
- Resolves: #2152064 - CVE-2022-3190 wireshark: f5ethtrailer Infinite loop in legacy style dissector
* Tue Oct 29 2019 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-12
- Resolves: #1609737 - wiretap does not write "drop_count" in pcapng format
* Thu Jan 19 2023 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-3
- Resolves: #2083581 - capinfos aborts in FIPS
* Mon Apr 29 2019 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-11
- Related: #1602731 - Fixing multilib problem in devel subpackage
* Thu Jan 19 2023 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-2
- Resolves: #2160648 - Enhanced TMT testing for centos-stream
* Thu Apr 25 2019 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-10
- Resolves: #1602731 - Please review important issues found by covscan
* Thu Dec 16 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-1
- Resolves: #2032966 - Rebase wireshark to fix multiple CVEs
* Sun Dec 16 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-9
- Related: #1642919 - Fixing RPMDiff errors
* Mon Aug 16 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.7-3
- Resolves: #1988120 - Enable LTO build of wireshark for RHEL 9
* Tue Dec 11 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-8
- Related: #1642919 - changing wrong commit message
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.4.7-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Mon Dec 10 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-7
- Resolves: #1642919 - CVE-2018-12086, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227
- Resolves: #1656342 - CVE-2018-19623
- Resolves: #1657634 - CVE-2018-19625
- Resolves: #1657211 - CVE-2018-19626
- Resolves: #1657184 - CVE-2018-19627
- Resolves: #1657190 - CVE-2018-19628
- fixes CVE-2018-19622, CVE-2018-19624
* Tue Jul 20 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.7-1
- Related: #1967546 - Rebase wireshark to latest version
* Mon Nov 12 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-6
- Resolves: #1584214 - tshark does accept -N v while it shouldn't
* Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.4.6-2
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Thu Sep 27 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-5
- Resolves: #1625926 - fixes CVE-2018-16056, CVE-2018-16057, CVE-2018-16058
* Fri Jun 11 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.6-1
- Related: #1967546 - Rebase wireshark to latest version
* Mon Aug 27 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-4
- Resolves: #1618380 - Rebuild wireshark using libssh-0.8 for RHEL8
* Thu Jun 03 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.5-1
- Resolves: #1967546 - Rebase wireshark to latest version
* Mon Aug 13 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-3
- Resolves: #1615412 - FTBFS: wireshark fails to build
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.4.4-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Thu Aug 02 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-2
- Turning on build with libmaxminddb (rhbz#1607934)
* Tue Mar 16 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.4-1
- New version 3.4.4
- Fix for CVE-2021-22191
* Tue Feb 23 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.3-3
- Adding more commits to make SMC complete
* Mon Feb 22 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.3-2
- Adding SMC-R, SMC-D and SMC-D v2
* Tue Feb 16 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.3-1
- New version 3.4.3
- Fix for CVE-2021-22173, CVE-2021-22174
* Fri Jan 29 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.2-1
- New version 3.4.2
- Fix for CVE-2020-26418, CVE-2020-26419, CVE-2020-26420, CVE-2020-26421
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Dec 02 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.4.0-1
- New version 3.4.0
- Fix for CVE-2020-26575, CVE-2020-28030
* Fri Oct 09 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.7-1
- New version 3.2.7
- Fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866
* Thu Sep 10 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.6-2
- Temprorarily disabling LTO build due to errors in libqt5core
* Wed Aug 19 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.6-1
- New version 3.2.6
- Fix for CVE-2020-17498
* Thu Jul 30 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.5-3
- Adding ownership for dirs created by wireshark (rhbz#1860650)
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.2.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu Jul 02 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.5-1
- New version 3.2.5
* Fri May 22 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.4-1
- New version 3.2.4
- Enabling build with androiddump (rhbz#1834367)
* Mon Apr 13 2020 Gwyn Ciesla <gwync@protonmail.com> - 1:3.2.3-1
- 3.2.3
* Fri Apr 03 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.2-1
- New version 3.2.2
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Dec 19 2019 Michal Ruprich <mruprich@redhat.com> - 1:3.2.0-1
- New version 3.2.0
* Wed Oct 30 2019 Michal Ruprich <mruprich@redhat.com> - 1:3.0.5-1
- New version 3.0.5
* Tue Aug 20 2019 Michal Ruprich <mruprich@redhat.com> - 1:3.0.3-1
- New version 3.0.3
- Fixes CVE-2019-13619
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Tue Apr 09 2019 Michal Ruprich <mruprich@redhat.com> - 1:3.0.1-1
- New version 3.0.1
- Fixes CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10897, CVE-2019-10898, CVE-2019-10899, CVE-2019-10900, CVE-2019-10901, CVE-2019-10902, CVE-2019-10903
* Mon Mar 11 2019 Michal Ruprich <mruprich@redhat.com> - 1:3.0.0-1
- New version 3.0.0
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.6.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 21 2019 Michal Ruprich <mruprich@redhat.com> - 1:2.6.6-1
- New version 2.6.6
- Contains fixes for CVE-2019-5716, CVE-2019-5717, CVE-2019-5718, CVE-2019-5719
- Add explicit curdir on CMake invokation
* Wed Jan 02 2019 Michal Ruprich <mruprich@redhat.com> - 1:2.6.5-2
- Adding libnghttp2-devel as BuildRequires - needed for HTTP2 support(rhbz#1512722)
* Mon Dec 10 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.5-1
- New version 2.6.5
- Contains fixes for CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628
* Mon Nov 12 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.4-1
- New version 2.6.4
- Contains fixes for CVE-2018-16056, CVE-2018-16057, CVE-2018-16058
* Mon Jul 23 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-1
- New version 2.6.2
- Contains fixes for CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.6.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Jul 11 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.1-2
- Fixing build error with newer qt5 version
* Thu May 24 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.1-1
- New version 2.6.1
- Contains fixes for multiple CVEs
* Tue May 15 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.0-2
- Added Obsoletes for wireshark-qt and wireshark-gtk
@ -381,9 +449,8 @@ getent group usbmon >/dev/null || groupadd -r usbmon
- Removed python scripts
* Thu Mar 15 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.4.5-2
- Removing dependency on wireshark from wireshark-cli
- Removing dependency on wireshark from wireshark-cli (rhbz#1554818)
- Removing deprecated Group tags
- Disabling portaudio on RHEL (rhbz#1554834)
* Fri Mar 09 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.4.5-1
- New upstream version 2.4.5