rpms/wireshark
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: rpms:c9-beta
Branches Tags
rpms:c8
rpms:c10s
rpms:c9-beta
rpms:c9s
rpms:c9
rpms:c8-beta
rpms:c8s
rpms:imports/c10s/wireshark-4.2.6-4.el10
rpms:imports/c10s/wireshark-4.2.6-3.el10
rpms:imports/c9-beta/wireshark-3.4.10-7.el9
rpms:imports/c10s/wireshark-4.2.6-2.el10
rpms:imports/c10s/wireshark-4.2.6-1.el10
rpms:imports/c10s/wireshark-4.2.5-3.el10
rpms:imports/c10s/wireshark-4.2.5-2.el10
rpms:imports/c8/wireshark-2.6.2-17.el8
rpms:imports/c9/wireshark-3.4.10-6.el9
rpms:imports/c8-beta/wireshark-2.6.2-17.el8
rpms:imports/c9-beta/wireshark-3.4.10-6.el9
rpms:imports/c9/wireshark-3.4.10-4.el9
rpms:imports/c9-beta/wireshark-3.4.10-4.el9
rpms:imports/c8/wireshark-2.6.2-15.el8
rpms:imports/c8-beta/wireshark-2.6.2-15.el8
rpms:imports/c8s/wireshark-2.6.2-15.el8
rpms:imports/c9/wireshark-3.4.10-1.el9
rpms:imports/c9-beta/wireshark-3.4.10-1.el9
rpms:imports/c9-beta/wireshark-3.4.7-3.el9
rpms:imports/c8/wireshark-2.6.2-14.el8
rpms:imports/c8-beta/wireshark-2.6.2-14.el8
rpms:imports/c8-beta/wireshark-2.6.2-12.el8
rpms:imports/c8-beta/wireshark-2.6.2-11.el8
rpms:imports/c8s/wireshark-2.6.2-14.el8
rpms:imports/c8s/wireshark-2.6.2-12.el8
rpms:imports/c8/wireshark-2.6.2-12.el8
rpms:imports/c8/wireshark-2.6.2-11.el8
rpms:imports/c8/wireshark-2.6.2-9.el8
..
compare: rpms:c8
Branches Tags
rpms:c10s
rpms:c9-beta
rpms:c9s
rpms:c8
rpms:c9
rpms:c8-beta
rpms:c8s
rpms:imports/c10s/wireshark-4.2.6-4.el10
rpms:imports/c10s/wireshark-4.2.6-3.el10
rpms:imports/c9-beta/wireshark-3.4.10-7.el9
rpms:imports/c10s/wireshark-4.2.6-2.el10
rpms:imports/c10s/wireshark-4.2.6-1.el10
rpms:imports/c10s/wireshark-4.2.5-3.el10
rpms:imports/c10s/wireshark-4.2.5-2.el10
rpms:imports/c8/wireshark-2.6.2-17.el8
rpms:imports/c9/wireshark-3.4.10-6.el9
rpms:imports/c8-beta/wireshark-2.6.2-17.el8
rpms:imports/c9-beta/wireshark-3.4.10-6.el9
rpms:imports/c9/wireshark-3.4.10-4.el9
rpms:imports/c9-beta/wireshark-3.4.10-4.el9
rpms:imports/c8/wireshark-2.6.2-15.el8
rpms:imports/c8-beta/wireshark-2.6.2-15.el8
rpms:imports/c8s/wireshark-2.6.2-15.el8
rpms:imports/c9/wireshark-3.4.10-1.el9
rpms:imports/c9-beta/wireshark-3.4.10-1.el9
rpms:imports/c9-beta/wireshark-3.4.7-3.el9
rpms:imports/c8/wireshark-2.6.2-14.el8
rpms:imports/c8-beta/wireshark-2.6.2-14.el8
rpms:imports/c8-beta/wireshark-2.6.2-12.el8
rpms:imports/c8-beta/wireshark-2.6.2-11.el8
rpms:imports/c8s/wireshark-2.6.2-14.el8
rpms:imports/c8s/wireshark-2.6.2-12.el8
rpms:imports/c8/wireshark-2.6.2-12.el8
rpms:imports/c8/wireshark-2.6.2-11.el8
rpms:imports/c8/wireshark-2.6.2-9.el8

No commits in common. "c9-beta" and "c8" have entirely different histories.
c9-beta ... c8

40 changed files with 2846 additions and 1237 deletions
Show Stats Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/wireshark-3.4.10.tar.xz
SOURCES/wireshark-2.6.2.tar.xz

1
.wireshark.metadata
View File

@ -1 +0,0 @@
63839abd94d3ae376f860e2d2969777680106578 SOURCES/wireshark-3.4.10.tar.xz

60
SOURCES/SIGNATURES-2.6.2.txt Normal file
View File

@ -0,0 +1,60 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-2.6.2.tar.xz: 28392140 bytes
SHA256(wireshark-2.6.2.tar.xz)=49b2895ee3ba17ef9ef0aebfdc4d32a778e0f36ccadde184516557d5f3357094
RIPEMD160(wireshark-2.6.2.tar.xz)=e9b782d49d9a063ba556320e9f2c08dea079967d
SHA1(wireshark-2.6.2.tar.xz)=52517c30926211b0b718815b51a3f06a18d8f5da
Wireshark-win64-2.6.2.exe: 59963968 bytes
SHA256(Wireshark-win64-2.6.2.exe)=88aa2ca018090fc73ffb273aa1ba9f690ec06deb77d1ec7ff9b39fe646ca2877
RIPEMD160(Wireshark-win64-2.6.2.exe)=3b947ada3e64bfb1c1b16a470926d94ed9db391b
SHA1(Wireshark-win64-2.6.2.exe)=90217eb0ed020a53a9ae80682c0881d347d11b4a
Wireshark-win32-2.6.2.exe: 54249888 bytes
SHA256(Wireshark-win32-2.6.2.exe)=3d886e435570b7326f53d00996040ef65b9e2a5bffe48645ce29ea5a23930801
RIPEMD160(Wireshark-win32-2.6.2.exe)=c2c5afa101559976439f36401ea1cc4564fa624e
SHA1(Wireshark-win32-2.6.2.exe)=eb7c50e80d6e7ec834599c1facfd6a3fd66aebf8
Wireshark-win32-2.6.2.msi: 43728896 bytes
SHA256(Wireshark-win32-2.6.2.msi)=99d5d94345a20e177736533840ff59859a76e864247a8146a73fca227f004043
RIPEMD160(Wireshark-win32-2.6.2.msi)=7f21412e4d335f6e797356b968fbef14afb03b8c
SHA1(Wireshark-win32-2.6.2.msi)=05f1f9c4b9bed8c4447e5e31f907c578f52cf067
Wireshark-win64-2.6.2.msi: 49364992 bytes
SHA256(Wireshark-win64-2.6.2.msi)=381076d09c757038072f761f7eee9d5aa45fa8423b771ba34ddbd8b56f2c429c
RIPEMD160(Wireshark-win64-2.6.2.msi)=a080eec0f8bd089f493d0c76837d7fe03c1fa0dd
SHA1(Wireshark-win64-2.6.2.msi)=2c6b5bf555729d1e5ee3a1dda8d2b14d3bb01759
WiresharkPortable_2.6.2.paf.exe: 37482552 bytes
SHA256(WiresharkPortable_2.6.2.paf.exe)=d36727bdb8cc3a72bfb80084d3c634c3bfa4661f4de68d644b43ef5d41c52b69
RIPEMD160(WiresharkPortable_2.6.2.paf.exe)=a98756bf5a67e47e1ca9ecd8836f2e6913a56f27
SHA1(WiresharkPortable_2.6.2.paf.exe)=dd11e62f34212be77abee9d2227a2fd3b613b0a5
Wireshark 2.6.2 Intel 64.dmg: 169012317 bytes
SHA256(Wireshark 2.6.2 Intel 64.dmg)=ef54b04a73df4069e29e77bc1940f3b767ee498c4e28f739eabda78ef71ab4a9
RIPEMD160(Wireshark 2.6.2 Intel 64.dmg)=f93d2cc4057337ca76d1aa435b0039a60927bebb
SHA1(Wireshark 2.6.2 Intel 64.dmg)=3a46de720848b286e7c115c75c7b00bcd08155aa
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAltPqKQACgkQgiRKeOb+
rurNbg//dw5903/0W2vw1a6u8F9JVvXfctb9/t1IOD2yT2omPXFTfqEkcwcY5c8W
FoSsflHM6g4rf8jqpqyipSPb6lYRJjm1fZGDzTilVPe+pcAV/HZ2QSdwOgw9FiAs
sV2eZdqPMVqdeLgDGtC4aHHabwsytFNaWtZLVyKr4ojdUfJNIBa40iUrItxXfgxA
GDCnVpdapuygk4rMeDpi3qZtvEKmgZ9Yj5aseX+wBYIT21EShP/gHSKNSA8x3gGz
xnpvOrz2qyJmWB6sBmIQndEXrYdazKr14Fzhmc2ajFMOJLwTGIZg5wl+UDnmPikW
6R1gRzSwkjEtgTKlZ9Gcel8eg6fNjW9HC9d4VjZzG4N693YrYwlpu0FIvaK+QGxE
yEJKPJnlaCi37Q6GBiKIpC5NUkTnt38Gb5DJ4/N3tk4P2LGlSyyMxLc5U096Zd8V
KCE/OVUuZs/4NsgIYaTYWDyTeNjjN2ZXnyx0N3x8yzWHcB6gYVPJc2lKouZe9XqZ
9Gz1Fr0/LEbx+r0iFOEm9pX/W8a5pzZnMn5YYUeTue61ZZp/yBOf7oTqjCVvSPHU
rZhsHMLcZnBNFoYKr03dcvukgSNsndTJPXvAEIX9FVmQUcQAEsdXRFO/csihG7l/
7KWgNjReI7eoWkBUH8sx7J+4wZVy9leWjHTtkZKTeOo6OO1vJx4=
=OiJq
-----END PGP SIGNATURE-----

60
SOURCES/SIGNATURES-3.4.10.txt
View File

@ -1,60 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-3.4.10.tar.xz: 32344804 bytes
SHA256(wireshark-3.4.10.tar.xz)=8aa7ef4a44ae62bb8db463cf761e2cc03b97305e0e77ed5be53fa83729187cef
RIPEMD160(wireshark-3.4.10.tar.xz)=eef58ec4e28c6eecc382c1f000257ab60ee6c40c
SHA1(wireshark-3.4.10.tar.xz)=63839abd94d3ae376f860e2d2969777680106578
Wireshark-win64-3.4.10.exe: 71382832 bytes
SHA256(Wireshark-win64-3.4.10.exe)=faa83ac4f289d07d8e1bacb7e7611758b231a9c00b18e816654f40e7437529fd
RIPEMD160(Wireshark-win64-3.4.10.exe)=63068a04839ff02828a6915fe648da25cdeadc84
SHA1(Wireshark-win64-3.4.10.exe)=00c419e3382d24289cfc9d74be6f37934b784066
Wireshark-win32-3.4.10.exe: 55424616 bytes
SHA256(Wireshark-win32-3.4.10.exe)=3bceac74d2d7c388e01b6c25b20088c234fefbcd83e3c960b3e0fcc1eca7839d
RIPEMD160(Wireshark-win32-3.4.10.exe)=84acc6b49f1e8735ec53127b1d9de14a1d121b2f
SHA1(Wireshark-win32-3.4.10.exe)=d6486f9015e60e633f0f2a7fd5152959c4bb749b
Wireshark-win64-3.4.10.msi: 49291264 bytes
SHA256(Wireshark-win64-3.4.10.msi)=b31288207b23700931ddb83785bcc9a9a775758029fbc1cdd653f65b8d802e7d
RIPEMD160(Wireshark-win64-3.4.10.msi)=d93a0cfebe7c2e412ade6e25c3a225b643d498e0
SHA1(Wireshark-win64-3.4.10.msi)=e36624c35824966255f768dc74148a7fe4a895d2
Wireshark-win32-3.4.10.msi: 43925504 bytes
SHA256(Wireshark-win32-3.4.10.msi)=6b6770e596968fdb0e68af3e3dba77631004f374accda085dc59df799011fa0f
RIPEMD160(Wireshark-win32-3.4.10.msi)=374b51b4934bd5d98023df4b8be355bf2c1515e9
SHA1(Wireshark-win32-3.4.10.msi)=df8a5c168bad317ff7b6ed1f12dec4926a2983f2
WiresharkPortable_3.4.10.paf.exe: 38220424 bytes
SHA256(WiresharkPortable_3.4.10.paf.exe)=85f2382b854be81ee7bc3deedaab41214e60e17a83c25822d4e5831c1d88e379
RIPEMD160(WiresharkPortable_3.4.10.paf.exe)=644f056554925fc37a44cfb247d0678efcb01c81
SHA1(WiresharkPortable_3.4.10.paf.exe)=8b36a16b9b602a1f5bb8cc37453fd1678e8fa476
Wireshark 3.4.10 Intel 64.dmg: 131298336 bytes
SHA256(Wireshark 3.4.10 Intel 64.dmg)=1267edf27870fe17e504f2377f78eb7510c4a13e4b53b9b00e171303208749c4
RIPEMD160(Wireshark 3.4.10 Intel 64.dmg)=880a76731ddaed630bfc575e36627cad1e239249
SHA1(Wireshark 3.4.10 Intel 64.dmg)=8783733e2f6f124c102b51f2e245d9deab11ff6d
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAmGVXKYACgkQgiRKeOb+
rurDaQ//bZ7JSUS+v+eN1Te+TOBEmurQPc9oiY4/nQKa9vb4pKK3kP36zsUE59qT
hDCWWxijG4fgriFeMNKPJ9YErzEWyPkIEtXwyke2ubuIiNkRKhvSfz8BME49M9lD
ybPz/Rer2a/QS0+tU1LSd7NBArJdfxn3QtYbOLBkrqTSCH3eaxXQfKvM9mta10ZW
9YWxOVF8Lz4QqbolTb16ZgfcCI1XryOGs4W4Hd/YpaUnXvW6eYjIWs+KvCFQv/90
3nVjZbeMmW+lyLk1QhoLYo/wW+E80Cf8q5eCx/ohTauBIkcz2okpmB//UmYS4Ldv
YYyngLMIJpyZxry5YSg8lqBEwSOJh25cSxrKIdthzJMBFHAvtb7QKzGPPLBbvnnt
IBGq+u80/HqPRLdeBmbdS8e/YtHFSxTdLDb0wfNQ5p/Re/r9x35dFU/6Pafbr19E
s+FhEAcM66P7hECP91oDd6w3TuE9ZtdKzGNPUSezUSSn5D5FduLQ/lqGfnUV0qBm
ADi5tqoSkluGWfUefZ2KiUOlhQ4Lr82JaZbBnws8rY+krjRrGUxtnuwdKUTRNcTU
o5eWlVCvORvaKDJxaWw/3WoSpiP0dmio8XAz7gPxufyBcbw/xIQ+v53rmxIT7O6/
b97ZED+ZpU7kpYS8pnvTPPbj3nB4HHPpUkygHUvoUMxibFjOj2o=
=SVDw
-----END PGP SIGNATURE-----

5
SOURCES/wireshark-0002-Customize-permission-denied-error.patch
View File

@ -26,7 +26,7 @@ index 2f9d2cc..b18e47f 100644
- g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s",
- argv[0], g_strerror(errno));
+ if (errno == EPERM || errno == EACCES)
+ securitymsg = "\nAre you a member of the 'wireshark' group? Try running\n'usermod -a -G wireshark _your_username_' as root.";
+ securitymsg = "\nAre you a member of the 'wireshark' group? Try running\n'usermod -a -G wireshark _your_username_' as root.";
+ g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s%s",
+ argv[0], g_strerror(errno), securitymsg);
+
@ -41,12 +41,13 @@ index 2f9d2cc..b18e47f 100644
int sync_pipe[2]; /* pipe used to send messages from child to parent */
int data_pipe[2]; /* pipe used to send data from child to parent */
#endif
@@ -1003,8 +1008,10 @@ sync_pipe_open_command(char** argv, int *data_read_fd,
@@ -1003,8 +1008,11 @@ sync_pipe_open_command(char** argv, int *data_read_fd,
ws_close(sync_pipe[PIPE_READ]);
ws_close(sync_pipe[PIPE_WRITE]);
execv(argv[0], argv);
- g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s",
- argv[0], g_strerror(errno));
+ execv(argv[0], (gpointer)argv);
+ if (errno == EPERM || errno == EACCES)
+ securitymsg = "\nAre you a member of the 'wireshark' group? Try running\n'usermod -a -G wireshark _your_username_' as root.";
+ g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s%s",

2
SOURCES/wireshark-0004-Restore-Fedora-specific-groups.patch
View File

@ -10,6 +10,6 @@ index 334db48..669c6f1 100644
@@ -108,4 +108,4 @@ Terminal=false
MimeType=application/vnd.tcpdump.pcap;application/x-pcapng;application/x-snoop;application/x-iptrace;application/x-lanalyzer;application/x-nettl;application/x-radcom;application/x-etherpeek;application/x-visualnetworks;application/x-netinstobserver;application/x-5view;application/x-tektronix-rf5;application/x-micropross-mplog;application/x-apple-packetlogger;application/x-endace-erf;application/ipfix;application/x-ixia-vwr;
# Category entry according to:
# https://specifications.freedesktop.org/menu-spec/1.0/
# http://standards.freedesktop.org/menu-spec/1.0/
-Categories=Network;Monitor;Qt;
+Categories=Application;Network;Monitor;Qt;

119
SOURCES/wireshark-0006-Move-tmp-to-var-tmp.patch
View File

@ -6,18 +6,41 @@ Subject: [PATCH] Move /tmp to /var/tmp
Fedora is using tmpfs which is limited by the size of RAM, thus we need
to use different directory on different filesystem.
---
ui/gtk/about_dlg.c | 3 +-
ui/qt/about_dialog.cpp | 3 +-
ui/qt/iax2_analysis_dialog.cpp | 5 +--
ui/qt/rtp_analysis_dialog.cpp | 5 +--
ui/qt/rtp_audio_stream.cpp | 3 +-
wsutil/Makefile.am | 6 ++--
wsutil/tempfile.c | 9 +++---
wsutil/tempfile.h | 4 +--
wsutil/wstmpdir.c | 70 ++++++++++++++++++++++++++++++++++++++++++
wsutil/wstmpdir.h | 39 +++++++++++++++++++++++
8 files changed, 132 insertions(+), 11 deletions(-)
10 files changed, 132 insertions(+), 15 deletions(-)
create mode 100644 wsutil/wstmpdir.c
create mode 100644 wsutil/wstmpdir.h
diff --git a/ui/gtk/about_dlg.c b/ui/gtk/about_dlg.c
index 22ca841..6bcb527 100644
--- a/ui/gtk/about_dlg.c
+++ b/ui/gtk/about_dlg.c
@@ -28,6 +28,7 @@
#include <gtk/gtk.h>
#include <wsutil/filesystem.h>
+#include <wsutil/wstmpdir.h> /* for get_tmp_dir() */
#include <wsutil/copyright_info.h>
#include <version_info.h>
#ifdef HAVE_LIBSMI
@@ -427,7 +428,7 @@ about_folders_page_new(void)
"capture files");
/* temp */
- about_folders_row(table, "Temp", g_get_tmp_dir(),
+ about_folders_row(table, "Temp", get_tmp_dir(),
"untitled capture files");
/* pers conf */
diff --git a/ui/qt/about_dialog.cpp b/ui/qt/about_dialog.cpp
index 31dc581..2f74285 100644
--- a/ui/qt/about_dialog.cpp
@ -31,14 +54,14 @@ index 31dc581..2f74285 100644
#include <QDesktopServices>
#include <QUrl>
@@ -206,7 +206,7 @@ FolderListModel::FolderListModel(QObject * parent):
appendRow(QStringList() << tr("\"File\" dialogs") << get_last_open_dir() << tr("capture files"));
appendRow( QStringList() << tr("\"File\" dialogs") << get_last_open_dir() << tr("capture files"));
/* temp */
- appendRow(QStringList() << tr("Temp") << g_get_tmp_dir() << tr("untitled capture files"));
+ appendRow(QStringList() << tr("Temp") << get_tmp_dir() << tr("untitled capture files"));
- appendRow( QStringList() << tr("Temp") << g_get_tmp_dir() << tr("untitled capture files"));
+ appendRow( QStringList() << tr("Temp") << get_tmp_dir() << tr("untitled capture files"));
/* pers conf */
appendRow(QStringList() << tr("Personal configuration")
appendRow( QStringList() << tr("Personal configuration")
diff --git a/ui/qt/iax2_analysis_dialog.cpp b/ui/qt/iax2_analysis_dialog.cpp
index ee4e5fd..fe17a95 100644
--- a/ui/qt/iax2_analysis_dialog.cpp
@ -110,51 +133,64 @@ index fde66c8..b9531d2 100644
tempfile_ = new QTemporaryFile(tempname, this);
tempfile_->open();
diff --git a/wsutil/Makefile.am b/wsutil/Makefile.am
index 2af1b6c..aa149a2 100644
--- a/wsutil/Makefile.am
+++ b/wsutil/Makefile.am
@@ -90,6 +90,7 @@ WSUTIL_PUBLIC_INCLUDES = \
ws_pipe.h \
ws_printf.h \
wsjsmn.h \
+ wstmpdir.h \
wsgcrypt.h \
wsgetopt.h \
wspcap.h \
@@ -168,6 +169,7 @@ libwsutil_la_SOURCES = \
ws_pipe.c \
wsgcrypt.c \
wsjsmn.c \
+ wstmpdir.c \
xtea.c
if HAVE_PLUGINS
diff --git a/wsutil/tempfile.c b/wsutil/tempfile.c
index 5082452..f751a7c 100644
index 8e1f8dc..dcf2f78 100644
--- a/wsutil/tempfile.c
+++ b/wsutil/tempfile.c
@@ -12,10 +12,12 @@
@@ -36,6 +36,7 @@
#include <glib.h>
#include "tempfile.h"
+#include <wsutil/file_util.h>
#include <wsutil/file_util.h>
+#include <wsutil/wstmpdir.h> /* for get_tmp_dir() */
/**
* Create a tempfile with the given prefix (e.g. "wireshark"). The path
- * is created using g_file_open_tmp.
+ * is created using get_tmp_dir.
*
* @param namebuf [in,out] If not NULL, receives the full path of the temp file.
* Must be freed.
@@ -30,6 +31,9 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err)
#ifndef __set_errno
#define __set_errno(x) errno=(x)
@@ -83,13 +83,14 @@ mkstemps(char *path_template, int suffixlen)
*/
char *get_tempfile_path(const char *filename)
{
int fd;
gchar *safe_pfx = NULL;
+ gchar *tmp_file;
+ const char *tmp_dir;
+ int old_mask;
- return g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s", g_get_tmp_dir(), filename);
+ return g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s", get_tmp_dir(), filename);
}
if (pfx) {
/* The characters in "delimiters" come from:
@@ -49,7 +53,15 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err)
gchar* filetmpl = g_strdup_printf("%sXXXXXX%s", safe_pfx ? safe_pfx : "", sfx ? sfx : "");
g_free(safe_pfx);
#define MAX_TEMPFILES 3
- fd = g_file_open_tmp(filetmpl, namebuf, err);
/**
- * Create a tempfile with the given prefix (e.g. "wireshark").
+ * Create a tempfile with the given prefix (e.g. "wireshark"). The path
+ * is created using get_tmp_dir and mkdtemp
*
* @param namebuf If not NULL, receives the full path of the temp file.
* Should NOT be freed.
@@ -199,7 +200,7 @@ create_tempfile(char **namebuf, const char *pfx, const char *sfx)
tf[idx].path = (char *)g_malloc(tf[idx].len);
}
- tmp_dir = g_get_tmp_dir();
+ tmp_dir = get_tmp_dir();
+ tmp_file = g_strconcat(tmp_dir, "/", filetmpl, NULL);
+
+ if (namebuf)
+ *namebuf = tmp_file;
+
+ old_mask = ws_umask(0077);
+ fd = mkstemps(tmp_file, sfx ? (int) strlen(sfx) : 0);
+ ws_umask(old_mask);
g_free(filetmpl);
return fd;
#ifdef _WIN32
_tzset();
diff --git a/wsutil/tempfile.h b/wsutil/tempfile.h
index 1dca2df..bb3160c 100644
--- a/wsutil/tempfile.h
@ -163,17 +199,17 @@ index 1dca2df..bb3160c 100644
/**
* Create a tempfile with the given prefix (e.g. "wireshark"). The path
- * is created using g_file_open_tmp.
- * is created using g_get_tmp_dir and mkstemp.
+ * is created using get_tmp_dir and mkstemp.
*
* @param namebuf [in,out] If not NULL, receives the full path of the temp file.
* Must be freed.
* Must NOT be freed.
diff --git a/wsutil/wstmpdir.c b/wsutil/wstmpdir.c
new file mode 100644
index 0000000..d8b733b
--- /dev/null
+++ b/wsutil/wstmpdir.c
@@ -0,0 +1,71 @@
@@ -0,0 +1,70 @@
+/* wstmpdir.c
+ *
+ * Copyright (C) 2013 Red Hat, Inc. All right reserved.
@ -231,7 +267,6 @@ index 0000000..d8b733b
+ k = strlen(tmp);
+ if (k > 1 && G_IS_DIR_SEPARATOR(tmp[k - 1]))
+ tmp[k - 1] = '\0';
+ fprintf(stderr, "Using P_tmpdir: %s\n", P_tmpdir);
+ }
+#endif /* P_tmpdir */
+

17
SOURCES/wireshark-0007-cmakelists.patch
View File

@ -1,3 +1,16 @@
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 9e3b555..b0abd84 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -3069,7 +3069,7 @@ if(RPMBUILD_EXECUTABLE AND GIT_EXECUTABLE)
endif()
execute_process(
- COMMAND git describe --abbrev=8 --match v[1-9]*
+ COMMAND git describe --always --abbrev=8 --match v[1-9]*
OUTPUT_VARIABLE _git_description
OUTPUT_STRIP_TRAILING_WHITESPACE
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
diff --git a/wsutil/CMakeLists.txt b/wsutil/CMakeLists.txt
index 0367cd1..6382a2c 100644
--- a/wsutil/CMakeLists.txt
@ -7,7 +20,7 @@ index 0367cd1..6382a2c 100644
ws_pipe.h
ws_printf.h
+ wstmpdir.h
wsjson.h
wsjsmn.h
xtea.h
)
@@ -118,6 +118,7 @@ set(WSUTIL_COMMON_FILES
@ -16,5 +29,5 @@ index 0367cd1..6382a2c 100644
ws_pipe.c
+ wstmpdir.c
wsgcrypt.c
wsjson.c
wsjsmn.c
xtea.c

86
SOURCES/wireshark-0008-CVE-2018-16056.patch Normal file
View File

@ -0,0 +1,86 @@
diff --git a/epan/dissectors/packet-btatt.c b/epan/dissectors/packet-btatt.c
index 803ed14f92..10375c0046 100644
--- a/epan/dissectors/packet-btatt.c
+++ b/epan/dissectors/packet-btatt.c
@@ -4205,6 +4205,19 @@ dissect_handle(proto_tree *tree, packet_info *pinfo, gint hf,
static gint
btatt_dissect_attribute_handle(guint16 handle, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, btatt_data_t *att_data);
+static int
+btatt_call_dissector_by_dissector_name_with_data(const char *dissector_name,
+ tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
+{
+ dissector_handle_t handle;
+
+ handle = find_dissector(dissector_name);
+ if (handle != NULL)
+ return call_dissector_with_data(handle, tvb, pinfo, tree, data);
+ else
+ return call_data_dissector(tvb, pinfo, tree);
+}
+
static gint
dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *pinfo, tvbuff_t *old_tvb,
gint old_offset, gint length, guint16 handle, bluetooth_uuid_t uuid, btatt_data_t *att_data)
@@ -4728,7 +4741,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
proto_tree_add_item(tree, hf_btatt_value_trigger_setting_analog, tvb, offset, 2, ENC_LITTLE_ENDIAN);
offset += 2;
} else if (value == 4) {
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a56"), tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a56", tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
offset += 1;
} else if (value == 5 || value == 6) {
proto_tree_add_item(tree, hf_btatt_value_trigger_setting_analog_one, tvb, offset, 2, ENC_LITTLE_ENDIAN);
@@ -6443,10 +6456,10 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
if (bluetooth_gatt_has_no_parameter(att_data->opcode))
break;
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a56"), tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a56", tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
offset += 1;
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a58"), tvb_new_subset_length_caplen(tvb, offset, 2, 2), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a58", tvb_new_subset_length_caplen(tvb, offset, 2, 2), pinfo, tree, att_data);
offset += 2;
break;
@@ -6543,7 +6556,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
sub_item = proto_tree_add_item(tree, hf_btatt_plx_spot_check_measurement_timestamp, tvb, offset, 7, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_btatt_value);
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
offset += 7;
}
@@ -9116,7 +9129,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
sub_item = proto_tree_add_item(tree, hf_btatt_ots_object_first_created, tvb, offset, 7, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_btatt_value);
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
offset += 7;
break;
@@ -9135,7 +9148,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
sub_item = proto_tree_add_item(tree, hf_btatt_ots_object_last_modified, tvb, offset, 7, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_btatt_value);
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
offset += 7;
break;
@@ -9342,10 +9355,10 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
break;
case 0x06: /* Created Between */
case 0x07: /* Modified Between */
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
offset += 7;
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
offset += 7;
break;

27
SOURCES/wireshark-0009-CVE-2018-16057.patch Normal file
View File

@ -0,0 +1,27 @@
diff --git a/epan/dissectors/packet-ieee80211-radiotap-iter.c b/epan/dissectors/packet-ieee80211-radiotap-iter.c
index 56ca297434..4006637fb2 100644
--- a/epan/dissectors/packet-ieee80211-radiotap-iter.c
+++ b/epan/dissectors/packet-ieee80211-radiotap-iter.c
@@ -131,6 +131,7 @@ int ieee80211_radiotap_iterator_init(
iterator->_bitmap_shifter = get_unaligned_le32(&radiotap_header->it_present);
iterator->_arg = (guint8 *)radiotap_header + sizeof(*radiotap_header);
iterator->_reset_on_ext = 0;
+ iterator->_next_ns_data = NULL;
iterator->_next_bitmap = &radiotap_header->it_present;
iterator->_next_bitmap++;
iterator->_vns = vns;
@@ -287,9 +288,14 @@ int ieee80211_radiotap_iterator_next(
}
if (!align) {
/* skip all subsequent data */
+ if (!iterator->_next_ns_data)
+ return -EINVAL;
iterator->_arg = iterator->_next_ns_data;
/* give up on this namespace */
iterator->current_namespace = NULL;
+ iterator->_next_ns_data = NULL;
+ if (!ITERATOR_VALID(iterator, 0))
+ return -EINVAL;
goto next_entry;
}
break;

19
SOURCES/wireshark-0010-CVE-2018-16058.patch Normal file
View File

@ -0,0 +1,19 @@
diff --git a/epan/dissectors/packet-btavdtp.c b/epan/dissectors/packet-btavdtp.c
index a0df20a2de..4078228177 100644
--- a/epan/dissectors/packet-btavdtp.c
+++ b/epan/dissectors/packet-btavdtp.c
@@ -719,13 +719,11 @@ dissect_sep(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gint offset,
key[6].length = 0;
key[6].key = NULL;
- sep_data = wmem_new(wmem_file_scope(), sep_entry_t);
+ sep_data = wmem_new0(wmem_file_scope(), sep_entry_t);
sep_data->seid = seid;
sep_data->type = type;
sep_data->media_type = media_type;
- sep_data->int_seid = 0;
sep_data->codec = -1;
- sep_data->content_protection_type = 0;
if (in_use) {
sep_data->state = SEP_STATE_IN_USE;
} else {

56
SOURCES/wireshark-0010-fips-ripemd160.patch
View File

@ -1,56 +0,0 @@
diff --git a/capinfos.c b/capinfos.c
index 5536766..12b141e 100644
--- a/capinfos.c
+++ b/capinfos.c
@@ -739,7 +739,8 @@ print_stats(const gchar *filename, capture_info *cf_info)
}
if (cap_file_hashes) {
printf ("SHA256: %s\n", file_sha256);
- printf ("RIPEMD160: %s\n", file_rmd160);
+ if(!gcry_fips_mode_active())
+ printf ("RIPEMD160: %s\n", file_rmd160);
printf ("SHA1: %s\n", file_sha1);
}
if (cap_order) printf ("Strict time order: %s\n", order_string(cf_info->order));
@@ -851,7 +852,8 @@ print_stats_table_header(void)
if (cap_packet_rate) print_stats_table_header_label("Average packet rate (packets/sec)");
if (cap_file_hashes) {
print_stats_table_header_label("SHA256");
- print_stats_table_header_label("RIPEMD160");
+ if(!gcry_fips_mode_active())
+ print_stats_table_header_label("RIPEMD160");
print_stats_table_header_label("SHA1");
}
if (cap_order) print_stats_table_header_label("Strict time order");
@@ -1447,7 +1449,10 @@ print_usage(FILE *output)
fprintf(output, " -E display the capture file encapsulation\n");
fprintf(output, " -I display the capture file interface information\n");
fprintf(output, " -F display additional capture file information\n");
- fprintf(output, " -H display the SHA256, RMD160, and SHA1 hashes of the file\n");
+ if(!gcry_fips_mode_active())
+ fprintf(output, " -H display the SHA256 and SHA1 hashes of the file\n");
+ else
+ fprintf(output, " -H display the SHA256, RMD160, and SHA1 hashes of the file\n");
fprintf(output, " -k display the capture comment\n");
fprintf(output, "\n");
fprintf(output, "Size infos:\n");
@@ -1795,7 +1800,8 @@ main(int argc, char *argv[])
gcry_check_version(NULL);
gcry_md_open(&hd, GCRY_MD_SHA256, 0);
if (hd) {
- gcry_md_enable(hd, GCRY_MD_RMD160);
+ if(!gcry_fips_mode_active())
+ gcry_md_enable(hd, GCRY_MD_RMD160);
gcry_md_enable(hd, GCRY_MD_SHA1);
}
hash_buf = (char *)g_malloc(HASH_BUF_SIZE);
@@ -1817,7 +1823,8 @@ main(int argc, char *argv[])
}
gcry_md_final(hd);
hash_to_str(gcry_md_read(hd, GCRY_MD_SHA256), HASH_SIZE_SHA256, file_sha256);
- hash_to_str(gcry_md_read(hd, GCRY_MD_RMD160), HASH_SIZE_RMD160, file_rmd160);
+ if(!gcry_fips_mode_active())
+ hash_to_str(gcry_md_read(hd, GCRY_MD_RMD160), HASH_SIZE_RMD160, file_rmd160);
hash_to_str(gcry_md_read(hd, GCRY_MD_SHA1), HASH_SIZE_SHA1, file_sha1);
}
if (fh) fclose(fh);

142
SOURCES/wireshark-0011-cve-2022-3190.patch
View File

@ -1,142 +0,0 @@
From 0f27a83c5692b2afebe6e6934c1051f76aa2ecf9 Mon Sep 17 00:00:00 2001
From: Jason Cohen <kryojenik2@gmail.com>
Date: Wed, 31 Aug 2022 11:10:17 -0500
Subject: [PATCH] f5ethtrailer: Improve "old-style" heuristic
Remove a chance for an infinate loop in the disection heuristic.
---
epan/dissectors/packet-f5ethtrailer.c | 108 +++++++++++++-------------
1 file changed, 56 insertions(+), 52 deletions(-)
diff --git a/epan/dissectors/packet-f5ethtrailer.c b/epan/dissectors/packet-f5ethtrailer.c
index b2ba8f899d..915348ea83 100644
--- a/epan/dissectors/packet-f5ethtrailer.c
+++ b/epan/dissectors/packet-f5ethtrailer.c
@@ -2751,69 +2751,73 @@ dissect_dpt_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *d
static gint
dissect_old_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
- proto_tree *type_tree = NULL;
- proto_item *ti = NULL;
guint offset = 0;
- guint processed = 0;
- f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data;
- guint8 type;
- guint8 len;
- guint8 ver;
/* While we still have data in the trailer. For old format trailers, this needs
* type, length, version (3 bytes) and for new format trailers, the magic header (4 bytes).
* All old format trailers are at least 4 bytes long, so just check for length of magic.
*/
- while (tvb_reported_length_remaining(tvb, offset)) {
- type = tvb_get_guint8(tvb, offset);
- len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION;
- ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION);
-
- if (len <= tvb_reported_length_remaining(tvb, offset) && type >= F5TYPE_LOW
- && type <= F5TYPE_HIGH && len >= F5_MIN_SANE && len <= F5_MAX_SANE
- && ver <= F5TRAILER_VER_MAX) {
- /* Parse out the specified trailer. */
- switch (type) {
- case F5TYPE_LOW:
- ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low);
-
- processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_low = 1;
- }
- break;
- case F5TYPE_MED:
- ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med);
-
- processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_med = 1;
- }
- break;
- case F5TYPE_HIGH:
- ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high);
-
- processed =
- dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_high = 1;
- }
- break;
+ while (tvb_reported_length_remaining(tvb, offset) >= F5_MIN_SANE) {
+ /* length field does not include the type and length bytes. Add them back in */
+ guint8 len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION;
+ if (len > tvb_reported_length_remaining(tvb, offset)
+ || len < F5_MIN_SANE || len > F5_MAX_SANE) {
+ /* Invalid length - either a malformed trailer, corrupt packet, or not f5ethtrailer */
+ return offset;
+ }
+ guint8 type = tvb_get_guint8(tvb, offset);
+ guint8 ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION);
+
+ /* Parse out the specified trailer. */
+ proto_tree *type_tree = NULL;
+ proto_item *ti = NULL;
+ f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data;
+ guint processed = 0;
+
+ switch (type) {
+ case F5TYPE_LOW:
+ ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low);
+
+ processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_low = 1;
}
- if (processed == 0) {
- proto_item_set_len(ti, 1);
- return offset;
+ break;
+ case F5TYPE_MED:
+ ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med);
+
+ processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_med = 1;
+ }
+ break;
+ case F5TYPE_HIGH:
+ ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high);
+
+ processed =
+ dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_high = 1;
}
+ break;
+ default:
+ /* Unknown type - malformed trailer, corrupt packet, or not f5ethtrailer - bali out*/
+ return offset;
+ }
+ if (processed == 0) {
+ /* couldn't process trailer - bali out */
+ proto_item_set_len(ti, 1);
+ return offset;
}
offset += processed;
}
-return offset;
+ return offset;
} /* dissect_old_trailer() */
/*---------------------------------------------------------------------------*/
--
GitLab

170
SOURCES/wireshark-0011-tshark-missing-N-option.patch Normal file
View File

@ -0,0 +1,170 @@
From 8dfaa8fa7c97cd1372a0a233b83fbc7945447b75 Mon Sep 17 00:00:00 2001
From: Uli Heilmeier <uh@heilmeier.eu>
Date: Fri, 05 Oct 2018 08:54:55 +0200
Subject: [PATCH] *shark: Update help and manpage for name resolving
Add 'v' option for VLAN ID resolving and get rid of
deprecated 'C' option.
Bug: 14826
Change-Id: I63104f4a465d251048693ad02882ea7eb2c4d926
Reviewed-on: https://code.wireshark.org/review/30029
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
---
diff --git a/doc/rawshark.pod b/doc/rawshark.pod
index be6caee..8f10445 100644
--- a/doc/rawshark.pod
+++ b/doc/rawshark.pod
@@ -183,6 +183,8 @@
B<d> to enable resolution from captured DNS packets
+B<v> to enable VLAN IDs to names resolution
+
=item -o E<lt>preferenceE<gt>:E<lt>valueE<gt>
Set a preference value, overriding the default value and any value read
diff --git a/doc/tshark.pod b/doc/tshark.pod
index 263332b..8aff736 100644
--- a/doc/tshark.pod
+++ b/doc/tshark.pod
@@ -676,6 +676,8 @@
B<t> to enable transport-layer port number resolution
+B<v> to enable VLAN IDs to names resolution
+
=item -o E<lt>preferenceE<gt>:E<lt>valueE<gt>
Set a preference value, overriding the default value and any value read
diff --git a/doc/wireshark.pod.template b/doc/wireshark.pod.template
index a25ea65..c45581f 100644
--- a/doc/wireshark.pod.template
+++ b/doc/wireshark.pod.template
@@ -499,6 +499,8 @@
B<d> to enable resolution from captured DNS packets
+B<v> to enable VLAN IDs to names resolution
+
=item -o E<lt>preference/recent settingE<gt>
Set a preference or recent value, overriding the default value and any value
diff --git a/docbook/wsug_src/WSUG_chapter_customize.asciidoc b/docbook/wsug_src/WSUG_chapter_customize.asciidoc
index 67afafc..a7411c4 100644
--- a/docbook/wsug_src/WSUG_chapter_customize.asciidoc
+++ b/docbook/wsug_src/WSUG_chapter_customize.asciidoc
@@ -76,7 +76,7 @@
Processing:
-R <read filter> packet filter in Wireshark display filter syntax
-n disable all name resolutions (def: all enabled)
- -N <name resolve flags> enable specific name resolution(s): "mnNtCd"
+ -N <name resolve flags> enable specific name resolution(s): "mnNtdv"
-d <layer_type>==<selector>,<decode_as_protocol> ...
"Decode As”, see the man page for details
Example: tcp.port==8888,http
@@ -295,6 +295,7 @@
resolution, `n` to enable network address resolution, and `t` to enable
transport-layer port number resolution. This overrides `-n` if both `-N` and
`-n` are present. The letter `d` enables resolution from captured DNS packets.
+The letter `v` enables resolution from VLAN IDs to names.
-o <preference or recent settings>::
diff --git a/docbook/wsug_src/rawshark-h.txt b/docbook/wsug_src/rawshark-h.txt
index 39aeec0..7de64ec 100644
--- a/docbook/wsug_src/rawshark-h.txt
+++ b/docbook/wsug_src/rawshark-h.txt
@@ -13,7 +13,7 @@
-F <field> field to display
-m virtual memory limit, in bytes
-n disable all name resolution (def: all enabled)
- -N <name resolve flags> enable specific name resolution(s): "mnNtd"
+ -N <name resolve flags> enable specific name resolution(s): "mnNtdv"
-p use the system's packet header format
(which may have 64-bit timestamps)
-R <read filter> packet filter in Wireshark display filter syntax
diff --git a/docbook/wsug_src/tshark-h.txt b/docbook/wsug_src/tshark-h.txt
index 9eaccda..ffe12b9 100644
--- a/docbook/wsug_src/tshark-h.txt
+++ b/docbook/wsug_src/tshark-h.txt
@@ -38,7 +38,7 @@
-Y <display filter> packet displaY filter in Wireshark display filter
syntax
-n disable all name resolutions (def: all enabled)
- -N <name resolve flags> enable specific name resolution(s): "mnNtCd"
+ -N <name resolve flags> enable specific name resolution(s): "mnNtdv"
-d <layer_type>==<selector>,<decode_as_protocol> ...
"Decode As", see the man page for details
Example: tcp.port==8888,http
diff --git a/epan/prefs.c b/epan/prefs.c
index 34c05d3..d732eb2 100644
--- a/epan/prefs.c
+++ b/epan/prefs.c
@@ -4932,10 +4932,6 @@
case 't':
name_resolve->transport_name = TRUE;
break;
- case 'C':
- /* DEPRECATED */
- /* name_resolve->concurrent_dns */
- break;
case 'd':
name_resolve->dns_pkt_addr_resolution = TRUE;
break;
diff --git a/rawshark.c b/rawshark.c
index 61875c1..29cb2ba 100644
--- a/rawshark.c
+++ b/rawshark.c
@@ -190,7 +190,7 @@
fprintf(output, " -m virtual memory limit, in bytes\n");
#endif
fprintf(output, " -n disable all name resolution (def: all enabled)\n");
- fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtd\"\n");
+ fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtdv\"\n");
fprintf(output, " -p use the system's packet header format\n");
fprintf(output, " (which may have 64-bit timestamps)\n");
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
diff --git a/tshark.c b/tshark.c
index a152c2b..2d84153 100644
--- a/tshark.c
+++ b/tshark.c
@@ -370,7 +370,7 @@
fprintf(output, " -Y <display filter> packet displaY filter in Wireshark display filter\n");
fprintf(output, " syntax\n");
fprintf(output, " -n disable all name resolutions (def: all enabled)\n");
- fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtCd\"\n");
+ fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtdv\"\n");
fprintf(output, " -d %s ...\n", DECODE_AS_ARG_TEMPLATE);
fprintf(output, " \"Decode As\", see the man page for details\n");
fprintf(output, " Example: tcp.port==8888,http\n");
diff --git a/ui/commandline.c b/ui/commandline.c
index 6a26be3..7c0768a 100644
--- a/ui/commandline.c
+++ b/ui/commandline.c
@@ -123,7 +123,7 @@
fprintf(output, "Processing:\n");
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
fprintf(output, " -n disable all name resolutions (def: all enabled)\n");
- fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtd\"\n");
+ fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtdv\"\n");
fprintf(output, " -d %s ...\n", DECODE_AS_ARG_TEMPLATE);
fprintf(output, " \"Decode As\", see the man page for details\n");
fprintf(output, " Example: tcp.port==8888,http\n");
diff --git a/ui/dissect_opts.c b/ui/dissect_opts.c
index 77e7b58..c6aa771 100644
--- a/ui/dissect_opts.c
+++ b/ui/dissect_opts.c
@@ -79,7 +79,8 @@
"\t'n' to enable network address resolution\n"
"\t'N' to enable using external resolvers (e.g., DNS)\n"
"\t for network address resolution\n"
- "\t't' to enable transport-layer port number resolution");
+ "\t't' to enable transport-layer port number resolution\n"
+ "\t'v' to enable VLAN IDs to names resolution");
return FALSE;
}
break;

109
SOURCES/wireshark-0012-CVE-12086.patch Normal file
View File

@ -0,0 +1,109 @@
diff --git a/plugins/epan/opcua/opcua.c b/plugins/epan/opcua/opcua.c
index fc26d9f30d..4ca68a9e83 100644
--- a/plugins/epan/opcua/opcua.c
+++ b/plugins/epan/opcua/opcua.c
@@ -38,7 +38,7 @@ void proto_reg_handoff_opcua(void);
/* declare parse function pointer */
typedef int (*FctParse)(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, gint *pOffset);
-static int proto_opcua = -1;
+int proto_opcua = -1;
static dissector_handle_t opcua_handle;
/** Official IANA registered port for OPC UA Binary Protocol. */
#define OPCUA_PORT_RANGE "4840"
diff --git a/plugins/epan/opcua/opcua_simpletypes.c b/plugins/epan/opcua/opcua_simpletypes.c
index a787f21c35..ab006b7552 100644
--- a/plugins/epan/opcua/opcua_simpletypes.c
+++ b/plugins/epan/opcua/opcua_simpletypes.c
@@ -20,6 +20,7 @@
#include <epan/packet.h>
#include <epan/expert.h>
#include <epan/dissectors/packet-windows-common.h>
+#include <epan/proto_data.h>
#include "opcua_simpletypes.h"
#include "opcua_hfindeces.h"
#include "opcua_statuscode.h"
@@ -80,6 +81,7 @@
/* Chosen arbitrarily */
#define MAX_ARRAY_LEN 10000
+#define MAX_NESTING_DEPTH 100
static int hf_opcua_diag_mask = -1;
static int hf_opcua_diag_mask_symbolicflag = -1;
@@ -168,6 +170,9 @@ int hf_opcua_resultMask_displayname = -1;
int hf_opcua_resultMask_typedefinition = -1;
static expert_field ei_array_length = EI_INIT;
+static expert_field ei_nesting_depth = EI_INIT;
+
+extern int proto_opcua;
/** NodeId encoding mask table */
static const value_string g_nodeidmasks[] = {
@@ -526,6 +531,7 @@ void registerSimpleTypes(int proto)
static ei_register_info ei[] = {
{ &ei_array_length, { "opcua.array.length", PI_UNDECODED, PI_ERROR, "Max array length exceeded", EXPFILL }},
+ { &ei_nesting_depth, { "opcua.nestingdepth", PI_UNDECODED, PI_ERROR, "Max nesting depth exceeded", EXPFILL }},
};
proto_register_field_array(proto, hf, array_length(hf));
@@ -802,9 +808,19 @@ void parseDiagnosticInfo(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, gi
guint8 EncodingMask;
proto_tree *subtree;
proto_item *ti;
+ guint opcua_nested_count;
subtree = proto_tree_add_subtree_format(tree, tvb, *pOffset, -1, ett_opcua_diagnosticinfo, &ti, "%s: DiagnosticInfo", szFieldName);
+ /* prevent a too high nesting depth */
+ opcua_nested_count = GPOINTER_TO_UINT(p_get_proto_data(pinfo->pool, pinfo, proto_opcua, 0));
+ if (++opcua_nested_count > MAX_NESTING_DEPTH)
+ {
+ expert_add_info(pinfo, ti, &ei_nesting_depth);
+ return;
+ }
+ p_add_proto_data(pinfo->pool, pinfo, proto_opcua, 0, GUINT_TO_POINTER(opcua_nested_count));
+
/* parse encoding mask */
EncodingMask = tvb_get_guint8(tvb, iOffset);
proto_tree_add_bitmask(subtree, tvb, iOffset, hf_opcua_diag_mask, ett_opcua_diagnosticinfo_encodingmask, diag_mask, ENC_LITTLE_ENDIAN);
@@ -912,6 +928,16 @@ void parseVariant(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, gint *pOf
gint iOffset = *pOffset;
guint8 EncodingMask;
gint32 ArrayDimensions = 0;
+ guint opcua_nested_count;
+
+ /* prevent a too high nesting depth */
+ opcua_nested_count = GPOINTER_TO_UINT(p_get_proto_data(pinfo->pool, pinfo, proto_opcua, 0));
+ if (++opcua_nested_count > MAX_NESTING_DEPTH)
+ {
+ expert_add_info(pinfo, ti, &ei_nesting_depth);
+ return;
+ }
+ p_add_proto_data(pinfo->pool, pinfo, proto_opcua, 0, GUINT_TO_POINTER(opcua_nested_count));
EncodingMask = tvb_get_guint8(tvb, iOffset);
proto_tree_add_item(subtree, hf_opcua_variant_encodingmask, tvb, iOffset, 1, ENC_LITTLE_ENDIAN);
@@ -1167,10 +1193,20 @@ void parseExtensionObject(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, g
guint32 TypeId;
proto_tree *extobj_tree;
proto_item *ti;
+ guint opcua_nested_count;
/* add extension object subtree */
extobj_tree = proto_tree_add_subtree_format(tree, tvb, *pOffset, -1, ett_opcua_extensionobject, &ti, "%s: ExtensionObject", szFieldName);
+ /* prevent a too high nesting depth */
+ opcua_nested_count = GPOINTER_TO_UINT(p_get_proto_data(pinfo->pool, pinfo, proto_opcua, 0));
+ if (++opcua_nested_count > MAX_NESTING_DEPTH)
+ {
+ expert_add_info(pinfo, ti, &ei_nesting_depth);
+ return;
+ }
+ p_add_proto_data(pinfo->pool, pinfo, proto_opcua, 0, GUINT_TO_POINTER(opcua_nested_count));
+
/* add nodeid subtree */
TypeId = getExtensionObjectType(tvb, &iOffset);
parseExpandedNodeId(extobj_tree, tvb, pinfo, &iOffset, "TypeId");

29
SOURCES/wireshark-0012-cve-2023-0668.patch
View File

@ -1,29 +0,0 @@
From c4f37d77b29ec6a9754795d0efb6f68d633728d9 Mon Sep 17 00:00:00 2001
From: John Thacker <johnthacker@gmail.com>
Date: Sat, 20 May 2023 23:08:08 -0400
Subject: [PATCH] synphasor: Use val_to_str_const
Don't use a value from packet data to directly index a value_string,
particularly when the value string doesn't cover all possible values.
Fix #19087
---
epan/dissectors/packet-synphasor.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/epan/dissectors/packet-synphasor.c b/epan/dissectors/packet-synphasor.c
index 536847f7502..fdc9e282b3a 100644
--- a/epan/dissectors/packet-synphasor.c
+++ b/epan/dissectors/packet-synphasor.c
@@ -1211,7 +1211,7 @@ static gint dissect_PHSCALE(tvbuff_t *tvb, proto_tree *tree, gint offset, gint c
data_flag_tree = proto_tree_add_subtree_format(single_phasor_scaling_and_flags_tree, tvb, offset, 4,
ett_conf_phflags, NULL, "Phasor Data flags: %s",
- conf_phasor_type[tvb_get_guint8(tvb, offset + 2)].strptr);
+ val_to_str_const(tvb_get_guint8(tvb, offset + 2), conf_phasor_type, "Unknown"));
/* first and second bytes - phasor modification flags*/
phasor_flag1_tree = proto_tree_add_subtree_format(data_flag_tree, tvb, offset, 2, ett_conf_phmod_flags,
--
GitLab

31
SOURCES/wireshark-0013-CVE-18225.patch Normal file
View File

@ -0,0 +1,31 @@
diff --git a/epan/dissectors/packet-coap.c b/epan/dissectors/packet-coap.c
index b37b6c231c..b7afe05f82 100644
--- a/epan/dissectors/packet-coap.c
+++ b/epan/dissectors/packet-coap.c
@@ -450,8 +450,11 @@ dissect_coap_opt_object_security(tvbuff_t *tvb, proto_item *head_item, proto_tre
coinfo->object_security = TRUE;
coinfo->oscore_info->piv = NULL;
+ coinfo->oscore_info->piv_len = 0;
coinfo->oscore_info->kid_context = NULL;
+ coinfo->oscore_info->kid_context_len = 0;
coinfo->oscore_info->kid = NULL;
+ coinfo->oscore_info->kid_len = 0;
if (opt_length == 0) { /* option length is zero, means flag byte is 0x00*/
/* add info to the head of the packet detail */
@@ -1144,11 +1147,9 @@ dissect_coap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* d
/* Indicate to OSCORE that this response contains its own PIV */
coinfo->oscore_info->piv_in_response = TRUE;
coap_trans->oscore_info->piv_in_response = TRUE;
- } else {
- if (coap_trans->oscore_info->piv) {
- /* Use the PIV from the request */
- coinfo->oscore_info->piv = (guint8 *) wmem_memdup(wmem_packet_scope(), coap_trans->oscore_info->piv, coap_trans->oscore_info->piv_len);
- }
+ } else if (coap_trans->oscore_info->piv_len > 0) {
+ /* Use the PIV from the request */
+ coinfo->oscore_info->piv = (guint8 *) wmem_memdup(wmem_packet_scope(), coap_trans->oscore_info->piv, coap_trans->oscore_info->piv_len);
coinfo->oscore_info->piv_len = coap_trans->oscore_info->piv_len;
}
coinfo->oscore_info->response = TRUE;

116
SOURCES/wireshark-0013-cve-2023-0666.patch
View File

@ -1,116 +0,0 @@
From 28fdce547c417b868c521f87fb58f71ca6b1e3f7 Mon Sep 17 00:00:00 2001
From: Gerald Combs <gerald@wireshark.org>
Date: Thu, 18 May 2023 13:52:48 -0700
Subject: [PATCH] RTPS: Fixup our g_strlcpy dest_sizes
Use the proper dest_size in various g_strlcpy calls.
Fixes #19085
---
epan/dissectors/packet-rtps.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/epan/dissectors/packet-rtps.c b/epan/dissectors/packet-rtps.c
index 2884e86faa1..a39202952f6 100644
--- a/epan/dissectors/packet-rtps.c
+++ b/epan/dissectors/packet-rtps.c
@@ -4944,7 +4944,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
++tk_id;
}
- g_strlcpy(type_name, rtps_util_typecode_id_to_string(tk_id), 40);
+ g_strlcpy(type_name, rtps_util_typecode_id_to_string(tk_id), sizeof(type_name));
/* Structure of the typecode data:
*
@@ -5115,7 +5115,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
member_name, -1, NULL, ndds_40_hack);
}
/* Finally prints the name of the struct (if provided) */
- g_strlcpy(type_name, "}", 40);
+ g_strlcpy(type_name, "}", sizeof(type_name));
break;
} /* end of case UNION */
@@ -5286,7 +5286,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
}
}
/* Finally prints the name of the struct (if provided) */
- g_strlcpy(type_name, "}", 40);
+ g_strlcpy(type_name, "}", sizeof(type_name));
break;
}
@@ -5378,7 +5378,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
offset += 4;
alias_name = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, alias_name_length, ENC_ASCII);
offset += alias_name_length;
- g_strlcpy(type_name, alias_name, 40);
+ g_strlcpy(type_name, alias_name, sizeof(type_name));
break;
}
@@ -5413,7 +5413,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
if (tk_id == RTI_CDR_TK_VALUE_PARAM) {
type_id_name = "valueparam";
}
- g_snprintf(type_name, 40, "%s '%s'", type_id_name, value_name);
+ g_snprintf(type_name, sizeof(type_name), "%s '%s'", type_id_name, value_name);
break;
}
} /* switch(tk_id) */
@@ -5577,7 +5577,7 @@ static gint rtps_util_add_type_library_type(proto_tree *tree,
long_number = tvb_get_guint32(tvb, offset_tmp, encoding);
name = tvb_get_string_enc(wmem_packet_scope(), tvb, offset_tmp+4, long_number, ENC_ASCII);
if (info)
- g_strlcpy(info->member_name, name, long_number);
+ g_strlcpy(info->member_name, name, sizeof(info->member_name));
proto_item_append_text(tree, " %s", name);
offset += member_length;
@@ -5753,13 +5753,13 @@ static gint rtps_util_add_type_member(proto_tree *tree,
proto_item_append_text(tree, " %s (ID: %d)", name, member_id);
if (member_object) {
member_object->member_id = member_id;
- g_strlcpy(member_object->member_name, name, long_number < 256 ? long_number : 256);
+ g_strlcpy(member_object->member_name, name, sizeof(member_object->member_name));
member_object->type_id = member_type_id;
}
if (info && info->extensibility == EXTENSIBILITY_MUTABLE) {
mutable_member_mapping * mutable_mapping = NULL;
mutable_mapping = wmem_new(wmem_file_scope(), mutable_member_mapping);
- g_strlcpy(mutable_mapping->member_name, name, long_number < 256 ? long_number : 256);
+ g_strlcpy(mutable_mapping->member_name, name, sizeof(mutable_mapping->member_name));
mutable_mapping->struct_type_id = info->type_id;
mutable_mapping->member_type_id = member_type_id;
mutable_mapping->member_id = member_id;
@@ -5814,7 +5814,7 @@ static gint rtps_util_add_type_union_member(proto_tree *tree,
union_member_mapping * mapping = NULL;
mapping = wmem_new(wmem_file_scope(), union_member_mapping);
- g_strlcpy(mapping->member_name, object.member_name, 256);
+ g_strlcpy(mapping->member_name, object.member_name, sizeof(mapping->member_name));
mapping->member_type_id = object.type_id;
mapping->discriminator = HASHMAP_DISCRIMINATOR_CONSTANT;
mapping->union_type_id = union_type_id + mapping->discriminator;
@@ -5827,7 +5827,7 @@ static gint rtps_util_add_type_union_member(proto_tree *tree,
union_member_mapping * mapping = NULL;
mapping = wmem_new(wmem_file_scope(), union_member_mapping);
- g_strlcpy(mapping->member_name, object.member_name, 256);
+ g_strlcpy(mapping->member_name, object.member_name, sizeof(mapping->member_name));
mapping->member_type_id = object.type_id;
mapping->discriminator = -1;
mapping->union_type_id = union_type_id + mapping->discriminator;
@@ -5847,7 +5847,7 @@ static gint rtps_util_add_type_union_member(proto_tree *tree,
ti = proto_tree_add_item(labels, hf_rtps_type_object_union_label, tvb, offset_tmp, 4, encoding);
offset_tmp += 4;
- g_strlcpy(mapping->member_name, object.member_name, 256);
+ g_strlcpy(mapping->member_name, object.member_name, sizeof(mapping->member_name));
mapping->member_type_id = object.type_id;
mapping->discriminator = discriminator_case;
mapping->union_type_id = union_type_id + discriminator_case;
--
GitLab

57
SOURCES/wireshark-0014-CVE-18226.patch Normal file
View File

@ -0,0 +1,57 @@
diff --git a/epan/dissectors/packet-steam-ihs-discovery.c b/epan/dissectors/packet-steam-ihs-discovery.c
index 1bec81e594..9d238f4e88 100644
--- a/epan/dissectors/packet-steam-ihs-discovery.c
+++ b/epan/dissectors/packet-steam-ihs-discovery.c
@@ -491,9 +491,7 @@ steamdiscover_dissect_body_status(tvbuff_t *tvb, packet_info *pinfo, proto_tree
protobuf_desc_t pb = { tvb, offset, bytes_left };
protobuf_desc_t pb2 = { tvb, 0, 0 };
protobuf_tag_t tag = { 0, 0, 0 };
- wmem_allocator_t* strpool;
guint8 *hostname;
- strpool = wmem_allocator_new(WMEM_ALLOCATOR_SIMPLE);
nstime_t timestamp;
proto_tree *user_tree;
proto_item *user_it;
@@ -522,7 +520,7 @@ steamdiscover_dissect_body_status(tvbuff_t *tvb, packet_info *pinfo, proto_tree
value = get_varint64(pb.tvb, pb.offset, pb.bytes_left, &len);
proto_tree_add_item(tree, hf_steam_ihs_discovery_body_status_hostname, pb.tvb,
pb.offset+len, (gint)value, ENC_UTF_8|ENC_NA);
- hostname = tvb_get_string_enc(strpool, pb.tvb, pb.offset+len, (gint)value, ENC_UTF_8);
+ hostname = tvb_get_string_enc(wmem_packet_scope(), pb.tvb, pb.offset+len, (gint)value, ENC_UTF_8);
if(hostname && strlen(hostname)) {
col_add_fstr(pinfo->cinfo, COL_INFO, "%s from %s", hf_steam_ihs_discovery_header_msgtype_strings[STEAMDISCOVER_MSGTYPE_CLIENTBROADCASTMSGSTATUS].strptr, hostname);
}
@@ -615,7 +613,6 @@ steamdiscover_dissect_body_status(tvbuff_t *tvb, packet_info *pinfo, proto_tree
}
protobuf_seek_forward(&pb, len);
}
- wmem_destroy_allocator(strpool);
}
/* Dissect a CMsgRemoteDeviceAuthorizationRequest protobuf message body.
@@ -648,8 +645,6 @@ steamdiscover_dissect_body_authrequest(tvbuff_t *tvb, packet_info *pinfo, proto_
gint64 value;
protobuf_desc_t pb = { tvb, offset, bytes_left };
protobuf_tag_t tag = { 0, 0, 0 };
- wmem_allocator_t *strpool;
- strpool = wmem_allocator_new(WMEM_ALLOCATOR_SIMPLE);
guint8* devicename;
while (protobuf_iter_next(&pb, &tag)) {
switch(tag.field_number) {
@@ -665,7 +660,7 @@ steamdiscover_dissect_body_authrequest(tvbuff_t *tvb, packet_info *pinfo, proto_
value = get_varint64(pb.tvb, pb.offset, pb.bytes_left, &len);
proto_tree_add_item(tree, hf_steam_ihs_discovery_body_authrequest_devicename, pb.tvb,
pb.offset+len, (gint)value, ENC_UTF_8|ENC_NA);
- devicename = tvb_get_string_enc(strpool, pb.tvb, pb.offset+len, (gint)value, ENC_UTF_8);
+ devicename = tvb_get_string_enc(wmem_packet_scope(), pb.tvb, pb.offset+len, (gint)value, ENC_UTF_8);
if (devicename && strlen(devicename)) {
col_append_fstr(pinfo->cinfo, COL_INFO, " from %s", devicename);
}
@@ -684,7 +679,6 @@ steamdiscover_dissect_body_authrequest(tvbuff_t *tvb, packet_info *pinfo, proto_
}
protobuf_seek_forward(&pb, len);
}
- wmem_destroy_allocator(strpool);
}
/* Dissect a CMsgRemoteDeviceAuthorizationResponse protobuf message body.

725
SOURCES/wireshark-0015-CVE-18227.patch Normal file
View File

@ -0,0 +1,725 @@
diff --git a/epan/dissectors/packet-mswsp.c b/epan/dissectors/packet-mswsp.c
index 421713067b..295192a0ab 100644
--- a/epan/dissectors/packet-mswsp.c
+++ b/epan/dissectors/packet-mswsp.c
@@ -359,6 +359,7 @@ static int SMB2 = 2;
void proto_reg_handoff_mswsp(void);
+static expert_field ei_mswsp_invalid_variant_type = EI_INIT;
static expert_field ei_missing_msg_context = EI_INIT;
static expert_field ei_mswsp_msg_cpmsetbinding_ccolumns = EI_INIT;
@@ -3068,7 +3069,7 @@ static int parse_lcid(tvbuff_t *tvb, int offset, proto_tree *parent_tree, const
/*****************************************************************************************/
/* 2.2.1.1 CBaseStorageVariant */
-static int parse_CBaseStorageVariant(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CBaseStorageVariant *value, const char *text);
+static int parse_CBaseStorageVariant(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CBaseStorageVariant *value, const char *text);
/* 2.2.1.2 CFullPropSpec */
static int parse_CFullPropSpec(tvbuff_t *tvb, int offset, proto_tree *tree, proto_tree *pad_tree, struct CFullPropSpec *v, const char *fmt, ...);
@@ -3080,10 +3081,10 @@ static int parse_CContentRestriction(tvbuff_t *tvb, int offset, proto_tree *pare
static int parse_CNatLanguageRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CNatLanguageRestriction *v, const char *fmt, ...);
/* 2.2.1.6 CNodeRestriction */
-static int parse_CNodeRestriction(tvbuff_t *tvb, int offset, proto_tree *tree, proto_tree *pad_tree, struct CNodeRestriction *v, const char* fmt, ...);
+static int parse_CNodeRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree, proto_tree *pad_tree, struct CNodeRestriction *v, const char* fmt, ...);
/* 2.2.1.7 CPropertyRestriction */
-static int parse_CPropertyRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CPropertyRestriction *v, const char *fmt, ...);
+static int parse_CPropertyRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CPropertyRestriction *v, const char *fmt, ...);
/* 2.2.1.8 CReuseWhere */
static int parse_CReuseWhere(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree _U_, struct CReuseWhere *v, const char *fmt, ...);
@@ -3092,27 +3093,27 @@ static int parse_CReuseWhere(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
static int parse_CSort(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree _U_, const char *fmt, ...);
/* 2.2.1.12 CCoercionRestriction */
-static int parse_CCoercionRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CCoercionRestriction *v, const char *fmt, ...);
+static int parse_CCoercionRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CCoercionRestriction *v, const char *fmt, ...);
/* 2.2.1.16 CRestrictionArray */
-static int parse_CRestrictionArray(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CRestrictionArray(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.17 CRestriction */
-static int parse_CRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CRestriction *v, const char *fmt, ...);
+static int parse_CRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CRestriction *v, const char *fmt, ...);
/* 2.2.1.18 CColumnSet */
static int parse_CColumnSet(tvbuff_t *tvb, int offset, proto_tree *tree, const char *fmt, ...);
/* 2.2.1.20 CCategorizationSpec */
-static int parse_CCategorizationSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CCategorizationSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.21 CCategSpec */
-static int parse_CCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CCategSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.22 CRangeCategSpec */
-static int parse_CRangeCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CRangeCategSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.23 RANGEBOUNDARY */
-static int parse_RANGEBOUNDARY(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_RANGEBOUNDARY(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.24 CAggregSet */
static int parse_CAggregSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
@@ -3127,19 +3128,19 @@ static int parse_CSortAggregSet(tvbuff_t *tvb, int offset, proto_tree *parent_tr
static int parse_CAggregSortKey(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.28 CInGroupSortAggregSets */
-static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.29 CInGroupSortAggregSet */
-static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.30 CDbColId */
static int parse_CDbColId(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *text);
/* 2.2.1.31 CDbProp */
-static int parse_CDbProp(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct GuidPropertySet *propset, const char *fmt, ...);
+static int parse_CDbProp(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct GuidPropertySet *propset, const char *fmt, ...);
/* 2.2.1.32 CDbPropSet */
-static int parse_CDbPropSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
+static int parse_CDbPropSet(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.33 CPidMapper */
static int parse_CPidMapper(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
@@ -3157,7 +3158,7 @@ static int parse_CRowsetProperties(tvbuff_t *tvb, int offset, proto_tree *parent
static int parse_CSortSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...);
/* 2.2.1.44 CTableColumn */
-static int parse_CTableColumn(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CTableColumn *col, const char *fmt, ...);
+static int parse_CTableColumn(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CTableColumn *col, const char *fmt, ...);
/*
@@ -3231,11 +3232,11 @@ static int parse_CSortSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pr
return offset;
}
-static int parse_CTableColumn(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CTableColumn *col, const char *fmt, ...)
+static int parse_CTableColumn(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CTableColumn *col, const char *fmt, ...)
{
- proto_item *item;
+ proto_item *item, *ti_type;
proto_tree *tree;
va_list ap;
struct vtype_data *type;
@@ -3266,8 +3267,14 @@ static int parse_CTableColumn(tvbuff_t *tvb, int offset, proto_tree *parent_tree
}
}
type = vType_get_type(vtype_val);
- DISSECTOR_ASSERT(type != NULL);
- proto_tree_add_string_format_value(tree, hf_mswsp_ctablecolumn_vtype, tvb, offset, 4, type->str, "%s%s", type->str, modifier);
+ if (type == NULL) {
+ /*
+ * Not a valid type.
+ */
+ ti_type = proto_tree_add_string(tree, hf_mswsp_ctablecolumn_vtype, tvb, offset, 4, "Unknown CTableColumn type");
+ expert_add_info(pinfo, ti_type, &ei_mswsp_invalid_variant_type);
+ } else
+ proto_tree_add_string_format_value(tree, hf_mswsp_ctablecolumn_vtype, tvb, offset, 4, type->str, "%s%s", type->str, modifier);
offset += 4;
used = tvb_get_guint8(tvb, offset);
@@ -3487,7 +3494,7 @@ static int parse_relop(tvbuff_t *tvb, int offset, proto_tree *tree, guint32 *re
}
return offset + 4;
}
-static int parse_CPropertyRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CPropertyRestriction *v, const char *fmt, ...)
+static int parse_CPropertyRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CPropertyRestriction *v, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -3505,7 +3512,7 @@ static int parse_CPropertyRestriction(tvbuff_t *tvb, int offset, proto_tree *par
offset = parse_CFullPropSpec(tvb, offset, tree, pad_tree, &v->property, "Property");
- offset = parse_CBaseStorageVariant(tvb, offset, tree, pad_tree, &v->prval, "prval");
+ offset = parse_CBaseStorageVariant(tvb, pinfo, offset, tree, pad_tree, &v->prval, "prval");
offset = parse_padding(tvb, offset, 4, pad_tree, "padding_lcid");
@@ -3517,7 +3524,7 @@ static int parse_CPropertyRestriction(tvbuff_t *tvb, int offset, proto_tree *par
return offset;
}
-static int parse_CCoercionRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CCoercionRestriction *v, const char *fmt, ...)
+static int parse_CCoercionRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CCoercionRestriction *v, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -3535,7 +3542,7 @@ static int parse_CCoercionRestriction(tvbuff_t *tvb, int offset, proto_tree *par
offset += 4;
- offset = parse_CRestriction(tvb, offset, tree, pad_tree, &v->child, "child");
+ offset = parse_CRestriction(tvb, pinfo, offset, tree, pad_tree, &v->child, "child");
proto_item_set_end(item, tvb, offset);
return offset;
@@ -3732,7 +3739,7 @@ static int parse_rType(tvbuff_t *tvb, int offset, proto_tree *tree, enum rType *
return offset + 4;
}
-static int parse_CRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CRestriction *v, const char *fmt, ...)
+static int parse_CRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CRestriction *v, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -3761,18 +3768,18 @@ static int parse_CRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree
case RTProximity:
case RTPhrase: {
v->u.RTAnd = EP_ALLOC(struct CNodeRestriction);
- offset = parse_CNodeRestriction(tvb, offset, tree, pad_tree, v->u.RTAnd, "CNodeRestriction");
+ offset = parse_CNodeRestriction(tvb, pinfo, offset, tree, pad_tree, v->u.RTAnd, "CNodeRestriction");
break;
}
case RTNot: {
v->u.RTNot = EP_ALLOC(struct CRestriction);
- offset = parse_CRestriction(tvb, offset, tree, pad_tree,
+ offset = parse_CRestriction(tvb, pinfo, offset, tree, pad_tree,
v->u.RTNot, "CRestriction");
break;
}
case RTProperty: {
v->u.RTProperty = EP_ALLOC(struct CPropertyRestriction);
- offset = parse_CPropertyRestriction(tvb, offset, tree, pad_tree,
+ offset = parse_CPropertyRestriction(tvb, pinfo, offset, tree, pad_tree,
v->u.RTProperty, "CPropertyRestriction");
break;
}
@@ -3780,7 +3787,7 @@ static int parse_CRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree
case RTCoerce_Multiply:
case RTCoerce_Absolute: {
v->u.RTCoerce_Add = EP_ALLOC(struct CCoercionRestriction);
- offset = parse_CCoercionRestriction(tvb, offset, tree, pad_tree,
+ offset = parse_CCoercionRestriction(tvb, pinfo, offset, tree, pad_tree,
v->u.RTCoerce_Add, "CCoercionRestriction");
break;
}
@@ -3810,7 +3817,7 @@ static int parse_CRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree
return offset;
}
-static int parse_CRestrictionArray(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+static int parse_CRestrictionArray(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
guint8 present, count;
@@ -3840,14 +3847,14 @@ static int parse_CRestrictionArray(tvbuff_t *tvb, int offset, proto_tree *parent
for (i=0; i<count; i++) {
struct CRestriction r;
- offset = parse_CRestriction(tvb, offset, tree, pad_tree, &r, "Restriction[%d]", i);
+ offset = parse_CRestriction(tvb, pinfo, offset, tree, pad_tree, &r, "Restriction[%d]", i);
}
}
proto_item_set_end(item, tvb, offset);
return offset;
}
-static int parse_CNodeRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CNodeRestriction *v, const char *fmt, ...)
+static int parse_CNodeRestriction(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct CNodeRestriction *v, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -3867,7 +3874,7 @@ static int parse_CNodeRestriction(tvbuff_t *tvb, int offset, proto_tree *parent_
for (i=0; i<v->cNode; i++) {
struct CRestriction r;
ZERO_STRUCT(r);
- offset = parse_CRestriction(tvb, offset, tree, pad_tree, &r, "paNode[%u]", i);
+ offset = parse_CRestriction(tvb, pinfo, offset, tree, pad_tree, &r, "paNode[%u]", i);
offset = parse_padding(tvb, offset, 4, tree, "padding_paNode[%u]", i); /*at begin or end of loop ????*/
}
@@ -4208,117 +4215,7 @@ static const char *str_CBaseStorageVariant(struct CBaseStorageVariant *value, gb
return wmem_strbuf_get_str(strbuf);
}
-static int parse_vType(tvbuff_t *tvb, int offset, guint16 *vtype)
-{
- guint16 tmp_vtype = tvb_get_letohs(tvb, offset);
- guint16 modifier = tmp_vtype & 0xFF00;
-
- switch (tmp_vtype & 0xFF) {
- case VT_EMPTY:
- *vtype = VT_EMPTY;
- break;
- case VT_NULL:
- *vtype = VT_NULL;
- break;
- case VT_I2:
- *vtype = VT_I2;
- break;
- case VT_I4:
- *vtype = VT_I4;
- break;
- case VT_R4:
- *vtype = VT_R4;
- break;
- case VT_R8:
- *vtype = VT_R8;
- break;
- case VT_CY:
- *vtype = VT_CY;
- break;
- case VT_DATE:
- *vtype = VT_DATE;
- break;
- case VT_BSTR:
- *vtype = VT_BSTR;
- break;
- case VT_ERROR:
- *vtype = VT_ERROR;
- break;
- case VT_BOOL:
- *vtype = VT_BOOL;
- break;
- case VT_VARIANT:
- *vtype = VT_VARIANT;
- break;
- case VT_DECIMAL:
- *vtype = VT_DECIMAL;
- break;
- case VT_I1:
- *vtype = VT_I1;
- break;
- case VT_UI1:
- *vtype = VT_UI1;
- break;
- case VT_UI2:
- *vtype = VT_UI2;
- break;
- case VT_UI4:
- *vtype = VT_UI4;
- break;
- case VT_I8:
- *vtype = VT_I8;
- break;
- case VT_UI8:
- *vtype = VT_UI8;
- break;
- case VT_INT:
- *vtype = VT_INT;
- break;
- case VT_UINT:
- *vtype = VT_UINT;
- break;
- case VT_LPSTR:
- *vtype = VT_LPSTR;
- break;
- case VT_LPWSTR:
- *vtype = VT_LPWSTR;
- break;
- case VT_COMPRESSED_LPWSTR:
- *vtype = VT_COMPRESSED_LPWSTR;
- break;
- case VT_FILETIME:
- *vtype = VT_FILETIME;
- break;
- case VT_BLOB:
- *vtype = VT_BLOB;
- break;
- case VT_BLOB_OBJECT:
- *vtype = VT_BLOB_OBJECT;
- break;
- case VT_CLSID:
- *vtype = VT_CLSID;
- break;
- default:
- DISSECTOR_ASSERT(FALSE);
- break;
- }
- if (modifier) {
- switch (modifier) {
- case VT_VECTOR:
- *vtype |= VT_VECTOR;
- break;
- case VT_ARRAY:
- *vtype |= VT_ARRAY;
- break;
- default:
- DISSECTOR_ASSERT(FALSE);
- break;
- }
- }
- return offset + 2;
-}
-
-static int parse_CBaseStorageVariant(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree _U_, struct CBaseStorageVariant *value, const char *text)
+static int parse_CBaseStorageVariant(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree _U_, struct CBaseStorageVariant *value, const char *text)
{
int i, len;
proto_item *ti, *ti_type, *ti_val;
@@ -4329,9 +4226,19 @@ static int parse_CBaseStorageVariant(tvbuff_t *tvb, int offset, proto_tree *pare
tree = proto_tree_add_subtree(parent_tree, tvb, offset, 0, ett_CBaseStorageVariant, &ti, text);
- parse_vType(tvb, offset, &value->vType);
- value->type = vType_get_type(value->vType);
- DISSECTOR_ASSERT(value->type != NULL);
+ value->vType = tvb_get_letohs(tvb, offset);
+ value->type = vType_get_type(value->vType & 0xFF);
+ if (value->type == NULL) {
+ /*
+ * Not a valid type.
+ */
+ ti_type = proto_tree_add_string(tree, hf_mswsp_cbasestorvariant_vtype, tvb, offset, 2, "Unknown CBaseStorageVariant type");
+ offset += 2;
+ expert_add_info(pinfo, ti_type, &ei_mswsp_invalid_variant_type);
+
+ THROW_MESSAGE(ReportedBoundsError, "Unknown CBaseStorageVariant type");
+ return offset;
+ }
ti_type = proto_tree_add_string(tree, hf_mswsp_cbasestorvariant_vtype, tvb, offset, 2, value->type->str);
offset += 2;
@@ -4452,7 +4359,7 @@ static int parse_CDbColId(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pr
return offset;
}
-static int parse_CDbProp(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct GuidPropertySet *propset, const char *fmt, ...)
+static int parse_CDbProp(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, struct GuidPropertySet *propset, const char *fmt, ...)
{
static const value_string EMPTY_VS[] = {{0, NULL}};
const value_string *vs = (propset && propset->id_map) ? propset->id_map : EMPTY_VS;
@@ -4485,7 +4392,7 @@ static int parse_CDbProp(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pro
offset = parse_CDbColId(tvb, offset, tree, pad_tree, "colid");
- offset = parse_CBaseStorageVariant(tvb, offset, tree, pad_tree, &value, "vValue");
+ offset = parse_CBaseStorageVariant(tvb, pinfo, offset, tree, pad_tree, &value, "vValue");
str = str_CBaseStorageVariant(&value, TRUE);
proto_item_append_text(item, " %s", str);
@@ -4494,7 +4401,7 @@ static int parse_CDbProp(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pro
return offset;
}
-static int parse_CDbPropSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+static int parse_CDbPropSet(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
int i, num;
e_guid_t guid;
@@ -4530,14 +4437,14 @@ static int parse_CDbPropSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
for (i = 0; i<num; i++) {
offset = parse_padding(tvb, offset, 4, pad_tree, "aProp[%d]", i);
- offset = parse_CDbProp(tvb, offset, tree, pad_tree, pset, "aProp[%d]", i);
+ offset = parse_CDbProp(tvb, pinfo, offset, tree, pad_tree, pset, "aProp[%d]", i);
}
proto_item_set_end(item, tvb, offset);
return offset;
}
-static int parse_PropertySetArray(tvbuff_t *tvb, int offset, int size_offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+static int parse_PropertySetArray(tvbuff_t *tvb, packet_info *pinfo, int offset, int size_offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
const int offset_in = offset;
guint32 size, num;
@@ -4563,7 +4470,7 @@ static int parse_PropertySetArray(tvbuff_t *tvb, int offset, int size_offset, pr
offset += 4;
for (i = 0; i < (int)num; i++) {
- offset = parse_CDbPropSet(tvb, offset, tree, pad_tree, "PropertySet[%d]", i);
+ offset = parse_CDbPropSet(tvb, pinfo, offset, tree, pad_tree, "PropertySet[%d]", i);
}
proto_item_set_end(item, tvb, offset);
@@ -4601,7 +4508,7 @@ int parse_CColumnSet(tvbuff_t *tvb, int offset, proto_tree *tree, const char *fm
}
/* 2.2.1.23 RANGEBOUNDARY */
-int parse_RANGEBOUNDARY(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+int parse_RANGEBOUNDARY(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
guint32 ulType;
guint8 labelPresent;
@@ -4622,7 +4529,7 @@ int parse_RANGEBOUNDARY(tvbuff_t *tvb, int offset, proto_tree *parent_tree, prot
offset += 4;
ZERO_STRUCT(prval);
- offset = parse_CBaseStorageVariant(tvb, offset, tree, pad_tree, &prval, "prVal");
+ offset = parse_CBaseStorageVariant(tvb, pinfo, offset, tree, pad_tree, &prval, "prVal");
labelPresent = tvb_get_guint8(tvb, offset);
proto_tree_add_item(tree, hf_mswsp_rangeboundry_labelpresent, tvb, offset, 1, ENC_LITTLE_ENDIAN);
@@ -4650,7 +4557,7 @@ int parse_RANGEBOUNDARY(tvbuff_t *tvb, int offset, proto_tree *parent_tree, prot
/* 2.2.1.22 CRangeCategSpec */
-int parse_CRangeCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+int parse_CRangeCategSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
proto_item *item;
proto_tree *tree;
@@ -4671,7 +4578,7 @@ int parse_CRangeCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pr
offset += 4;
for (i=0; i<cRange; i++) {
- offset = parse_RANGEBOUNDARY(tvb, offset, tree, pad_tree, "aRangeBegin[%u]", i);
+ offset = parse_RANGEBOUNDARY(tvb, pinfo, offset, tree, pad_tree, "aRangeBegin[%u]", i);
}
@@ -4680,7 +4587,7 @@ int parse_CRangeCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, pr
}
/* 2.2.1.21 CCategSpec */
-int parse_CCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+int parse_CCategSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
proto_item *item;
proto_tree *tree;
@@ -4700,7 +4607,7 @@ int parse_CCategSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_t
offset = parse_CSort(tvb, offset, tree, pad_tree, "CSort");
- offset = parse_CRangeCategSpec(tvb, offset, tree, pad_tree, "CRangeCategSpec");
+ offset = parse_CRangeCategSpec(tvb, pinfo, offset, tree, pad_tree, "CRangeCategSpec");
proto_item_set_end(item, tvb, offset);
return offset;
@@ -4867,7 +4774,7 @@ static int parse_CInGroupSortAggregSet_type(tvbuff_t *tvb, int offset, proto_tre
}
/* 2.2.1.29 CInGroupSortAggregSet */
-static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
proto_item *item;
proto_tree *tree;
@@ -4885,7 +4792,7 @@ static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, int offset, proto_tree *pa
if (type == GroupIdValue) {
struct CBaseStorageVariant id;
- offset = parse_CBaseStorageVariant(tvb, offset, tree, pad_tree, &id, "inGroupId");
+ offset = parse_CBaseStorageVariant(tvb, pinfo, offset, tree, pad_tree, &id, "inGroupId");
}
offset = parse_CSortSet(tvb, offset, tree, pad_tree, "SortSet");
@@ -4896,7 +4803,7 @@ static int parse_CInGroupSortAggregSet(tvbuff_t *tvb, int offset, proto_tree *pa
/* 2.2.1.28 CInGroupSortAggregSets */
-static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
guint32 cCount, i;
proto_item *item;
@@ -4916,7 +4823,7 @@ static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, int offset, proto_tree *p
for (i=0; i<cCount; i++) {
/* 2.2.1.29 CInGroupSortAggregSet */
- offset = parse_CInGroupSortAggregSet(tvb, offset, tree, pad_tree, "SortSets[%u]", i);
+ offset = parse_CInGroupSortAggregSet(tvb, pinfo, offset, tree, pad_tree, "SortSets[%u]", i);
}
proto_item_set_end(item, tvb, offset);
@@ -4924,7 +4831,7 @@ static int parse_CInGroupSortAggregSets(tvbuff_t *tvb, int offset, proto_tree *p
}
/* 2.2.1.20 CCategorizationSpec */
-int parse_CCategorizationSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
+int parse_CCategorizationSpec(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, proto_tree *pad_tree, const char *fmt, ...)
{
proto_item *item;
proto_tree *tree;
@@ -4941,7 +4848,7 @@ int parse_CCategorizationSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree
offset = parse_CColumnSet(tvb, offset, tree, "csColumns");
/* 2.2.1.21 CCategSpec */
- offset = parse_CCategSpec(tvb, offset, tree, pad_tree, "Spec");
+ offset = parse_CCategSpec(tvb, pinfo, offset, tree, pad_tree, "Spec");
/* 2.2.1.24 CAggregSet */
offset = parse_CAggregSet(tvb, offset, tree, pad_tree, "AggregSet");
@@ -4950,7 +4857,7 @@ int parse_CCategorizationSpec(tvbuff_t *tvb, int offset, proto_tree *parent_tree
offset = parse_CSortAggregSet(tvb, offset, tree, pad_tree, "SortAggregSet");
/* 2.2.1.28 CInGroupSortAggregSets */
- offset = parse_CInGroupSortAggregSets(tvb, offset, tree, pad_tree, "InGroupSortAggregSets");
+ offset = parse_CInGroupSortAggregSets(tvb, pinfo, offset, tree, pad_tree, "InGroupSortAggregSets");
proto_tree_add_item(tree, hf_mswsp_categorizationspec_cmaxres, tvb, offset, 4, ENC_LITTLE_ENDIAN);
offset += 4;
@@ -5273,17 +5180,14 @@ static int parse_CRowVariantArrayInfo(tvbuff_t *tvb, int offset, proto_tree *tre
return offset;
}
-static int parse_VariantColVector(tvbuff_t *tvb, int offset, proto_tree *tree, guint64 base_address, gboolean is_64bit, struct CRowVariant *variant)
+static int parse_VariantColVector(tvbuff_t *tvb, int offset, proto_tree *tree, guint64 base_address, gboolean is_64bit, struct CRowVariant *variant, struct vtype_data *vt_list_type)
{
guint32 i = 0;
guint64 count = 0;
int buf_offset = 0;
proto_tree *sub_tree;
- struct vtype_data *vt_list_type =
- vType_get_type((enum vType)(variant->vtype & 0x00FF));
wmem_strbuf_t *strbuf;
- DISSECTOR_ASSERT(vt_list_type != NULL);
offset = parse_CRowVariantArrayInfo(tvb, offset, tree, is_64bit, variant);
if (is_64bit) {
buf_offset =
@@ -5335,10 +5239,10 @@ static int parse_VariantColVector(tvbuff_t *tvb, int offset, proto_tree *tree, g
return offset;
}
-static int parse_VariantCol(tvbuff_t *tvb, int offset, proto_tree *parent_tree, guint64 base_address, guint32 length _U_, gboolean is_64bit, struct CRowVariant *variant, const char *fmt, ...)
+static int parse_VariantCol(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *parent_tree, guint64 base_address, guint32 length _U_, gboolean is_64bit, struct CRowVariant *variant, const char *fmt, ...)
{
proto_tree *tree;
- proto_item *item;
+ proto_item *item, *ti_type;
va_list ap;
struct vtype_data *vt_type;
@@ -5354,8 +5258,6 @@ static int parse_VariantCol(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
variant->vtype = tvb_get_letohs(tvb, offset);
vt_type = vType_get_type((enum vType)variant->vtype);
- DISSECTOR_ASSERT(vt_type != NULL);
-
vtype_high = (variant->vtype & 0xFF00);
if (vtype_high) {
if (vtype_high == VT_VECTOR) {
@@ -5367,6 +5269,17 @@ static int parse_VariantCol(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
}
}
+ if (vt_type == NULL) {
+ /*
+ * Not a valid type.
+ */
+ ti_type = proto_tree_add_string(tree, hf_mswsp_ctablecolumn_vtype, tvb, offset, 4, "Unknown variant column type");
+ expert_add_info(pinfo, ti_type, &ei_mswsp_invalid_variant_type);
+ offset += 2;
+
+ THROW_FORMATTED(ReportedBoundsError, "Unknown variant column type%s", modifier);
+ return offset;
+ }
proto_tree_add_string_format_value(tree, hf_mswsp_rowvariant_vtype, tvb, offset, 2, vt_type->str, "%s%s", vt_type->str, modifier);
offset += 2;
@@ -5382,7 +5295,7 @@ static int parse_VariantCol(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
if (vtype_high == VT_VECTOR || vtype_high == VT_ARRAY) {
offset = parse_VariantColVector(tvb, offset, tree, base_address,
- is_64bit, variant);
+ is_64bit, variant, vt_type);
} else {
wmem_strbuf_t *strbuf = wmem_strbuf_new(wmem_packet_scope(), "");
if (size != -1) {
@@ -5421,7 +5334,7 @@ static int parse_VariantCol(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
return offset;
}
-static int parse_RowsBufferCol(tvbuff_t *tvb, int offset, guint32 row, guint32 col, struct CPMSetBindingsIn *bindingsin, struct rows_data *rowsin, gboolean b_is_64bit, proto_tree *parent_tree, const char *fmt, ...)
+static int parse_RowsBufferCol(tvbuff_t *tvb, packet_info *pinfo, int offset, guint32 row, guint32 col, struct CPMSetBindingsIn *bindingsin, struct rows_data *rowsin, gboolean b_is_64bit, proto_tree *parent_tree, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -5463,13 +5376,13 @@ static int parse_RowsBufferCol(tvbuff_t *tvb, int offset, guint32 row, guint32 c
len = tvb_get_letohs(tvb, buf_offset + pcol->lengthoffset) - pcol->valuesize;
}
if (pcol->vtype == VT_VARIANT) {
- parse_VariantCol(tvb, tmp_offset, tree, base_address, len, b_is_64bit, &variant, "CRowVariant");
+ parse_VariantCol(tvb, pinfo, tmp_offset, tree, base_address, len, b_is_64bit, &variant, "CRowVariant");
}
}
return offset;
}
-static int parse_RowsBuffer(tvbuff_t *tvb, int offset, guint32 num_rows, struct CPMSetBindingsIn *bindingsin, struct rows_data *rowsin, gboolean is64bit, proto_tree *parent_tree, const char *fmt, ...)
+static int parse_RowsBuffer(tvbuff_t *tvb, packet_info *pinfo, int offset, guint32 num_rows, struct CPMSetBindingsIn *bindingsin, struct rows_data *rowsin, gboolean is64bit, proto_tree *parent_tree, const char *fmt, ...)
{
proto_tree *tree;
proto_item *item;
@@ -5488,7 +5401,7 @@ static int parse_RowsBuffer(tvbuff_t *tvb, int offset, guint32 num_rows, struct
proto_tree *row_tree;
row_tree = proto_tree_add_subtree_format(tree, tvb, offset, 0, ett_GetRowsRow, NULL, "Row[%d]", num);
for (col = 0; col < bindingsin->ccolumns; col++) {
- parse_RowsBufferCol(tvb, offset, num, col, bindingsin, rowsin, is64bit, row_tree, "Col[%d]", col);
+ parse_RowsBufferCol(tvb, pinfo, offset, num, col, bindingsin, rowsin, is64bit, row_tree, "Col[%d]", col);
}
}
return offset;
@@ -5557,11 +5470,11 @@ static int dissect_CPMConnect(tvbuff_t *tvb, packet_info *pinfo, proto_tree *par
offset = parse_padding(tvb, offset, 8, pad_tree, "_paddingcPropSets");
- offset = parse_PropertySetArray(tvb, offset, blob_size1_off, tree, pad_tree, "PropSets");
+ offset = parse_PropertySetArray(tvb, pinfo, offset, blob_size1_off, tree, pad_tree, "PropSets");
offset = parse_padding(tvb, offset, 8, pad_tree, "paddingExtPropset");
- offset = parse_PropertySetArray(tvb, offset, blob_size2_off, tree, pad_tree, "ExtPropset");
+ offset = parse_PropertySetArray(tvb, pinfo, offset, blob_size2_off, tree, pad_tree, "ExtPropset");
offset = parse_padding(tvb, offset, 8, pad_tree, "???");
@@ -5616,7 +5529,7 @@ static int dissect_CPMCreateQuery(tvbuff_t *tvb, packet_info *pinfo, proto_tree
offset += 1;
if (CRestrictionPresent) {
- offset = parse_CRestrictionArray(tvb, offset, tree, pad_tree, "RestrictionArray");
+ offset = parse_CRestrictionArray(tvb, pinfo, offset, tree, pad_tree, "RestrictionArray");
}
CSortSetPresent = tvb_get_guint8(tvb, offset);
@@ -5625,7 +5538,7 @@ static int dissect_CPMCreateQuery(tvbuff_t *tvb, packet_info *pinfo, proto_tree
if (CSortSetPresent) {
offset = parse_padding(tvb, offset, 4, tree, "paddingCSortSetPresent");
- offset = parse_CInGroupSortAggregSets(tvb, offset, tree, pad_tree, "GroupSortAggregSets");
+ offset = parse_CInGroupSortAggregSets(tvb, pinfo, offset, tree, pad_tree, "GroupSortAggregSets");
}
@@ -5641,7 +5554,7 @@ static int dissect_CPMCreateQuery(tvbuff_t *tvb, packet_info *pinfo, proto_tree
proto_tree_add_uint(tree, hf_mswsp_msg_cpmcreatequery_ccateg_count, tvb, offset, 4, count);
offset += 4;
for (i=0; i<count; i++) {
- offset = parse_CCategorizationSpec(tvb, offset, tree, pad_tree, "categories[%u]", i);
+ offset = parse_CCategorizationSpec(tvb, pinfo, offset, tree, pad_tree, "categories[%u]", i);
}
}
@@ -5803,7 +5716,7 @@ static int dissect_CPMGetRows(tvbuff_t *tvb, packet_info *pinfo, proto_tree *par
if (b_has_arch && bindingsin && rowsin) {
offset = parse_padding(tvb, offset, rowsin->cbreserved, pad_tree,
"paddingRows");
- parse_RowsBuffer(tvb, offset, num_rows, bindingsin, rowsin, b_64bit_mode, tree, "Rows");
+ parse_RowsBuffer(tvb, pinfo, offset, num_rows, bindingsin, rowsin, b_64bit_mode, tree, "Rows");
} else {
gint nbytes = tvb_reported_length_remaining(tvb, offset);
proto_tree_add_expert_format(tree, pinfo, &ei_missing_msg_context, tvb, offset, nbytes, "Undissected %d bytes (due to missing preceding msg(s))", nbytes);
@@ -5950,7 +5863,7 @@ static int dissect_CPMSetBindings(tvbuff_t *tvb, packet_info *pinfo, proto_tree
sizeof(struct CTableColumn) * num);
for (n=0; n<num; n++) {
offset = parse_padding(tvb, offset, 4, pad_tree, "padding_aColumns[%u]", n);
- offset = parse_CTableColumn(tvb, offset, tree, pad_tree, &request.acolumns[n],"aColumns[%u]", n);
+ offset = parse_CTableColumn(tvb, pinfo, offset, tree, pad_tree, &request.acolumns[n],"aColumns[%u]", n);
}
data = find_or_create_message_data(ct, pinfo,0xD0,in, private_data);
if (data) {
@@ -8051,6 +7964,7 @@ proto_register_mswsp(void)
};
static ei_register_info ei[] = {
+ { &ei_mswsp_invalid_variant_type, { "mswsp.invalid_variant_type", PI_PROTOCOL, PI_ERROR, "Invalid variant type", EXPFILL }},
{ &ei_missing_msg_context, { "mswsp.msg.cpmgetrows.missing_msg_context", PI_SEQUENCE, PI_WARN, "previous messages needed for context not captured", EXPFILL }},
{ &ei_mswsp_msg_cpmsetbinding_ccolumns, { "mswsp.msg.cpmsetbinding.ccolumns.invalude", PI_PROTOCOL, PI_WARN, "Invalid number of cColumns for packet", EXPFILL }}
};

46
SOURCES/wireshark-0016-CVE-19622.patch Normal file
View File

@ -0,0 +1,46 @@
diff --git a/epan/dissectors/packet-mmse.c b/epan/dissectors/packet-mmse.c
index ffb4faa003..1e3d13abeb 100644
--- a/epan/dissectors/packet-mmse.c
+++ b/epan/dissectors/packet-mmse.c
@@ -487,6 +487,12 @@ get_value_length(tvbuff_t *tvb, guint offset, guint *byte_count, packet_info *pi
field = tvb_get_guintvar(tvb, offset, byte_count, pinfo, &ei_mmse_oversized_uintvar);
(*byte_count)++;
}
+
+ /* The packet says there are this many bytes; ensure they're there.
+ * We do this here because several callers do math on the length we
+ * return here and may not catch an overflow.
+ */
+ tvb_ensure_bytes_exist(tvb, offset, field);
return field;
}
@@ -689,7 +695,7 @@ static void
dissect_mmse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint8 pdut,
const char *message_type)
{
- guint offset;
+ guint offset, old_offset;
guint8 field = 0;
const char *strval;
guint length;
@@ -711,6 +717,7 @@ dissect_mmse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint8 pdut,
proto_tree_add_uint(mmse_tree, hf_mmse_message_type, tvb, 0, 2, pdut);
offset = 2; /* Skip Message-Type */
+ old_offset = 1;
/*
* Cycle through MMS-headers
@@ -1209,6 +1216,11 @@ dissect_mmse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint8 pdut,
break;
}
DebugLog(("\tEnd(case)\n"));
+
+ if (offset <= old_offset) {
+ REPORT_DISSECTOR_BUG("Offset isn't increasing (offset=%u, old offset=%u)", offset, old_offset);
+ }
+ old_offset = offset;
}
DebugLog(("\tEnd(switch)\n"));

103
SOURCES/wireshark-0016-cve-2023-2855.patch
View File

@ -1,103 +0,0 @@
From 0181fafb2134a177328443a60b5e29c4ee1041cb Mon Sep 17 00:00:00 2001
From: Guy Harris <gharris@sonic.net>
Date: Tue, 16 May 2023 12:05:07 -0700
Subject: [PATCH] candump: check for a too-long frame length.
If the frame length is longer than the maximum, report an error in the
file.
Fixes #19062, preventing the overflow on a buffer on the stack (assuming
your compiler doesn't call a bounds-checknig version of memcpy() if the
size of the target space is known).
---
wiretap/candump.c | 39 +++++++++++++++++++++++++++++++--------
1 file changed, 31 insertions(+), 8 deletions(-)
diff --git a/wiretap/candump.c b/wiretap/candump.c
index 62f89e7b564..43863b45cf7 100644
--- a/wiretap/candump.c
+++ b/wiretap/candump.c
@@ -34,8 +34,9 @@ void register_candump(void);
wtap_rec *rec, Buffer *buf,
int *err, gchar **err_info);
-static void
-candump_write_packet(wtap_rec *rec, Buffer *buf, const msg_t *msg)
+static gboolean
+candump_write_packet(wtap_rec *rec, Buffer *buf, const msg_t *msg, int *err,
+ gchar **err_info)
{
static const char *can_proto_name = "can-hostendian";
static const char *canfd_proto_name = "canfd";
@@ -56,6 +57,18 @@ candump_write_packet(wtap_rec *rec, Buffer *buf, const msg_t *msg)
{
canfd_frame_t canfd_frame = {0};
+ /*
+ * There's a maximum of CANFD_MAX_DLEN bytes in a CAN-FD frame.
+ */
+ if (msg->data.length > CANFD_MAX_DLEN) {
+ *err = WTAP_ERR_BAD_FILE;
+ if (err_info != NULL) {
+ *err_info = g_strdup_printf("candump: File has %u-byte CAN FD packet, bigger than maximum of %u",
+ msg->data.length, CANFD_MAX_DLEN);
+ }
+ return FALSE;
+ }
+
canfd_frame.can_id = msg->id;
canfd_frame.flags = msg->flags;
canfd_frame.len = msg->data.length;
@@ -67,6 +80,18 @@ candump_write_packet(wtap_rec *rec, Buffer *buf, const msg_t *msg)
{
can_frame_t can_frame = {0};
+ /*
+ * There's a maximum of CAN_MAX_DLEN bytes in a CAN frame.
+ */
+ if (msg->data.length > CAN_MAX_DLEN) {
+ *err = WTAP_ERR_BAD_FILE;
+ if (err_info != NULL) {
+ *err_info = g_strdup_printf("candump: File has %u-byte CAN packet, bigger than maximum of %u",
+ msg->data.length, CAN_MAX_DLEN);
+ }
+ return FALSE;
+ }
+
can_frame.can_id = msg->id;
can_frame.can_dlc = msg->data.length;
memcpy(can_frame.data, msg->data.data, msg->data.length);
@@ -82,6 +107,8 @@ candump_write_packet(wtap_rec *rec, Buffer *buf, const msg_t *msg)
rec->rec_header.packet_header.caplen = packet_length;
rec->rec_header.packet_header.len = packet_length;
+
+ return TRUE;
}
static gboolean
@@ -188,9 +215,7 @@ candump_read(wtap *wth, wtap_rec *rec, Buffer *buf, int *err, gchar **err_info,
ws_debug_printf("%s: Stopped at offset %" PRIi64 "\n", G_STRFUNC, file_tell(wth->fh));
#endif
- candump_write_packet(rec, buf, &msg);
-
- return TRUE;
+ return candump_write_packet(rec, buf, &msg, err, err_info);
}
static gboolean
@@ -214,9 +239,7 @@ candump_seek_read(wtap *wth , gint64 seek_off, wtap_rec *rec,
if (!candump_parse(wth->random_fh, &msg, NULL, err, err_info))
return FALSE;
- candump_write_packet(rec, buf, &msg);
-
- return TRUE;
+ return candump_write_packet(rec, buf, &msg, err, err_info);
}
/*
--
GitLab

41
SOURCES/wireshark-0017-CVE-19623.patch Normal file
View File

@ -0,0 +1,41 @@
diff --git a/epan/dissectors/packet-lbmpdm.c b/epan/dissectors/packet-lbmpdm.c
index 0df59329fd..16001b859c 100644
--- a/epan/dissectors/packet-lbmpdm.c
+++ b/epan/dissectors/packet-lbmpdm.c
@@ -12,6 +12,7 @@
#include "config.h"
#include <epan/packet.h>
+#include <epan/exceptions.h>
#include "packet-lbm.h"
/* Magic number for message header to check if data is big-endian or little-endian. */
@@ -837,7 +838,6 @@ static int dissect_segment_ofstable(tvbuff_t * tvb, int offset, packet_info * pi
proto_tree * subtree = NULL;
int datalen = 0;
int seglen = 0;
- int datalen_remaining = 0;
int ofs = 0;
int field_count = 0;
int idx;
@@ -862,9 +862,8 @@ static int dissect_segment_ofstable(tvbuff_t * tvb, int offset, packet_info * pi
id_list[idx] = -1;
ofs_list[idx] = -1;
}
- datalen_remaining = datalen;
ofs = offset + L_LBMPDM_SEG_HDR_T;
- for (idx = 0; (idx < field_count) && (datalen_remaining >= L_LBMPDM_OFFSET_ENTRY_T); idx++, ofs += L_LBMPDM_OFFSET_ENTRY_T)
+ for (idx = 0; idx < field_count; idx++, ofs += L_LBMPDM_OFFSET_ENTRY_T)
{
proto_item * offset_item = NULL;
proto_tree * offset_tree = NULL;
@@ -875,6 +874,9 @@ static int dissect_segment_ofstable(tvbuff_t * tvb, int offset, packet_info * pi
id_list[idx] = (gint32)lbmpdm_fetch_uint32_encoded(tvb, ofs + O_LBMPDM_OFFSET_ENTRY_T_ID, encoding);
proto_tree_add_item(offset_tree, hf_lbmpdm_offset_entry_offset, tvb, ofs + O_LBMPDM_OFFSET_ENTRY_T_OFFSET, L_LBMPDM_OFFSET_ENTRY_T_OFFSET, encoding);
ofs_list[idx] = (gint32)lbmpdm_fetch_uint32_encoded(tvb, ofs + O_LBMPDM_OFFSET_ENTRY_T_OFFSET, encoding);
+ if (id_list[idx] < 0 || ofs_list[idx] < 0) {
+ THROW(ReportedBoundsError);
+ }
if (id_list[idx] > max_index)
{
max_index = id_list[idx];

17
SOURCES/wireshark-0018-CVE-19624.patch Normal file
View File

@ -0,0 +1,17 @@
diff --git a/epan/dissectors/packet-pvfs2.c b/epan/dissectors/packet-pvfs2.c
index e2b61bef7a..1c1012ceca 100644
--- a/epan/dissectors/packet-pvfs2.c
+++ b/epan/dissectors/packet-pvfs2.c
@@ -2314,6 +2314,12 @@ dissect_pvfs2_getconfig_response(tvbuff_t *tvb, proto_tree *parent_tree,
/* Get pointer to server config data */
ptr = tvb_get_ptr(tvb, offset, total_config_bytes);
+ if (!ptr)
+ {
+ /* Not enough data. Bail out. */
+ return offset;
+ }
+
/* Check if all data is available */
length_remaining = tvb_captured_length_remaining(tvb, offset);

439
SOURCES/wireshark-0018-sync-pipe-stderr-messages.patch
View File

@ -1,439 +0,0 @@
diff --git a/capchild/capture_sync.c b/capchild/capture_sync.c
index 64c2315..2959f8f 100644
--- a/capchild/capture_sync.c
+++ b/capchild/capture_sync.c
@@ -106,14 +106,6 @@ static ssize_t pipe_read_block(int pipe_fd, char *indicator, int len, char *msg,
static void (*fetch_dumpcap_pid)(ws_process_id) = NULL;
-static void free_argv(char** argv, int argc)
-{
- int i;
- for (i = 0; i < argc; i++)
- g_free(argv[i]);
- g_free(argv);
-}
-
void
capture_session_init(capture_session *cap_session, capture_file *cf,
new_file_fn new_file, new_packets_fn new_packets,
@@ -222,6 +214,7 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
int sync_pipe[2]; /* pipe used to send messages from child to parent */
enum PIPES { PIPE_READ, PIPE_WRITE }; /* Constants 0 and 1 for PIPE_READ and PIPE_WRITE */
#endif
+ char sync_id[ARGV_NUMBER_LEN];
int sync_pipe_read_fd;
int argc;
char **argv;
@@ -423,14 +416,11 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
}
}
- /* dumpcap should be running in capture child mode (hidden feature) */
#ifndef DEBUG_CHILD
- argv = sync_pipe_add_arg(argv, &argc, "-Z");
#ifdef _WIN32
g_snprintf(control_id, ARGV_NUMBER_LEN, "%d", GetCurrentProcessId());
argv = sync_pipe_add_arg(argv, &argc, control_id);
#else
- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE);
#endif
#endif
@@ -454,7 +444,6 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
/* Couldn't create the pipe between parent and child. */
report_failure("Couldn't create sync pipe: %s",
win32strerror(GetLastError()));
- free_argv(argv, argc);
return FALSE;
}
@@ -471,7 +460,6 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
report_failure("Couldn't get C file handle for sync pipe: %s", g_strerror(errno));
CloseHandle(sync_pipe_read);
CloseHandle(sync_pipe_write);
- free_argv(argv, argc);
return FALSE;
}
@@ -487,7 +475,6 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
win32strerror(GetLastError()));
ws_close(sync_pipe_read_fd); /* Should close sync_pipe_read */
CloseHandle(sync_pipe_write);
- free_argv(argv, argc);
return FALSE;
}
@@ -505,7 +492,6 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
ws_close(sync_pipe_read_fd); /* Should close sync_pipe_read */
CloseHandle(sync_pipe_write);
CloseHandle(signal_pipe);
- free_argv(argv, argc);
return FALSE;
}
@@ -543,7 +529,6 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
ws_close(sync_pipe_read_fd); /* Should close sync_pipe_read */
CloseHandle(sync_pipe_write);
CloseHandle(signal_pipe);
- free_argv(argv, argc);
g_string_free(args, TRUE);
return FALSE;
}
@@ -558,7 +543,6 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
if (pipe(sync_pipe) < 0) {
/* Couldn't create the pipe between parent and child. */
report_failure("Couldn't create sync pipe: %s", g_strerror(errno));
- free_argv(argv, argc);
return FALSE;
}
@@ -567,8 +551,14 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
* Child process - run dumpcap with the right arguments to make
* it just capture with the specified capture parameters
*/
- dup2(sync_pipe[PIPE_WRITE], 2);
+ //dup2(sync_pipe[PIPE_WRITE], 2);
ws_close(sync_pipe[PIPE_READ]);
+#ifndef DEBUG_CHILD
+ int argc = g_strv_length(argv);
+ argv = sync_pipe_add_arg(argv, &argc, "-Z");
+ snprintf(sync_id, ARGV_NUMBER_LEN, "%d", sync_pipe[PIPE_WRITE]);
+ argv = sync_pipe_add_arg(argv, &argc, sync_id);
+#endif
execv(argv[0], argv);
if (errno == EPERM || errno == EACCES)
securitymsg = "\nAre you a member of the 'wireshark' group? Try running\n'usermod -a -G wireshark _your_username_' as root.";
@@ -595,7 +585,6 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
/* Parent process - read messages from the child process over the
sync pipe. */
- free_argv(argv, argc);
/* Close the write side of the pipe, so that only the child has it
open, and thus it completely closes, and thus returns to us
@@ -652,10 +641,11 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, inf
/* XXX - assumes PIPE_BUF_SIZE > SP_MAX_MSG_LEN */
#define PIPE_BUF_SIZE 5120
static int
-sync_pipe_open_command(char* const argv[], int *data_read_fd,
+sync_pipe_open_command(char **argv, int *data_read_fd,
int *message_read_fd, ws_process_id *fork_child, gchar **msg, void(*update_cb)(void))
{
enum PIPES { PIPE_READ, PIPE_WRITE }; /* Constants 0 and 1 for PIPE_READ and PIPE_WRITE */
+ char sync_id[ARGV_NUMBER_LEN];
#ifdef _WIN32
HANDLE sync_pipe[2]; /* pipe used to send messages from child to parent */
HANDLE data_pipe[2]; /* pipe used to send data from child to parent */
@@ -678,6 +668,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd,
if (!msg) {
/* We can't return anything */
+ g_strfreev(argv);
#ifdef _WIN32
g_string_free(args, TRUE);
#endif
@@ -789,6 +780,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd,
if (pipe(sync_pipe) < 0) {
/* Couldn't create the message pipe between parent and child. */
*msg = g_strdup_printf("Couldn't create sync pipe: %s", g_strerror(errno));
+ g_strfreev(argv);
return -1;
}
@@ -796,6 +788,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd,
if (pipe(data_pipe) < 0) {
/* Couldn't create the data pipe between parent and child. */
*msg = g_strdup_printf("Couldn't create data pipe: %s", g_strerror(errno));
+ g_strfreev(argv);
ws_close(sync_pipe[PIPE_READ]);
ws_close(sync_pipe[PIPE_WRITE]);
return -1;
@@ -806,18 +799,24 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd,
* Child process - run dumpcap with the right arguments to make
* it just capture with the specified capture parameters
*/
- dup2(data_pipe[PIPE_WRITE], 1);
- ws_close(data_pipe[PIPE_READ]);
- ws_close(data_pipe[PIPE_WRITE]);
- dup2(sync_pipe[PIPE_WRITE], 2);
+ if (data_read_fd != NULL) {
+ dup2(data_pipe[PIPE_WRITE], 1);
+ ws_close(data_pipe[PIPE_READ]);
+ ws_close(data_pipe[PIPE_WRITE]);
+ }
ws_close(sync_pipe[PIPE_READ]);
- ws_close(sync_pipe[PIPE_WRITE]);
+#ifndef DEBUG_CHILD
+ int argc = g_strv_length(argv);
+ argv = sync_pipe_add_arg(argv, &argc, "-Z");
+ snprintf(sync_id, ARGV_NUMBER_LEN, "%d", sync_pipe[PIPE_WRITE]);
+ argv = sync_pipe_add_arg(argv, &argc, sync_id);
+#endif
execv(argv[0], argv);
if (errno == EPERM || errno == EACCES)
securitymsg = "\nAre you a member of the 'wireshark' group? Try running\n'usermod -a -G wireshark _your_username_' as root.";
g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s%s",
argv[0], g_strerror(errno), securitymsg);
- sync_pipe_errmsg_to_parent(2, errmsg, "");
+ sync_pipe_errmsg_to_parent(sync_pipe[PIPE_WRITE], errmsg, "");
/* Exit with "_exit()", so that we don't close the connection
to the X server (and cause stuff buffered up by our parent but
@@ -829,6 +828,8 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd,
_exit(1);
}
+ g_strfreev(argv);
+
if (fetch_dumpcap_pid && *fork_child > 0)
fetch_dumpcap_pid(*fork_child);
@@ -904,7 +905,7 @@ sync_pipe_close_command(int *data_read_fd, int *message_read_fd,
/* XXX - assumes PIPE_BUF_SIZE > SP_MAX_MSG_LEN */
#define PIPE_BUF_SIZE 5120
static int
-sync_pipe_run_command_actual(char* const argv[], gchar **data, gchar **primary_msg,
+sync_pipe_run_command_actual(char **argv, gchar **data, gchar **primary_msg,
gchar **secondary_msg, void(*update_cb)(void))
{
gchar *msg;
@@ -1081,7 +1082,7 @@ sync_pipe_run_command_actual(char* const argv[], gchar **data, gchar **primary_m
* redirects to sync_pipe_run_command_actual()
*/
static int
-sync_pipe_run_command(char* const argv[], gchar **data, gchar **primary_msg,
+sync_pipe_run_command(char **argv, gchar **data, gchar **primary_msg,
gchar **secondary_msg, void (*update_cb)(void))
{
int ret, i;
@@ -1146,22 +1147,14 @@ sync_interface_set_80211_chan(const gchar *iface, const char *freq, const gchar
*primary_msg = g_strdup("Out of mem.");
*secondary_msg = NULL;
*data = NULL;
- free_argv(argv, argc);
return -1;
}
argv = sync_pipe_add_arg(argv, &argc, "-k");
argv = sync_pipe_add_arg(argv, &argc, opt);
-#ifndef DEBUG_CHILD
- /* Run dumpcap in capture child mode */
- argv = sync_pipe_add_arg(argv, &argc, "-Z");
- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE);
-#endif
-
ret = sync_pipe_run_command(argv, data, primary_msg, secondary_msg, update_cb);
g_free(opt);
- free_argv(argv, argc);
return ret;
}
@@ -1199,13 +1192,7 @@ sync_interface_list_open(gchar **data, gchar **primary_msg,
/* Ask for the interface list */
argv = sync_pipe_add_arg(argv, &argc, "-D");
-#ifndef DEBUG_CHILD
- /* Run dumpcap in capture child mode */
- argv = sync_pipe_add_arg(argv, &argc, "-Z");
- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE);
-#endif
ret = sync_pipe_run_command(argv, data, primary_msg, secondary_msg, update_cb);
- free_argv(argv, argc);
return ret;
}
@@ -1253,13 +1240,7 @@ sync_if_capabilities_open(const gchar *ifname, gboolean monitor_mode, const gcha
argv = sync_pipe_add_arg(argv, &argc, auth);
}
-#ifndef DEBUG_CHILD
- /* Run dumpcap in capture child mode */
- argv = sync_pipe_add_arg(argv, &argc, "-Z");
- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE);
-#endif
ret = sync_pipe_run_command(argv, data, primary_msg, secondary_msg, update_cb);
- free_argv(argv, argc);
return ret;
}
@@ -1298,17 +1279,13 @@ sync_interface_stats_open(int *data_read_fd, ws_process_id *fork_child, gchar **
argv = sync_pipe_add_arg(argv, &argc, "-S");
#ifndef DEBUG_CHILD
- argv = sync_pipe_add_arg(argv, &argc, "-Z");
#ifdef _WIN32
create_dummy_signal_pipe();
argv = sync_pipe_add_arg(argv, &argc, dummy_control_id);
-#else
- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE);
#endif
#endif
ret = sync_pipe_open_command(argv, data_read_fd, &message_read_fd,
fork_child, msg, update_cb);
- free_argv(argv, argc);
if (ret == -1) {
return -1;
}
diff --git a/dumpcap.c b/dumpcap.c
index 966806e..f177793 100644
--- a/dumpcap.c
+++ b/dumpcap.c
@@ -123,6 +123,7 @@ static gchar *sig_pipe_name = NULL;
static HANDLE sig_pipe_handle = NULL;
static gboolean signal_pipe_check_running(void);
#endif
+static int sync_pipe_fd = 2;
#ifdef SIGINFO
static gboolean infodelay; /* if TRUE, don't print capture info in SIGINFO handler */
@@ -462,7 +463,7 @@ dumpcap_cmdarg_err(const char *fmt, va_list ap)
gchar *msg;
/* Generate a 'special format' message back to parent */
msg = g_strdup_vprintf(fmt, ap);
- sync_pipe_errmsg_to_parent(2, msg, "");
+ sync_pipe_errmsg_to_parent(sync_pipe_fd, msg, "");
g_free(msg);
} else {
fprintf(stderr, "dumpcap: ");
@@ -482,7 +483,7 @@ dumpcap_cmdarg_err_cont(const char *fmt, va_list ap)
if (capture_child) {
gchar *msg;
msg = g_strdup_vprintf(fmt, ap);
- sync_pipe_errmsg_to_parent(2, msg, "");
+ sync_pipe_errmsg_to_parent(sync_pipe_fd, msg, "");
g_free(msg);
} else {
vfprintf(stderr, fmt, ap);
@@ -742,7 +743,7 @@ show_filter_code(capture_options *capture_opts)
#endif
if (capture_child) {
/* Let our parent know we succeeded. */
- pipe_write_block(2, SP_SUCCESS, NULL);
+ pipe_write_block(sync_pipe_fd, SP_SUCCESS, NULL);
}
return TRUE;
}
@@ -783,7 +784,7 @@ print_machine_readable_interfaces(GList *if_list)
if (capture_child) {
/* Let our parent know we succeeded. */
- pipe_write_block(2, SP_SUCCESS, NULL);
+ pipe_write_block(sync_pipe_fd, SP_SUCCESS, NULL);
}
i = 1; /* Interface id number */
@@ -850,7 +851,7 @@ print_machine_readable_if_capabilities(if_capabilities_t *caps, int queries)
if (capture_child) {
/* Let our parent know we succeeded. */
- pipe_write_block(2, SP_SUCCESS, NULL);
+ pipe_write_block(sync_pipe_fd, SP_SUCCESS, NULL);
}
if (queries & CAPS_QUERY_LINK_TYPES) {
@@ -947,7 +948,7 @@ print_statistics_loop(gboolean machine_readable)
if (capture_child) {
/* Let our parent know we succeeded. */
- pipe_write_block(2, SP_SUCCESS, NULL);
+ pipe_write_block(sync_pipe_fd, SP_SUCCESS, NULL);
}
if (!machine_readable) {
@@ -4655,7 +4656,7 @@ set_80211_channel(const char *iface, const char *opt)
}
if (capture_child)
- pipe_write_block(2, SP_SUCCESS, NULL);
+ pipe_write_block(sync_pipe_fd, SP_SUCCESS, NULL);
out:
g_strfreev(options);
@@ -4810,10 +4811,21 @@ main(int argc, char *argv[])
if (strcmp("-Z", argv[i]) == 0) {
capture_child = TRUE;
machine_readable = TRUE; /* request machine-readable output */
+ i++;
+ if (i >= argc) {
+ exit_main(1);
+ }
+
+ if (strcmp(argv[i], SIGNAL_PIPE_CTRL_ID_NONE) != 0) {
+ // get_positive_int calls cmdarg_err
+ if (!ws_strtoi(argv[i], NULL, &sync_pipe_fd) || sync_pipe_fd <= 0) {
+ exit_main(1);
+ }
#ifdef _WIN32
/* set output pipe to binary mode, to avoid ugly text conversions */
_setmode(2, O_BINARY);
#endif
+ }
}
}
@@ -5049,6 +5061,9 @@ main(int argc, char *argv[])
/*** hidden option: Wireshark child mode (using binary output messages) ***/
case 'Z':
capture_child = TRUE;
+ /*
+ * Handled above
+ */
#ifdef _WIN32
/* set output pipe to binary mode, to avoid ugly text conversions */
_setmode(2, O_BINARY);
@@ -5491,7 +5506,7 @@ console_log_handler(const char *log_domain, GLogLevelFlags log_level,
/* ERROR, CRITICAL, WARNING, MESSAGE messages goto stderr or */
/* to parent especially formatted if dumpcap running as child. */
if (capture_child) {
- sync_pipe_errmsg_to_parent(2, msg, "");
+ sync_pipe_errmsg_to_parent(sync_pipe_fd, msg, "");
} else {
fprintf(stderr, "%s", msg);
fflush(stderr);
@@ -5513,7 +5528,7 @@ report_packet_count(unsigned int packet_count)
if (capture_child) {
g_snprintf(count_str, sizeof(count_str), "%u", packet_count);
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "Packets: %s", count_str);
- pipe_write_block(2, SP_PACKET_COUNT, count_str);
+ pipe_write_block(sync_pipe_fd, SP_PACKET_COUNT, count_str);
} else {
count += packet_count;
fprintf(stderr, "\rPackets: %u ", count);
@@ -5527,7 +5542,7 @@ report_new_capture_file(const char *filename)
{
if (capture_child) {
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "File: %s", filename);
- pipe_write_block(2, SP_FILE, filename);
+ pipe_write_block(sync_pipe_fd, SP_FILE, filename);
} else {
#ifdef SIGINFO
/*
@@ -5566,7 +5581,7 @@ report_cfilter_error(capture_options *capture_opts, guint i, const char *errmsg)
if (capture_child) {
g_snprintf(tmp, sizeof(tmp), "%u:%s", i, errmsg);
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "Capture filter error: %s", errmsg);
- pipe_write_block(2, SP_BAD_FILTER, tmp);
+ pipe_write_block(sync_pipe_fd, SP_BAD_FILTER, tmp);
} else {
/*
* clopts_step_invalid_capfilter in test/suite-clopts.sh MUST match
@@ -5591,7 +5606,7 @@ report_capture_error(const char *error_msg, const char *secondary_error_msg)
"Primary Error: %s", error_msg);
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
"Secondary Error: %s", secondary_error_msg);
- sync_pipe_errmsg_to_parent(2, error_msg, secondary_error_msg);
+ sync_pipe_errmsg_to_parent(sync_pipe_fd, error_msg, secondary_error_msg);
} else {
cmdarg_err("%s", error_msg);
if (secondary_error_msg[0] != '\0')
@@ -5610,7 +5625,7 @@ report_packet_drops(guint32 received, guint32 pcap_drops, guint32 drops, guint32
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
"Packets received/dropped on interface '%s': %u/%u (pcap:%u/dumpcap:%u/flushed:%u/ps_ifdrop:%u)",
name, received, total_drops, pcap_drops, drops, flushed, ps_ifdrop);
- pipe_write_block(2, SP_DROPS, tmp);
+ pipe_write_block(sync_pipe_fd, SP_DROPS, tmp);
g_free(tmp);
} else {
fprintf(stderr,

19
SOURCES/wireshark-0019-CVE-19625.patch Normal file
View File

@ -0,0 +1,19 @@
diff --git a/epan/tvbuff_composite.c b/epan/tvbuff_composite.c
index 5832477f81..e5ab7c8b17 100644
--- a/epan/tvbuff_composite.c
+++ b/epan/tvbuff_composite.c
@@ -51,12 +51,9 @@ composite_free(tvbuff_t *tvb)
}
static guint
-composite_offset(const tvbuff_t *tvb, const guint counter)
+composite_offset(const tvbuff_t *tvb _U_, const guint counter)
{
- const struct tvb_composite *composite_tvb = (const struct tvb_composite *) tvb;
- const tvbuff_t *member = (const tvbuff_t *)composite_tvb->composite.tvbs->data;
-
- return tvb_offset_from_real_beginning_counter(member, counter);
+ return counter;
}
static const guint8*

16
SOURCES/wireshark-0020-CVE-19626.patch Normal file
View File

@ -0,0 +1,16 @@
diff --git a/epan/dissectors/packet-dcom.c b/epan/dissectors/packet-dcom.c
index d12216a767..79cf6a6009 100644
--- a/epan/dissectors/packet-dcom.c
+++ b/epan/dissectors/packet-dcom.c
@@ -1725,8 +1725,10 @@ dissect_dcom_BSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, di, drep,
&u32ArraySize);
- if ((guint32)offset + u32ArraySize*2 > G_MAXINT)
+ if ((guint32)offset + u32ArraySize*2 > G_MAXINT) {
+ pszStr[0] = 0;
return offset;
+ }
realOffset = offset + u32ArraySize*2;

17
SOURCES/wireshark-0021-CVE-19627.patch Normal file
View File

@ -0,0 +1,17 @@
diff --git a/wiretap/vwr.c b/wiretap/vwr.c
index 8725ba9c3c..173614ec34 100644
--- a/wiretap/vwr.c
+++ b/wiretap/vwr.c
@@ -2155,9 +2155,10 @@ static gboolean vwr_read_s3_W_rec(vwr_t *vwr, wtap_rec *record,
end_time = e_time / NS_IN_US; /* convert to microseconds first */
/* extract the 32 LSBs of the signature timestamp field */
- m_ptr = &(rec[stats_offset+8+12]);
+ int m_ptr_offset = stats_offset + 8 + 12;
+ m_ptr = rec + m_ptr_offset;
pay_off = 42; /* 24 (MAC) + 8 (SNAP) + IP */
- sig_off = find_signature(m_ptr, rec_size - 20, pay_off, flow_id, flow_seq);
+ sig_off = find_signature(m_ptr, rec_size - m_ptr_offset, pay_off, flow_id, flow_seq);
if (m_ptr[sig_off] == 0xdd)
sig_ts = get_signature_ts(m_ptr, sig_off, rec_size - vVW510021_W_STATS_TRAILER_LEN);
else

17
SOURCES/wireshark-0022-CVE-19628.patch Normal file
View File

@ -0,0 +1,17 @@
diff --git a/epan/dissectors/packet-zbee-zcl-lighting.c b/epan/dissectors/packet-zbee-zcl-lighting.c
index 2f8d880447..4757c272ce 100644
--- a/epan/dissectors/packet-zbee-zcl-lighting.c
+++ b/epan/dissectors/packet-zbee-zcl-lighting.c
@@ -876,7 +876,11 @@ decode_color_xy(gchar *s, guint16 value)
static void
decode_color_temperature(gchar *s, guint16 value)
{
- g_snprintf(s, ITEM_LABEL_LENGTH, "%d [Mired] (%d [K])", value, 1000000/value);
+ if (value == 0) {
+ g_snprintf(s, ITEM_LABEL_LENGTH, "%u [Mired]", value);
+ } else {
+ g_snprintf(s, ITEM_LABEL_LENGTH, "%u [Mired] (%u [K])", value, 1000000/value);
+ }
return;
} /*decode_power_conf_voltage*/

10
SOURCES/wireshark-0023-desktop-file.patch Normal file
View File

@ -0,0 +1,10 @@
diff --git a/wireshark.desktop b/wireshark.desktop
index 9b7339b..cfc787a 100644
--- a/wireshark.desktop
+++ b/wireshark.desktop
@@ -108,4 +108,4 @@ Terminal=false
MimeType=application/vnd.tcpdump.pcap;application/x-pcapng;application/x-snoop;application/x-iptrace;application/x-lanalyzer;application/x-nettl;application/x-radcom;application/x-etherpeek;application/x-visualnetworks;application/x-netinstobserver;application/x-5view;application/x-tektronix-rf5;application/x-micropross-mplog;application/x-apple-packetlogger;application/x-endace-erf;application/ipfix;application/x-ixia-vwr;
# Category entry according to:
# http://standards.freedesktop.org/menu-spec/1.0/
-Categories=Application;Network;Monitor;Qt;
+Categories=Network;Monitor;Qt;

114
SOURCES/wireshark-0024-covscan.patch Normal file
View File

@ -0,0 +1,114 @@
diff --git a/tshark.c b/tshark.c
index 00c28db781..e02b61b663 100644
--- a/tshark.c
+++ b/tshark.c
@@ -1977,10 +1977,10 @@ real_main(int argc, char *argv[])
/* Activate the export PDU tap */
comment = g_strdup_printf("Dump of PDUs from %s", cf_name);
err = exp_pdu_open(&exp_pdu_tap_data, exp_fd, comment);
+ g_free(comment);
if (err != 0) {
cfile_dump_open_failure_message("TShark", exp_pdu_filename, err,
WTAP_FILE_TYPE_SUBTYPE_PCAPNG);
- g_free(comment);
exit_status = INVALID_EXPORT;
goto clean_exit;
}
diff --git a/ui/export_pdu_ui_utils.c b/ui/export_pdu_ui_utils.c
index a567a61991..c9e40b7a24 100644
--- a/ui/export_pdu_ui_utils.c
+++ b/ui/export_pdu_ui_utils.c
@@ -43,8 +43,8 @@ exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data)
comment = g_strdup_printf("Dump of PDUs from %s", cfile.filename);
err = exp_pdu_open(exp_pdu_tap_data, import_file_fd, comment);
+ g_free(comment);
if (err != 0) {
- g_free(comment);
cfile_dump_open_failure_alert_box(capfile_name ? capfile_name : "temporary file",
err, WTAP_FILE_TYPE_SUBTYPE_PCAPNG);
goto end;
diff --git a/ui/tap_export_pdu.c b/ui/tap_export_pdu.c
index 25232f0452..d3302a5aca 100644
--- a/ui/tap_export_pdu.c
+++ b/ui/tap_export_pdu.c
@@ -82,7 +82,7 @@ export_pdu_packet(void *tapdata, packet_info *pinfo, epan_dissect_t *edt, const
}
int
-exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int fd, char *comment)
+exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int fd, const char *comment)
{
int err;
@@ -103,7 +103,6 @@ exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int fd, char *comment)
/* options */
wtap_block_add_string_option(shb_hdr, OPT_COMMENT, comment, strlen(comment));
- g_free(comment);
/*
* UTF-8 string containing the name of the operating system used to create
diff --git a/ui/tap_export_pdu.h b/ui/tap_export_pdu.h
index ea5c4077e1..9ae2dea65f 100644
--- a/ui/tap_export_pdu.h
+++ b/ui/tap_export_pdu.h
@@ -41,7 +41,7 @@ char *exp_pdu_pre_open(const char *tap_name, const char *filter,
*
* @return 0 on success or a wtap error code.
*/
-int exp_pdu_open(exp_pdu_t *data, int fd, char *comment);
+int exp_pdu_open(exp_pdu_t *data, int fd, const char *comment);
/* Stops the PDUs export. */
int exp_pdu_close(exp_pdu_t *exp_pdu_tap_data);
diff --git a/ui/cli/tap-wspstat.c b/ui/cli/tap-wspstat.c
index 22862cdaf8..fd6f3ad427 100644
--- a/ui/cli/tap-wspstat.c
+++ b/ui/cli/tap-wspstat.c
@@ -252,9 +252,9 @@ wspstat_init(const char *opt_arg, void *userdata _U_)
/* error, we failed to attach to the tap. clean up */
g_free(sp->pdu_stats);
g_free(sp->filter);
- g_free(sp);
g_hash_table_foreach( sp->hash, (GHFunc) wsp_free_hash_table, NULL ) ;
g_hash_table_destroy( sp->hash );
+ g_free(sp);
fprintf(stderr, "tshark: Couldn't register wsp,stat tap: %s\n",
error_string->str);
g_string_free(error_string, TRUE);
diff --git a/epan/dissectors/packet-isobus-vt.c b/epan/dissectors/packet-isobus-vt.c
index 1f9fa98..79f1c1f 100644
--- a/epan/dissectors/packet-isobus-vt.c
+++ b/epan/dissectors/packet-isobus-vt.c
@@ -1546,16 +1546,8 @@ dissect_vt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, enum vt_directio
}
else
{
- if(status == 0)
- {
- col_append_fstr(pinfo->cinfo, COL_INFO, "Status of Auxiliary Input %s was successfully changed to enabled",
- get_object_id_string(auxiliary_input_object_id));
- }
- else
- {
- col_append_fstr(pinfo->cinfo, COL_INFO, "Status of Auxiliary Input %s was successfully changed to enabled",
- get_object_id_string(auxiliary_input_object_id));
- }
+ col_append_fstr(pinfo->cinfo, COL_INFO, "Status of Auxiliary Input %s was successfully changed to enabled",
+ get_object_id_string(auxiliary_input_object_id));
}
}
}
diff --git a/epan/dfilter/dfilter.c b/epan/dfilter/dfilter.c
index a975f84..3e440b3 100644
--- a/epan/dfilter/dfilter.c
+++ b/epan/dfilter/dfilter.c
@@ -221,6 +221,7 @@ dfilter_compile(const gchar *text, dfilter_t **dfp, gchar **err_msg)
}
if ( !( expanded_text = dfilter_macro_apply(text, err_msg) ) ) {
+ *dfp = NULL;
return FALSE;
}

33
SOURCES/wireshark-0025-drop-count.patch Normal file
View File

@ -0,0 +1,33 @@
diff --git a/wiretap/pcapng.c b/wiretap/pcapng.c
index 7b398cf..91fd9b8 100644
--- a/wiretap/pcapng.c
+++ b/wiretap/pcapng.c
@@ -3230,6 +3230,10 @@ pcapng_write_enhanced_packet_block(wtap_dumper *wdh, const wtap_rec *rec,
have_options = TRUE;
options_total_length = options_total_length + 8;
}
+ if (rec->presence_flags & WTAP_HAS_DROP_COUNT) {
+ have_options = TRUE;
+ options_total_length = options_total_length + 12;
+ }
if (have_options) {
/* End-of options tag */
options_total_length += 4;
@@ -3353,6 +3357,17 @@ pcapng_write_enhanced_packet_block(wtap_dumper *wdh, const wtap_rec *rec,
wdh->bytes_dumped += 4;
pcapng_debug("pcapng_write_enhanced_packet_block: Wrote Options packet flags: %x", rec->rec_header.packet_header.pack_flags);
}
+ if (rec->presence_flags & WTAP_HAS_DROP_COUNT) {
+ option_hdr.type = OPT_EPB_DROPCOUNT;
+ option_hdr.value_length = 8;
+ if (!wtap_dump_file_write(wdh, &option_hdr, 4, err))
+ return FALSE;
+ wdh->bytes_dumped += 4;
+ if (!wtap_dump_file_write(wdh, &rec->rec_header.packet_header.drop_count, 8, err))
+ return FALSE;
+ wdh->bytes_dumped += 8;
+ pcapng_debug("pcapng_write_enhanced_packet_block: Wrote Options drop count: %" G_GINT64_MODIFIER "u", rec->rec_header.packet_header.drop_count);
+ }
/* Write end of options if we have options */
if (have_options) {
if (!wtap_dump_file_write(wdh, &zero_pad, 4, err))

875
SOURCES/wireshark-0026-mptcp.patch Normal file
View File

@ -0,0 +1,875 @@
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index 36e8afb2a3..73f4a2647a 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -285,7 +285,9 @@ static int hf_mptcp_analysis_subflows_stream_id = -1;
static int hf_mptcp_analysis_subflows = -1;
static int hf_mptcp_number_of_removed_addresses = -1;
static int hf_mptcp_related_mapping = -1;
-static int hf_mptcp_duplicated_data = -1;
+static int hf_mptcp_reinjection_of = -1;
+static int hf_mptcp_reinjected_in = -1;
+
static int hf_tcp_option_fast_open_cookie_request = -1;
static int hf_tcp_option_fast_open_cookie = -1;
@@ -1455,8 +1457,8 @@ mptcp_init_subflow(tcp_flow_t *flow)
DISSECTOR_ASSERT(flow->mptcp_subflow == 0);
flow->mptcp_subflow = sf;
- sf->mappings = wmem_itree_new(wmem_file_scope());
- sf->dsn_map = wmem_itree_new(wmem_file_scope());
+ sf->ssn2dsn_mappings = wmem_itree_new(wmem_file_scope());
+ sf->dsn2packet_map = wmem_itree_new(wmem_file_scope());
}
@@ -2607,13 +2609,13 @@ guint64 rawdsn64low, guint64 rawdsn64high
mptcp_dsn2packet_mapping_t *packet = NULL;
proto_item *item = NULL;
- results = wmem_itree_find_intervals(subflow->mappings,
+ results = wmem_itree_find_intervals(subflow->dsn2packet_map,
wmem_packet_scope(),
rawdsn64low,
rawdsn64high
);
- for(packet_it=wmem_list_head(results);
+ for(packet_it = wmem_list_head(results);
packet_it != NULL;
packet_it = wmem_list_frame_next(packet_it))
{
@@ -2621,43 +2623,18 @@ guint64 rawdsn64low, guint64 rawdsn64high
packet = (mptcp_dsn2packet_mapping_t *) wmem_list_frame_data(packet_it);
DISSECTOR_ASSERT(packet);
- item = proto_tree_add_uint(tree, hf_mptcp_duplicated_data, tvb, 0, 0, packet->frame);
+ if(pinfo->num > packet->frame) {
+ item = proto_tree_add_uint(tree, hf_mptcp_reinjection_of, tvb, 0, 0, packet->frame);
+ }
+ else {
+ item = proto_tree_add_uint(tree, hf_mptcp_reinjected_in, tvb, 0, 0, packet->frame);
+ }
PROTO_ITEM_SET_GENERATED(item);
}
return packet;
}
-/* Finds mappings that cover the sent data */
-static mptcp_dss_mapping_t *
-mptcp_add_matching_dss_on_subflow(packet_info *pinfo _U_, proto_tree *tree, tvbuff_t *tvb, struct mptcp_subflow *subflow,
-guint32 relseq, guint32 seglen
-)
-{
- wmem_list_t *results = NULL;
- wmem_list_frame_t *dss_it = NULL;
- mptcp_dss_mapping_t *mapping = NULL;
- proto_item *item = NULL;
-
- results = wmem_itree_find_intervals(subflow->mappings,
- wmem_packet_scope(),
- relseq,
- (seglen) ? relseq + seglen - 1 : relseq
- );
-
- for(dss_it=wmem_list_head(results);
- dss_it!= NULL;
- dss_it= wmem_list_frame_next(dss_it))
- {
- mapping = (mptcp_dss_mapping_t *) wmem_list_frame_data(dss_it);
- DISSECTOR_ASSERT(mapping);
-
- item = proto_tree_add_uint(tree, hf_mptcp_related_mapping, tvb, 0, 0, mapping->frame);
- PROTO_ITEM_SET_GENERATED(item);
- }
-
- return mapping;
-}
/* Lookup mappings that describe the packet and then converts the tcp seq number
* into the MPTCP Data Sequence Number (DSN)
@@ -2698,13 +2675,29 @@ mptcp_analysis_dsn_lookup(packet_info *pinfo , tvbuff_t *tvb,
rawdsn = tcpd->fwd->mptcp_subflow->meta->base_dsn;
convert = DSN_CONV_NONE;
}
+ /* if it's a non-syn packet without data (just used to convey TCP options)
+ * then there would be no mappings */
+ else if(relseq == 1 && tcph->th_seglen == 0) {
+ rawdsn = tcpd->fwd->mptcp_subflow->meta->base_dsn + 1;
+ convert = DSN_CONV_NONE;
+ }
else {
- /* display packets that conveyed the mappings covering the data range */
- mapping = mptcp_add_matching_dss_on_subflow(pinfo, parent_tree, tvb,
- tcpd->fwd->mptcp_subflow, relseq,
- (tcph->th_have_seglen) ? tcph->th_seglen : 0
- );
- if(mapping == NULL) {
+
+ wmem_list_frame_t *dss_it = NULL;
+ wmem_list_t *results = NULL;
+ guint32 ssn_low = relseq;
+ guint32 seglen = tcph->th_seglen;
+
+ results = wmem_itree_find_intervals(tcpd->fwd->mptcp_subflow->ssn2dsn_mappings,
+ wmem_packet_scope(),
+ ssn_low,
+ (seglen) ? ssn_low + seglen - 1 : ssn_low
+ );
+ dss_it = wmem_list_head(results); /* assume it's always ok */
+ if(dss_it) {
+ mapping = (mptcp_dss_mapping_t *) wmem_list_frame_data(dss_it);
+ }
+ if(dss_it == NULL || mapping == NULL) {
expert_add_info(pinfo, parent_tree, &ei_mptcp_mapping_missing);
return;
}
@@ -2713,6 +2706,19 @@ mptcp_analysis_dsn_lookup(packet_info *pinfo , tvbuff_t *tvb,
}
DISSECTOR_ASSERT(mapping);
+ if(seglen) {
+ /* Finds mappings that cover the sent data and adds them to the dissection tree */
+ for(dss_it = wmem_list_head(results);
+ dss_it != NULL;
+ dss_it = wmem_list_frame_next(dss_it))
+ {
+ mapping = (mptcp_dss_mapping_t *) wmem_list_frame_data(dss_it);
+ DISSECTOR_ASSERT(mapping);
+
+ item = proto_tree_add_uint(parent_tree, hf_mptcp_related_mapping, tvb, 0, 0, mapping->frame);
+ PROTO_ITEM_SET_GENERATED(item);
+ }
+ }
convert = (mapping->extended_dsn) ? DSN_CONV_NONE : DSN_CONV_32_TO_64;
DISSECTOR_ASSERT(mptcp_map_relssn_to_rawdsn(mapping, relseq, &rawdsn));
@@ -2732,39 +2738,40 @@ mptcp_analysis_dsn_lookup(packet_info *pinfo , tvbuff_t *tvb,
proto_item_append_text(item, " (Relative)");
}
- /* register */
- if (!PINFO_FD_VISITED(pinfo))
- {
- mptcp_dsn2packet_mapping_t *packet;
- packet = wmem_new0(wmem_file_scope(), mptcp_dsn2packet_mapping_t);
- packet->frame = pinfo->fd->num;
- packet->subflow = tcpd;
-
- /* tcph->th_mptcp->mh_rawdsn64 */
- if (tcph->th_have_seglen) {
- wmem_itree_insert(tcpd->fwd->mptcp_subflow->dsn_map,
+ /* register dsn->packet mapping */
+ if(mptcp_intersubflows_retransmission
+ && !PINFO_FD_VISITED(pinfo)
+ && tcph->th_seglen > 0
+ ) {
+ mptcp_dsn2packet_mapping_t *packet = 0;
+ packet = wmem_new0(wmem_file_scope(), mptcp_dsn2packet_mapping_t);
+ packet->frame = pinfo->fd->num;
+ packet->subflow = tcpd;
+
+ wmem_itree_insert(tcpd->fwd->mptcp_subflow->dsn2packet_map,
tcph->th_mptcp->mh_rawdsn64,
tcph->th_mptcp->mh_rawdsn64 + (tcph->th_seglen - 1 ),
packet
);
- }
}
PROTO_ITEM_SET_GENERATED(item);
/* We can do this only if rawdsn64 is valid !
if enabled, look for overlapping mappings on other subflows */
- if(mptcp_intersubflows_retransmission) {
+ if(mptcp_intersubflows_retransmission
+ && tcph->th_have_seglen
+ && tcph->th_seglen) {
wmem_list_frame_t *subflow_it = NULL;
- /* results should be some kind of in case 2 DSS are needed to cover this packet */
+ /* results should be some kind of list in case 2 DSS are needed to cover this packet */
for(subflow_it = wmem_list_head(mptcpd->subflows); subflow_it != NULL; subflow_it = wmem_list_frame_next(subflow_it)) {
struct tcp_analysis *sf_tcpd = (struct tcp_analysis *)wmem_list_frame_data(subflow_it);
struct mptcp_subflow *sf = mptcp_select_subflow_from_meta(sf_tcpd, tcpd->fwd->mptcp_subflow->meta);
/* for current subflow */
if (sf == tcpd->fwd->mptcp_subflow) {
- /* skip, was done just before */
+ /* skip, this is the current subflow */
}
/* in case there were retransmissions on other subflows */
else {
@@ -2776,7 +2783,7 @@ mptcp_analysis_dsn_lookup(packet_info *pinfo , tvbuff_t *tvb,
}
}
else {
- /* ignore and continue */
+ /* could not get the rawdsn64, ignore and continue */
}
}
@@ -4590,7 +4597,6 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
if (!PINFO_FD_VISITED(pinfo))
{
-
/* register SSN range described by the mapping into a subflow interval_tree */
mptcp_dss_mapping_t *mapping = NULL;
mapping = wmem_new0(wmem_file_scope(), mptcp_dss_mapping_t);
@@ -4601,7 +4607,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
mapping->ssn_low = mph->mh_dss_ssn;
mapping->ssn_high = mph->mh_dss_ssn + mph->mh_dss_length-1;
- wmem_itree_insert(tcpd->fwd->mptcp_subflow->mappings,
+ wmem_itree_insert(tcpd->fwd->mptcp_subflow->ssn2dsn_mappings,
mph->mh_dss_ssn,
mapping->ssn_high,
mapping
@@ -7564,15 +7570,19 @@ proto_register_tcp(void)
"This frame has some of the MPTCP analysis shown", HFILL }},
{ &hf_mptcp_related_mapping,
- { "Related mapping", "mptcp.related_mapping", FT_FRAMENUM , BASE_NONE, NULL, 0x0,
- "Packet in which mapping describing current packet was sent", HFILL }},
+ { "Related mapping", "mptcp.related_mapping", FT_FRAMENUM , BASE_NONE, NULL, 0x0,
+ "Packet in which current packet DSS mapping was sent", HFILL }},
+
+ { &hf_mptcp_reinjection_of,
+ { "Reinjection of", "mptcp.reinjection_of", FT_FRAMENUM , BASE_NONE, NULL, 0x0,
+ "This is a retransmission of data sent on another subflow", HFILL }},
- { &hf_mptcp_duplicated_data,
- { "Was data duplicated", "mptcp.duplicated_dsn", FT_FRAMENUM , BASE_NONE, NULL, 0x0,
+ { &hf_mptcp_reinjected_in,
+ { "Data reinjected in", "mptcp.reinjected_in", FT_FRAMENUM , BASE_NONE, NULL, 0x0,
"This was retransmitted on another subflow", HFILL }},
{ &hf_mptcp_analysis_subflows,
- { "TCP subflow stream id(s):", "mptcp.analysis.subflows", FT_NONE, BASE_NONE, NULL, 0x0,
+ { "TCP subflow stream id(s):", "mptcp.analysis.subflows", FT_NONE, BASE_NONE, NULL, 0x0,
"List all TCP connections mapped to this MPTCP connection", HFILL }},
{ &hf_mptcp_stream,
@@ -7752,13 +7762,16 @@ proto_register_tcp(void)
&mptcp_relative_seq);
prefs_register_bool_preference(mptcp_module, "analyze_mappings",
- "In depth analysis of Data Sequence Signal (DSS) mappings.",
+ "Deeper analysis of Data Sequence Signal (DSS)",
+ "Scales logarithmically with the number of packets"
"You need to capture the handshake for this to work."
"\"Map TCP subflows to their respective MPTCP connections\"",
&mptcp_analyze_mappings);
prefs_register_bool_preference(mptcp_module, "intersubflows_retransmission",
"Check for data duplication across subflows",
+ "(Greedy algorithm: Scales linearly with number of subflows and"
+ " logarithmic scaling with number of packets)"
"You need to enable DSS mapping analysis for this option to work",
&mptcp_intersubflows_retransmission);
diff --git a/epan/dissectors/packet-tcp.h b/epan/dissectors/packet-tcp.h
index 7f84351ade..c1811fa049 100644
--- a/epan/dissectors/packet-tcp.h
+++ b/epan/dissectors/packet-tcp.h
@@ -257,15 +257,16 @@ struct mptcp_subflow {
guint8 address_id; /* sent during an MP_JOIN */
- /* Attempt to map DSN to packets
- * Ideally this was to generate application latency
- * each node contains a GSList * ?
- * this should be done in tap or 3rd party tools
+ /* map DSN to packets
+ * Used when looking for reinjections across subflows
*/
- wmem_itree_t *dsn_map;
+ wmem_itree_t *dsn2packet_map;
- /* Map SSN to a DSS mappings, each node registers a mptcp_dss_mapping_t */
- wmem_itree_t *mappings;
+ /* Map SSN to a DSS mappings
+ * a DSS can map DSN to SSNs possibily over several packets,
+ * hence some packets may have been mapped by previous DSS,
+ * whence the necessity to be able to look for SSN -> DSN */
+ wmem_itree_t *ssn2dsn_mappings;
/* meta flow to which it is attached. Helps setting forward and backward meta flow */
mptcp_meta_flow_t *meta;
};
diff --git a/epan/wmem/wmem_interval_tree.c b/epan/wmem/wmem_interval_tree.c
index d52267de18..48888996b7 100644
--- a/epan/wmem/wmem_interval_tree.c
+++ b/epan/wmem/wmem_interval_tree.c
@@ -121,7 +121,7 @@ wmem_itree_insert(wmem_itree_t *tree, const guint64 low, const guint64 high, voi
node = wmem_tree_insert(tree, range, data, (compare_func)wmem_tree_compare_ranges);
/* Even If no rotations, still a need to update max_edge */
- update_max_edge(node);
+ update_max_edge(node->parent);
}
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index 74e9b6b10c..efcfa005af 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -4361,6 +4361,35 @@ get_or_create_mptcpd_from_key(struct tcp_analysis* tcpd, tcp_flow_t *fwd, guint6
return mptcpd;
}
+/* record this mapping */
+static
+void analyze_mapping(struct tcp_analysis *tcpd, packet_info *pinfo, guint16 len, guint64 dsn, gboolean extended, guint32 ssn) {
+
+ /* store mapping only if analysis is enabled and mapping is not unlimited */
+ if (!mptcp_analyze_mappings || !len) {
+ return;
+ }
+
+ if (PINFO_FD_VISITED(pinfo)) {
+ return;
+ }
+
+ /* register SSN range described by the mapping into a subflow interval_tree */
+ mptcp_dss_mapping_t *mapping = NULL;
+ mapping = wmem_new0(wmem_file_scope(), mptcp_dss_mapping_t);
+
+ mapping->rawdsn = dsn;
+ mapping->extended_dsn = extended;
+ mapping->frame = pinfo->fd->num;
+ mapping->ssn_low = ssn;
+ mapping->ssn_high = ssn + len - 1;
+
+ wmem_itree_insert(tcpd->fwd->mptcp_subflow->ssn2dsn_mappings,
+ mapping->ssn_low,
+ mapping->ssn_high,
+ mapping
+ );
+}
/*
* The TCP Extensions for Multipath Operation with Multiple Addresses
@@ -4449,8 +4478,11 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
}
offset += 1;
- /* optlen == 12 => SYN or SYN/ACK; optlen == 20 => ACK */
- if (optlen == 12 || optlen == 20) {
+ /* optlen == 12 => SYN or SYN/ACK; optlen == 20 => ACK;
+ * optlen == 22 => ACK + data (v1 only);
+ * optlen == 24 => ACK + data + csum (v1 only)
+ */
+ if (optlen == 12 || optlen == 20 || optlen == 22 || optlen == 24) {
mph->mh_key = tvb_get_ntoh64(tvb,offset);
proto_tree_add_uint64(mptcp_tree, hf_tcp_option_mptcp_sender_key, tvb, offset, 8, mph->mh_key);
@@ -4468,9 +4500,10 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
PROTO_ITEM_SET_GENERATED(item);
/* last ACK of 3WHS, repeats both keys */
- if (optlen == 20) {
+ if (optlen >= 20) {
guint64 recv_key = tvb_get_ntoh64(tvb,offset);
proto_tree_add_uint64(mptcp_tree, hf_tcp_option_mptcp_recv_key, tvb, offset, 8, recv_key);
+ offset += 8;
if(tcpd->rev->mptcp_subflow->meta
&& (tcpd->rev->mptcp_subflow->meta->static_flags & MPTCP_META_HAS_KEY)) {
@@ -4484,6 +4517,26 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
mptcpd = get_or_create_mptcpd_from_key(tcpd, tcpd->rev, recv_key, mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK);
}
}
+
+ /* MPTCP v1 ACK + data, contains data_len and optional checksum */
+ if (optlen >= 22) {
+ proto_tree_add_item(mptcp_tree, hf_tcp_option_mptcp_data_lvl_len, tvb, offset, 2, ENC_BIG_ENDIAN);
+ mph->mh_dss_length = tvb_get_ntohs(tvb,offset);
+ offset += 2;
+
+ if (mph->mh_dss_length == 0) {
+ expert_add_info(pinfo, mptcp_tree, &ei_mptcp_infinite_mapping);
+ }
+
+ /* when data len is present, this MP_CAPABLE also carries an implicit mapping ... */
+ analyze_mapping(tcpd, pinfo, mph->mh_dss_length, tcpd->fwd->mptcp_subflow->meta->base_dsn + 1, TRUE, tcph->th_seq);
+
+ /* ... with optional checksum */
+ if (optlen == 24)
+ {
+ proto_tree_add_checksum(mptcp_tree, tvb, offset, hf_tcp_option_mptcp_checksum, -1, NULL, pinfo, 0, ENC_BIG_ENDIAN, PROTO_CHECKSUM_NO_FLAGS);
+ }
+ }
}
break;
@@ -4650,29 +4703,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
/* ignore and continue */
}
- /* if mapping analysis enabled and not a */
- if(mptcp_analyze_mappings && mph->mh_dss_length)
- {
-
- if (!PINFO_FD_VISITED(pinfo))
- {
- /* register SSN range described by the mapping into a subflow interval_tree */
- mptcp_dss_mapping_t *mapping = NULL;
- mapping = wmem_new0(wmem_file_scope(), mptcp_dss_mapping_t);
-
- mapping->rawdsn = mph->mh_dss_rawdsn;
- mapping->extended_dsn = (mph->mh_dss_flags & MPTCP_DSS_FLAG_DATA_ACK_8BYTES);
- mapping->frame = pinfo->fd->num;
- mapping->ssn_low = mph->mh_dss_ssn;
- mapping->ssn_high = mph->mh_dss_ssn + mph->mh_dss_length-1;
-
- wmem_itree_insert(tcpd->fwd->mptcp_subflow->ssn2dsn_mappings,
- mph->mh_dss_ssn,
- mapping->ssn_high,
- mapping
- );
- }
- }
+ analyze_mapping(tcpd, pinfo, mph->mh_dss_length, mph->mh_dss_rawdsn, mph->mh_dss_flags & MPTCP_DSS_FLAG_DATA_ACK_8BYTES, mph->mh_dss_ssn);
if ((int)optlen >= offset-start_offset+4)
{
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index efcfa005af..238b592927 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -246,7 +246,8 @@ static int hf_tcp_option_mptcp_flags = -1;
static int hf_tcp_option_mptcp_backup_flag = -1;
static int hf_tcp_option_mptcp_checksum_flag = -1;
static int hf_tcp_option_mptcp_B_flag = -1;
-static int hf_tcp_option_mptcp_H_flag = -1;
+static int hf_tcp_option_mptcp_H_v0_flag = -1;
+static int hf_tcp_option_mptcp_H_v1_flag = -1;
static int hf_tcp_option_mptcp_F_flag = -1;
static int hf_tcp_option_mptcp_m_flag = -1;
static int hf_tcp_option_mptcp_M_flag = -1;
@@ -593,10 +594,18 @@ static guint32 mptcp_stream_count;
*/
static wmem_tree_t *mptcp_tokens = NULL;
-static const int *tcp_option_mptcp_capable_flags[] = {
+static const int *tcp_option_mptcp_capable_v0_flags[] = {
&hf_tcp_option_mptcp_checksum_flag,
&hf_tcp_option_mptcp_B_flag,
- &hf_tcp_option_mptcp_H_flag,
+ &hf_tcp_option_mptcp_H_v0_flag,
+ &hf_tcp_option_mptcp_reserved_flag,
+ NULL
+};
+
+static const int *tcp_option_mptcp_capable_v1_flags[] = {
+ &hf_tcp_option_mptcp_checksum_flag,
+ &hf_tcp_option_mptcp_B_flag,
+ &hf_tcp_option_mptcp_H_v1_flag,
&hf_tcp_option_mptcp_reserved_flag,
NULL
};
@@ -2574,6 +2583,24 @@ mptcp_cryptodata_sha1(const guint64 key, guint32 *token, guint64 *idsn)
*idsn = GUINT64_FROM_BE(_isdn);
}
+/* Generate the initial data sequence number and MPTCP connection token from the key. */
+static void
+mptcp_cryptodata_sha256(const guint64 key, guint32 *token, guint64 *idsn)
+{
+ guint8 digest_buf[HASH_SHA2_256_LENGTH];
+ guint64 pseudokey = GUINT64_TO_BE(key);
+ guint32 _token;
+ guint64 _isdn;
+
+ gcry_md_hash_buffer(GCRY_MD_SHA256, digest_buf, (const guint8 *)&pseudokey, 8);
+
+ /* memcpy to prevent -Wstrict-aliasing errors with GCC 4 */
+ memcpy(&_token, digest_buf, sizeof(_token));
+ *token = GUINT32_FROM_BE(_token);
+ memcpy(&_isdn, digest_buf + HASH_SHA2_256_LENGTH - sizeof(_isdn), sizeof(_isdn));
+ *idsn = GUINT64_FROM_BE(_isdn);
+}
+
/* Print formatted list of tcp stream ids that are part of the connection */
static void
@@ -4338,7 +4365,7 @@ mptcp_get_meta_from_token(struct tcp_analysis* tcpd, tcp_flow_t *tcp_flow, guint
/* setup from_key */
static
struct mptcp_analysis*
-get_or_create_mptcpd_from_key(struct tcp_analysis* tcpd, tcp_flow_t *fwd, guint64 key, guint8 hmac_algo _U_) {
+get_or_create_mptcpd_from_key(struct tcp_analysis* tcpd, tcp_flow_t *fwd, guint8 version, guint64 key, guint8 hmac_algo _U_) {
guint32 token = 0;
guint64 expected_idsn= 0;
@@ -4348,8 +4375,11 @@ get_or_create_mptcpd_from_key(struct tcp_analysis* tcpd, tcp_flow_t *fwd, guint6
return mptcpd;
}
- /* MPTCP only standardizes SHA1 for now. */
- mptcp_cryptodata_sha1(key, &token, &expected_idsn);
+ /* MPTCP v0 only standardizes SHA1, and v1 SHA256. */
+ if (version == 0)
+ mptcp_cryptodata_sha1(key, &token, &expected_idsn);
+ else if (version == 1)
+ mptcp_cryptodata_sha256(key, &token, &expected_idsn);
mptcpd = mptcp_get_meta_from_token(tcpd, fwd, token);
@@ -4409,6 +4439,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
proto_item *item,*main_item;
proto_tree *mptcp_tree;
+ guint32 version;
guint8 subtype;
guint8 ipver;
int offset = 0;
@@ -4462,18 +4493,19 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
case TCPOPT_MPTCP_MP_CAPABLE:
mph->mh_mpc = TRUE;
- proto_tree_add_item(mptcp_tree, hf_tcp_option_mptcp_version, tvb,
- offset, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item_ret_uint(mptcp_tree, hf_tcp_option_mptcp_version, tvb,
+ offset, 1, ENC_BIG_ENDIAN, &version);
offset += 1;
item = proto_tree_add_bitmask(mptcp_tree, tvb, offset, hf_tcp_option_mptcp_flags,
- ett_tcp_option_mptcp, tcp_option_mptcp_capable_flags,
+ ett_tcp_option_mptcp,
+ version == 1 ? tcp_option_mptcp_capable_v1_flags : tcp_option_mptcp_capable_v0_flags,
ENC_BIG_ENDIAN);
mph->mh_capable_flags = tvb_get_guint8(tvb, offset);
if ((mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK) == 0) {
expert_add_info(pinfo, item, &ei_mptcp_analysis_missing_algorithm);
}
- if ((mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK) != MPTCP_HMAC_SHA1) {
+ if ((mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK) != MPTCP_HMAC_SHA) {
expert_add_info(pinfo, item, &ei_mptcp_analysis_unsupported_algorithm);
}
offset += 1;
@@ -4488,7 +4520,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
proto_tree_add_uint64(mptcp_tree, hf_tcp_option_mptcp_sender_key, tvb, offset, 8, mph->mh_key);
offset += 8;
- mptcpd = get_or_create_mptcpd_from_key(tcpd, tcpd->fwd, mph->mh_key, mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK);
+ mptcpd = get_or_create_mptcpd_from_key(tcpd, tcpd->fwd, version, mph->mh_key, mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK);
mptcpd->master = tcpd;
item = proto_tree_add_uint(mptcp_tree,
@@ -4514,7 +4546,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
}
}
else {
- mptcpd = get_or_create_mptcpd_from_key(tcpd, tcpd->rev, recv_key, mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK);
+ mptcpd = get_or_create_mptcpd_from_key(tcpd, tcpd->rev, version, recv_key, mph->mh_capable_flags & MPTCP_CAPABLE_CRYPTO_MASK);
}
}
@@ -7147,10 +7179,14 @@ proto_register_tcp(void)
{ "Extensibility", "tcp.options.mptcp.extensibility.flag", FT_UINT8,
BASE_DEC, NULL, 0x40, NULL, HFILL}},
- { &hf_tcp_option_mptcp_H_flag,
+ { &hf_tcp_option_mptcp_H_v0_flag,
{ "Use HMAC-SHA1", "tcp.options.mptcp.sha1.flag", FT_UINT8,
BASE_DEC, NULL, 0x01, NULL, HFILL}},
+ { &hf_tcp_option_mptcp_H_v1_flag,
+ { "Use HMAC-SHA256", "tcp.options.mptcp.sha256.flag", FT_UINT8,
+ BASE_DEC, NULL, 0x01, NULL, HFILL}},
+
{ &hf_tcp_option_mptcp_F_flag,
{ "DATA_FIN", "tcp.options.mptcp.datafin.flag", FT_UINT8,
BASE_DEC, NULL, MPTCP_DSS_FLAG_DATA_FIN_PRESENT, NULL, HFILL}},
diff --git a/epan/dissectors/packet-tcp.h b/epan/dissectors/packet-tcp.h
index dfee9cdeb4..38630d3a51 100644
--- a/epan/dissectors/packet-tcp.h
+++ b/epan/dissectors/packet-tcp.h
@@ -277,7 +277,8 @@ struct mptcp_subflow {
typedef enum {
MPTCP_HMAC_NOT_SET = 0,
- MPTCP_HMAC_SHA1 = 1,
+ /* this is either SHA1 for MPTCP v0 or sha256 for MPTCP v1 */
+ MPTCP_HMAC_SHA = 1,
MPTCP_HMAC_LAST
} mptcp_hmac_algorithm_t;
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index c4a9a6eb15..ca284604ed 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -271,6 +271,7 @@ static int hf_tcp_option_mptcp_subflow_seq_no = -1;
static int hf_tcp_option_mptcp_data_lvl_len = -1;
static int hf_tcp_option_mptcp_checksum = -1;
static int hf_tcp_option_mptcp_ipver = -1;
+static int hf_tcp_option_mptcp_echo = -1;
static int hf_tcp_option_mptcp_ipv4 = -1;
static int hf_tcp_option_mptcp_ipv6 = -1;
static int hf_tcp_option_mptcp_port = -1;
@@ -4776,33 +4777,32 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
break;
case TCPOPT_MPTCP_ADD_ADDR:
- proto_tree_add_item(mptcp_tree,
- hf_tcp_option_mptcp_ipver, tvb, offset, 1, ENC_BIG_ENDIAN);
ipver = tvb_get_guint8(tvb, offset) & 0x0F;
+ if (ipver == 4 || ipver == 6)
+ proto_tree_add_item(mptcp_tree,
+ hf_tcp_option_mptcp_ipver, tvb, offset, 1, ENC_BIG_ENDIAN);
+ else
+ proto_tree_add_item(mptcp_tree,
+ hf_tcp_option_mptcp_echo, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(mptcp_tree,
hf_tcp_option_mptcp_address_id, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
- switch (ipver) {
- case 4:
- proto_tree_add_item(mptcp_tree,
+ if (optlen == 8 || optlen == 10 || optlen == 16 || optlen == 18) {
+ proto_tree_add_item(mptcp_tree,
hf_tcp_option_mptcp_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN);
- offset += 4;
- break;
+ offset += 4;
+ }
- case 6:
- proto_tree_add_item(mptcp_tree,
+ if (optlen == 20 || optlen == 22 || optlen == 28 || optlen == 30) {
+ proto_tree_add_item(mptcp_tree,
hf_tcp_option_mptcp_ipv6, tvb, offset, 16, ENC_NA);
- offset += 16;
- break;
-
- default:
- break;
+ offset += 16;
}
- if (optlen % 4 == 2) {
+ if (optlen == 10 || optlen == 18 || optlen == 22 || optlen == 30) {
proto_tree_add_item(mptcp_tree,
hf_tcp_option_mptcp_port, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
@@ -7303,6 +7303,10 @@ proto_register_tcp(void)
{ "IP version", "tcp.options.mptcp.ipver", FT_UINT8,
BASE_DEC, NULL, 0x0F, NULL, HFILL}},
+ { &hf_tcp_option_mptcp_echo,
+ { "Echo", "tcp.options.mptcp.echo", FT_UINT8,
+ BASE_DEC, NULL, 0x01, NULL, HFILL}},
+
{ &hf_tcp_option_mptcp_ipv4,
{ "Advertised IPv4 Address", "tcp.options.mptcp.ipv4", FT_IPv4,
BASE_NONE, NULL, 0x0, NULL, HFILL}},
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index 6bc1915e82..b0ed652215 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -2152,13 +2152,19 @@ tcp_analyze_sequence_number(packet_info *pinfo, guint32 seq, guint32 ack, guint3
&& seq==tcpd->fwd->tcp_analyze_seq_info->nextseq
&& ack==tcpd->fwd->tcp_analyze_seq_info->lastack
&& (flags&(TH_SYN|TH_FIN|TH_RST))==0 ) {
- tcpd->fwd->tcp_analyze_seq_info->dupacknum++;
- if(!tcpd->ta) {
- tcp_analyze_get_acked_struct(pinfo->num, seq, ack, TRUE, tcpd);
- }
- tcpd->ta->flags|=TCP_A_DUPLICATE_ACK;
- tcpd->ta->dupack_num=tcpd->fwd->tcp_analyze_seq_info->dupacknum;
- tcpd->ta->dupack_frame=tcpd->fwd->tcp_analyze_seq_info->lastnondupack;
+
+ /* MPTCP tolerates duplicate acks in some circumstances, see RFC 8684 4. */
+ if(tcpd->mptcp_analysis && (tcpd->mptcp_analysis->mp_operations!=tcpd->fwd->mp_operations)) {
+ /* just ignore this DUPLICATE ACK */
+ } else {
+ tcpd->fwd->tcp_analyze_seq_info->dupacknum++;
+ if(!tcpd->ta) {
+ tcp_analyze_get_acked_struct(pinfo->num, seq, ack, TRUE, tcpd);
+ }
+ tcpd->ta->flags|=TCP_A_DUPLICATE_ACK;
+ tcpd->ta->dupack_num=tcpd->fwd->tcp_analyze_seq_info->dupacknum;
+ tcpd->ta->dupack_frame=tcpd->fwd->tcp_analyze_seq_info->lastnondupack;
+ }
}
@@ -2343,6 +2349,10 @@ finished_checking_retransmission_type:
tcpd->fwd->tcp_analyze_seq_info->lastacktime.secs=pinfo->abs_ts.secs;
tcpd->fwd->tcp_analyze_seq_info->lastacktime.nsecs=pinfo->abs_ts.nsecs;
+ /* remember the MPTCP operations if any */
+ if( tcpd->mptcp_analysis ) {
+ tcpd->fwd->mp_operations=tcpd->mptcp_analysis->mp_operations;
+ }
/* if there were any flags set for this segment we need to remember them
* we only remember the flags for the very last segment though.
@@ -2702,24 +2712,17 @@ mptcp_analysis_add_subflows(packet_info *pinfo _U_, tvbuff_t *tvb,
proto_tree *parent_tree, struct mptcp_analysis* mptcpd)
{
wmem_list_frame_t *it;
- proto_tree *tree;
proto_item *item;
- item=proto_tree_add_item(parent_tree, hf_mptcp_analysis_subflows, tvb, 0, 0, ENC_NA);
- PROTO_ITEM_SET_GENERATED(item);
-
- tree=proto_item_add_subtree(item, ett_mptcp_analysis_subflows);
+ wmem_strbuf_t *val = wmem_strbuf_new(wmem_packet_scope(), "");
/* for the analysis, we set each subflow tcp stream id */
for(it = wmem_list_head(mptcpd->subflows); it != NULL; it = wmem_list_frame_next(it)) {
struct tcp_analysis *sf = (struct tcp_analysis *)wmem_list_frame_data(it);
- proto_item *subflow_item;
- subflow_item=proto_tree_add_uint(tree, hf_mptcp_analysis_subflows_stream_id, tvb, 0, 0, sf->stream);
- PROTO_ITEM_SET_HIDDEN(subflow_item);
-
- proto_item_append_text(item, " %d", sf->stream);
+ wmem_strbuf_append_printf(val, "%u ", sf->stream);
}
+ item = proto_tree_add_string(parent_tree, hf_mptcp_analysis_subflows, tvb, 0, 0, wmem_strbuf_get_str(val));
PROTO_ITEM_SET_GENERATED(item);
}
@@ -2962,6 +2965,42 @@ mptcp_add_analysis_subtree(packet_info *pinfo, tvbuff_t *tvb, proto_tree *parent
PROTO_ITEM_SET_GENERATED(item);
+ /* store the TCP Options related to MPTCP then we will avoid false DUP ACKs later */
+ guint8 nbOptionsChanged = 0;
+ if((tcpd->mptcp_analysis->mp_operations&(0x01))!=tcph->th_mptcp->mh_mpc) {
+ tcpd->mptcp_analysis->mp_operations |= 0x01;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x02))!=tcph->th_mptcp->mh_join) {
+ tcpd->mptcp_analysis->mp_operations |= 0x02;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x04))!=tcph->th_mptcp->mh_dss) {
+ tcpd->mptcp_analysis->mp_operations |= 0x04;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x08))!=tcph->th_mptcp->mh_add) {
+ tcpd->mptcp_analysis->mp_operations |= 0x08;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x10))!=tcph->th_mptcp->mh_remove) {
+ tcpd->mptcp_analysis->mp_operations |= 0x10;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x20))!=tcph->th_mptcp->mh_prio) {
+ tcpd->mptcp_analysis->mp_operations |= 0x20;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x40))!=tcph->th_mptcp->mh_fail) {
+ tcpd->mptcp_analysis->mp_operations |= 0x40;
+ nbOptionsChanged++;
+ }
+ if((tcpd->mptcp_analysis->mp_operations&(0x80))!=tcph->th_mptcp->mh_fastclose) {
+ tcpd->mptcp_analysis->mp_operations |= 0x80;
+ nbOptionsChanged++;
+ }
+ /* we could track MPTCP option changes here, with nbOptionsChanged */
+
item = proto_tree_add_uint(tree, hf_mptcp_stream, tvb, 0, 0, mptcpd->stream);
PROTO_ITEM_SET_GENERATED(item);
@@ -4537,6 +4576,7 @@ get_or_create_mptcpd_from_key(struct tcp_analysis* tcpd, tcp_flow_t *fwd, guint8
DISSECTOR_ASSERT(fwd->mptcp_subflow->meta);
+ fwd->mptcp_subflow->meta->version = version;
fwd->mptcp_subflow->meta->key = key;
fwd->mptcp_subflow->meta->static_flags |= MPTCP_META_HAS_KEY;
fwd->mptcp_subflow->meta->base_dsn = expected_idsn;
@@ -4747,6 +4787,13 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
offset += 4;
mptcpd = mptcp_get_meta_from_token(tcpd, tcpd->rev, mph->mh_token);
+ if (tcpd->fwd->mptcp_subflow->meta->version == 1) {
+ mptcp_meta_flow_t *tmp = tcpd->fwd->mptcp_subflow->meta;
+
+ /* if the negotiated version is v1 the first key was exchanged on SYN/ACK packet: we must swap the meta */
+ tcpd->fwd->mptcp_subflow->meta = tcpd->rev->mptcp_subflow->meta;
+ tcpd->rev->mptcp_subflow->meta = tmp;
+ }
proto_tree_add_item_ret_uint(mptcp_tree, hf_tcp_option_mptcp_sender_rand, tvb, offset,
4, ENC_BIG_ENDIAN, &tcpd->fwd->mptcp_subflow->nonce);
@@ -4897,6 +4944,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
break;
case TCPOPT_MPTCP_ADD_ADDR:
+ mph->mh_add = TRUE;
ipver = tvb_get_guint8(tvb, offset) & 0x0F;
if (ipver == 4 || ipver == 6)
proto_tree_add_item(mptcp_tree,
@@ -4935,6 +4983,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
break;
case TCPOPT_MPTCP_REMOVE_ADDR:
+ mph->mh_remove = TRUE;
item = proto_tree_add_uint(mptcp_tree, hf_mptcp_number_of_removed_addresses, tvb, start_offset+2,
1, optlen - 3);
PROTO_ITEM_SET_GENERATED(item);
@@ -4947,6 +4996,7 @@ dissect_tcpopt_mptcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
break;
case TCPOPT_MPTCP_MP_PRIO:
+ mph->mh_prio = TRUE;
proto_tree_add_bitmask(mptcp_tree, tvb, offset, hf_tcp_option_mptcp_flags,
ett_tcp_option_mptcp, tcp_option_mptcp_join_flags,
ENC_BIG_ENDIAN);
@@ -8040,7 +8090,7 @@ proto_register_tcp(void)
"This was retransmitted on another subflow", HFILL }},
{ &hf_mptcp_analysis_subflows,
- { "TCP subflow stream id(s):", "mptcp.analysis.subflows", FT_NONE, BASE_NONE, NULL, 0x0,
+ { "TCP subflow stream id(s)", "mptcp.analysis.subflows", FT_STRING, BASE_NONE, NULL, 0x0,
"List all TCP connections mapped to this MPTCP connection", HFILL }},
{ &hf_mptcp_stream,
diff --git a/epan/dissectors/packet-tcp.h b/epan/dissectors/packet-tcp.h
index ac250d948e..21e6a61086 100644
--- a/epan/dissectors/packet-tcp.h
+++ b/epan/dissectors/packet-tcp.h
@@ -49,8 +49,11 @@ struct mptcpheader {
gboolean mh_mpc; /* true if seen an mp_capable option */
gboolean mh_join; /* true if seen an mp_join option */
gboolean mh_dss; /* true if seen a dss */
- gboolean mh_fastclose; /* true if seen a fastclose */
+ gboolean mh_add; /* true if seen an MP_ADD */
+ gboolean mh_remove; /* true if seen an MP_REMOVE */
+ gboolean mh_prio; /* true if seen an MP_PRIO */
gboolean mh_fail; /* true if seen an MP_FAIL */
+ gboolean mh_fastclose; /* true if seen a fastclose */
guint8 mh_capable_flags; /* to get hmac version for instance */
guint8 mh_dss_flags; /* data sequence signal flag */
@@ -332,6 +335,7 @@ typedef struct _tcp_flow_t {
gboolean valid_bif; /* if lost pkts, disable BiF until ACK is recvd */
guint32 push_bytes_sent; /* bytes since the last PSH flag */
gboolean push_set_last; /* tracking last time PSH flag was set */
+ guint8 mp_operations; /* tracking of the MPTCP operations */
tcp_analyze_seq_flow_info_t* tcp_analyze_seq_info;
@@ -378,6 +382,9 @@ struct mptcp_analysis {
/* identifier of the tcp stream that saw the initial 3WHS with MP_CAPABLE option */
struct tcp_analysis *master;
+
+ /* Keep track of the last TCP operations seen in order to avoid false DUP ACKs */
+ guint8 mp_operations;
};
struct tcp_analysis {

26
SOURCES/wireshark-0009-smc-support.patch → SOURCES/wireshark-0027-ibm-smc.patch
View File

@ -483,7 +483,7 @@ index 7096d1b0b0..bbfa9c07ef 100644
+ offset += FLAG_BYTE_LEN;
+ offset += TWO_BYTE_RESERVED;
+ proto_tree_add_item(tree, hf_smcd_accept_peer_name, tvb, offset, 32, ENC_ASCII | ENC_NA);
+ offset += 32;
+ /* offset += 32; */
+ }
+ }
+}
@ -552,7 +552,7 @@ index 7096d1b0b0..bbfa9c07ef 100644
+ offset += FLAG_BYTE_LEN;
+ offset += TWO_BYTE_RESERVED;
+ proto_tree_add_item(tree, hf_smcd_confirm_peer_name, tvb, offset, 32, ENC_ASCII | ENC_NA);
+ offset += 32;
+ /* offset += 32; */
+ }
+ }
}
@ -1655,28 +1655,6 @@ index 7096d1b0b0..bbfa9c07ef 100644
/*
diff --git a/epan/dissectors/packet-smc.c b/epan/dissectors/packet-smc.c
index bbfa9c07ef..0a4e96e055 100644
--- a/epan/dissectors/packet-smc.c
+++ b/epan/dissectors/packet-smc.c
@@ -592,7 +592,7 @@ disect_smcd_accept(tvbuff_t* tvb, proto_tree* tree)
offset += FLAG_BYTE_LEN;
offset += TWO_BYTE_RESERVED;
proto_tree_add_item(tree, hf_smcd_accept_peer_name, tvb, offset, 32, ENC_ASCII | ENC_NA);
- offset += 32;
+ /* offset += 32; */
}
}
}
@@ -661,7 +661,7 @@ disect_smcd_confirm(tvbuff_t* tvb, proto_tree* tree)
offset += FLAG_BYTE_LEN;
offset += TWO_BYTE_RESERVED;
proto_tree_add_item(tree, hf_smcd_confirm_peer_name, tvb, offset, 32, ENC_ASCII | ENC_NA);
- offset += 32;
+ /* offset += 32; */
}
}
}
diff --git a/epan/dissectors/packet-smc.c b/epan/dissectors/packet-smc.c
index 0a4e96e055..6ede4690db 100644
--- a/epan/dissectors/packet-smc.c
+++ b/epan/dissectors/packet-smc.c

23
SOURCES/wireshark-0028-find-libssh.patch Normal file
View File

@ -0,0 +1,23 @@
diff --git a/cmake/modules/FindLIBSSH.cmake b/cmake/modules/FindLIBSSH.cmake
index 46dbe04..65dd5d2 100644
--- a/cmake/modules/FindLIBSSH.cmake
+++ b/cmake/modules/FindLIBSSH.cmake
@@ -59,15 +59,15 @@ else ()
${LIBSSH_LIBRARY}
)
- file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh.h LIBSSH_VERSION_MAJOR
+ file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh_version.h LIBSSH_VERSION_MAJOR
REGEX "#define[ ]+LIBSSH_VERSION_MAJOR[ ]+[0-9]+")
# Older versions of libssh like libssh-0.2 have LIBSSH_VERSION but not LIBSSH_VERSION_MAJOR
if(LIBSSH_VERSION_MAJOR)
string(REGEX MATCH "[0-9]+" LIBSSH_VERSION_MAJOR ${LIBSSH_VERSION_MAJOR})
- file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh.h LIBSSH_VERSION_MINOR
+ file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh_version.h LIBSSH_VERSION_MINOR
REGEX "#define[ ]+LIBSSH_VERSION_MINOR[ ]+[0-9]+")
string(REGEX MATCH "[0-9]+" LIBSSH_VERSION_MINOR ${LIBSSH_VERSION_MINOR})
- file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh.h LIBSSH_VERSION_PATCH
+ file(STRINGS ${LIBSSH_INCLUDE_DIR}/libssh/libssh_version.h LIBSSH_VERSION_PATCH
REGEX "#define[ ]+LIBSSH_VERSION_MICRO[ ]+[0-9]+")
string(REGEX MATCH "[0-9]+" LIBSSH_VERSION_PATCH ${LIBSSH_VERSION_PATCH})
set(LIBSSH_VERSION ${LIBSSH_VERSION_MAJOR}.${LIBSSH_VERSION_MINOR}.${LIBSSH_VERSION_PATCH})

34
SOURCES/wireshark-0014-cve-2023-2858.patch → SOURCES/wireshark-0029-cve-2023-2858.patch
View File

@ -20,9 +20,30 @@ diff --git a/wiretap/netscaler.c b/wiretap/netscaler.c
index 8dcbd42a089..b94caca0869 100644
--- a/wiretap/netscaler.c
+++ b/wiretap/netscaler.c
@@ -641,6 +641,20 @@ static gboolean nstrace_dump(wtap_dumper *wdh, const wtap_rec *rec,
#define GET_READ_PAGE_SIZE(remaining_file_size) ((gint32)((remaining_file_size>NSPR_PAGESIZE)?NSPR_PAGESIZE:remaining_file_size))
#define GET_READ_PAGE_SIZEV3(remaining_file_size) ((gint32)((remaining_file_size>NSPR_PAGESIZE_TRACE)?NSPR_PAGESIZE_TRACE:remaining_file_size))
+/*
+ * Check whether we have enough room to retrieve the data in the caller.
+ * If not, we have a malformed file.
+ */
+static gboolean nstrace_ensure_buflen(nstrace_t* nstrace, guint offset, guint len, int *err, gchar** err_info)
+{
+ if (offset > nstrace->nstrace_buflen || nstrace->nstrace_buflen - offset < len) {
+ *err = WTAP_ERR_BAD_FILE;
+ *err_info = g_strdup("nstrace: malformed file");
+ return FALSE;
+ }
+ return TRUE;
+}
+
static guint64 ns_hrtime2nsec(guint32 tm)
{
guint32 val = tm & NSPR_HRTIME_MASKTM;
@@ -1114,13 +1114,13 @@ static gboolean nstrace_set_start_time(wtap *wth, int file_version, int *err,
#define PACKET_DESCRIBE(rec,buf,FULLPART,fullpart,ver,type,HEADERVER) \
#define PACKET_DESCRIBE(rec,FULLPART,fullpart,ver,type,HEADERVER) \
do {\
- nspr_pktrace##fullpart##_v##ver##_t *type = (nspr_pktrace##fullpart##_v##ver##_t *) &nstrace_buf[nstrace_buf_offset];\
/* Make sure the record header is entirely contained in the page */\
@ -65,7 +86,7 @@ index 8dcbd42a089..b94caca0869 100644
*err = WTAP_ERR_BAD_FILE;
@@ -1500,14 +1506,14 @@ static gboolean nstrace_read_v20(wtap *wth, wtap_rec *rec, Buffer *buf,
#define PACKET_DESCRIBE(rec,buf,FULLPART,ver,enumprefix,type,structname,HEADERVER)\
#define PACKET_DESCRIBE(rec,FULLPART,ver,enumprefix,type,structname,HEADERVER)\
do {\
- nspr_##structname##_t *fp = (nspr_##structname##_t *) &nstrace_buf[nstrace_buf_offset];\
/* Make sure the record header is entirely contained in the page */\
@ -80,14 +101,5 @@ index 8dcbd42a089..b94caca0869 100644
(rec)->rec_type = REC_TYPE_PACKET;\
TIMEDEFV##ver((rec),fp,type);\
FULLPART##SIZEDEFV##ver((rec),fp,ver);\
@@ -1615,7 +1621,6 @@ static gboolean nstrace_read_v30(wtap *wth, wtap_rec *rec, Buffer *buf,
g_free(nstrace_tmpbuff);
return FALSE;
}
-
hdp = (nspr_hd_v20_t *) &nstrace_buf[nstrace_buf_offset];
if (nspr_getv20recordsize(hdp) == 0) {
*err = WTAP_ERR_BAD_FILE;
--
GitLab

0
SOURCES/wireshark-0015-cve-2023-2856.patch → SOURCES/wireshark-0030-cve-2023-2856.patch
View File

64
SOURCES/wireshark-0031-cve-2023-0666.patch Normal file
View File

@ -0,0 +1,64 @@
From 28fdce547c417b868c521f87fb58f71ca6b1e3f7 Mon Sep 17 00:00:00 2001
From: Gerald Combs <gerald@wireshark.org>
Date: Thu, 18 May 2023 13:52:48 -0700
Subject: [PATCH] RTPS: Fixup our g_strlcpy dest_sizes
Use the proper dest_size in various g_strlcpy calls.
Fixes #19085
---
epan/dissectors/packet-rtps.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/epan/dissectors/packet-rtps.c b/epan/dissectors/packet-rtps.c
index 2884e86faa1..a39202952f6 100644
--- a/epan/dissectors/packet-rtps.c
+++ b/epan/dissectors/packet-rtps.c
@@ -4944,7 +4944,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
++tk_id;
}
- g_strlcpy(type_name, rtps_util_typecode_id_to_string(tk_id), 40);
+ g_strlcpy(type_name, rtps_util_typecode_id_to_string(tk_id), sizeof(type_name));
/* Structure of the typecode data:
*
@@ -5115,7 +5115,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
member_name, -1, NULL, ndds_40_hack);
}
/* Finally prints the name of the struct (if provided) */
- g_strlcpy(type_name, "}", 40);
+ g_strlcpy(type_name, "}", sizeof(type_name));
break;
} /* end of case UNION */
@@ -5286,7 +5286,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
}
}
/* Finally prints the name of the struct (if provided) */
- g_strlcpy(type_name, "}", 40);
+ g_strlcpy(type_name, "}", sizeof(type_name));
break;
}
@@ -5378,7 +5378,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
offset += 4;
alias_name = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, alias_name_length, ENC_ASCII);
offset += alias_name_length;
- g_strlcpy(type_name, alias_name, 40);
+ g_strlcpy(type_name, alias_name, sizeof(type_name));
break;
}
@@ -5413,7 +5413,7 @@ static gint rtps_util_add_typecode(proto_tree *tree, tvbuff_t *tvb, gint offset,
if (tk_id == RTI_CDR_TK_VALUE_PARAM) {
type_id_name = "valueparam";
}
- g_snprintf(type_name, 40, "%s '%s'", type_id_name, value_name);
+ g_snprintf(type_name, sizeof(type_name), "%s '%s'", type_id_name, value_name);
break;
}
} /* switch(tk_id) */
--
GitLab

13
SOURCES/wireshark-0017-cve-2023-2952.patch → SOURCES/wireshark-0032-cve-2023-2952.patch
View File

@ -57,18 +57,17 @@ index ef8437e9382..4c3713db94b 100644
tvbuff_t *xra_tlv_cw_info_tvb, *xra_tlv_ms_info_tvb, *xra_tlv_burst_info_tvb;
while (tlv_index < tlv_length) {
@@ -718,7 +718,7 @@ dissect_message_channel_mb(tvbuff_t * tvb, packet_info * pinfo, proto_tree* tree
if(packet_start_pointer_field_present) {
proto_tree_add_item_ret_uint (tree, hf_plc_mb_mc_psp, tvb, 1, 2, FALSE, &packet_start_pointer);
@@ -620,14 +620,14 @@ dissect_message_channel_mb(tvbuff_t * tvb, packet_info * pinfo, proto_tree* tree
/*If not present, this contains stuff from other packet. We can't do much in this case*/
if(packet_start_pointer_field_present) {
- guint16 docsis_start = 3 + packet_start_pointer;
+ unsigned docsis_start = 3 + packet_start_pointer;
while (docsis_start + 6 < remaining_length) {
if(docsis_start +6 < remaining_length) {
/*DOCSIS header in packet*/
guint8 fc = tvb_get_guint8(tvb,docsis_start + 0);
@@ -727,7 +727,7 @@ dissect_message_channel_mb(tvbuff_t * tvb, packet_info * pinfo, proto_tree* tree
docsis_start += 1;
continue;
if (fc == 0xFF) {
return;
}
- guint16 docsis_length = 256*tvb_get_guint8(tvb,docsis_start + 2) + tvb_get_guint8(tvb,docsis_start + 3);
+ unsigned docsis_length = 256*tvb_get_guint8(tvb,docsis_start + 2) + tvb_get_guint8(tvb,docsis_start + 3);

333
SPECS/wireshark.spec
View File

@ -1,13 +1,13 @@
%undefine __cmake_in_source_build
%global with_lua 1
%global with_portaudio 1
%global with_maxminddb 1
%global plugins_version 3.4
%global plugins_version 2.6
Summary: Network traffic analyzer
Name: wireshark
Version: 3.4.10
Release: 7%{?dist}
Epoch: 1
Version: 2.6.2
Release: 17%{?dist}
Epoch: 1
License: GPL+
Url: http://www.wireshark.org/
@ -16,27 +16,57 @@ Source1: https://www.wireshark.org/download/src/all-versions/SIGNATURES-%
Source2: 90-wireshark-usbmon.rules
# Fedora-specific
Patch0002: wireshark-0002-Customize-permission-denied-error.patch
%if %{with_lua} && 0%{?fedora}
Patch1: wireshark-0001-enable-Lua-support.patch
%endif
# Fedora-specific
Patch2: wireshark-0002-Customize-permission-denied-error.patch
# Will be proposed upstream
Patch0003: wireshark-0003-fix-string-overrun-in-plugins-profinet.patch
Patch3: wireshark-0003-fix-string-overrun-in-plugins-profinet.patch
# Fedora-specific
Patch0004: wireshark-0004-Restore-Fedora-specific-groups.patch
Patch4: wireshark-0004-Restore-Fedora-specific-groups.patch
# Fedora-specific
Patch0005: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch
Patch5: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch
# Fedora-specific
Patch0006: wireshark-0006-Move-tmp-to-var-tmp.patch
Patch0007: wireshark-0007-cmakelists.patch
#Patch0008: wireshark-0008-move-glib.patch
Patch0009: wireshark-0009-smc-support.patch
Patch0010: wireshark-0010-fips-ripemd160.patch
Patch0011: wireshark-0011-cve-2022-3190.patch
Patch0012: wireshark-0012-cve-2023-0668.patch
Patch0013: wireshark-0013-cve-2023-0666.patch
Patch0014: wireshark-0014-cve-2023-2858.patch
Patch0015: wireshark-0015-cve-2023-2856.patch
Patch0016: wireshark-0016-cve-2023-2855.patch
Patch0017: wireshark-0017-cve-2023-2952.patch
Patch0018: wireshark-0018-sync-pipe-stderr-messages.patch
Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch
Patch7: wireshark-0007-cmakelists.patch
#Various CVEs in RHEL-8
Patch8: wireshark-0008-CVE-2018-16056.patch
Patch9: wireshark-0009-CVE-2018-16057.patch
Patch10: wireshark-0010-CVE-2018-16058.patch
Patch11: wireshark-0011-tshark-missing-N-option.patch
#CVEs backported from wireshark-2.6.4
Patch12: wireshark-0012-CVE-12086.patch
Patch13: wireshark-0013-CVE-18225.patch
Patch14: wireshark-0014-CVE-18226.patch
Patch15: wireshark-0015-CVE-18227.patch
#CVEs backported from wireshark-2.6.5
Patch16: wireshark-0016-CVE-19622.patch
Patch17: wireshark-0017-CVE-19623.patch
Patch18: wireshark-0018-CVE-19624.patch
Patch19: wireshark-0019-CVE-19625.patch
Patch20: wireshark-0020-CVE-19626.patch
Patch21: wireshark-0021-CVE-19627.patch
Patch22: wireshark-0022-CVE-19628.patch
#Removing deprecated word Application from .desktop file
Patch23: wireshark-0023-desktop-file.patch
#Fixing a couple of issues found by covscan
Patch24: wireshark-0024-covscan.patch
Patch25: wireshark-0025-drop-count.patch
Patch26: wireshark-0026-mptcp.patch
Patch27: wireshark-0027-ibm-smc.patch
#Change in libssh header files forces a different technique on finding definitons
Patch28: wireshark-0028-find-libssh.patch
Patch29: wireshark-0029-cve-2023-2858.patch
Patch30: wireshark-0030-cve-2023-2856.patch
Patch31: wireshark-0031-cve-2023-0666.patch
Patch32: wireshark-0032-cve-2023-2952.patch
#install tshark together with wireshark GUI
Requires: %{name}-cli = %{epoch}:%{version}-%{release}
@ -44,7 +74,11 @@ Requires: %{name}-cli = %{epoch}:%{version}-%{release}
Requires: xdg-utils
Requires: hicolor-icon-theme
%if %{with_maxminddb} && 0%{?fedora}
%if %{with_portaudio} && 0%{?fedora}
Requires: portaudio
BuildRequires: portaudio-devel
%endif
%if %{with_maxminddb}
Requires: libmaxminddb
%endif
@ -54,6 +88,7 @@ BuildRequires: elfutils-devel
BuildRequires: gcc-c++
BuildRequires: glib2-devel
BuildRequires: gnutls-devel
BuildRequires: gtk3-devel
BuildRequires: krb5-devel
BuildRequires: libcap-devel
BuildRequires: libgcrypt-devel
@ -69,8 +104,7 @@ BuildRequires: flex
BuildRequires: pcre-devel
BuildRequires: perl(Pod::Html)
BuildRequires: perl(Pod::Man)
BuildRequires: perl(open)
Buildrequires: libssh-devel
Buildrequires: libssh-devel
BuildRequires: qt5-linguist
BuildRequires: qt5-qtbase-devel
BuildRequires: qt5-qtmultimedia-devel
@ -85,10 +119,6 @@ BuildRequires: compat-lua-devel
Buildrequires: git
Buildrequires: python3-devel
Buildrequires: cmake
#needed for sdjournal external capture interface
BuildRequires: systemd-devel
BuildRequires: libnghttp2-devel
Obsoletes: wireshark-qt, wireshark-gtk
%description
@ -113,11 +143,8 @@ Wireshark.
%package devel
Summary: Development headers and libraries for wireshark
Requires: %{name} = %{epoch}:%{version}-%{release}
Requires: %{name}-cli = %{epoch}:%{version}-%{release}
Requires: glibc-devel
Requires: glib2-devel
Requires: %{name} = %{epoch}:%{version}-%{release} glibc-devel glib2-devel
Requires: wireshark-cli = %{epoch}:%{version}-%{release}
%description devel
The wireshark-devel package contains the header files, developer
@ -132,29 +159,33 @@ and plugins.
%cmake -G "Unix Makefiles" \
-DDISABLE_WERROR=ON \
-DBUILD_wireshark=ON \
-DENABLE_QT5=ON \
%if %{with_lua} && 0%{?fedora}
-DENABLE_LUA=ON \
%else
-DENABLE_LUA=OFF \
%endif
%if %{with_maxminddb} && 0%{?fedora}
%if %{with_maxminddb}
-DBUILD_mmdbresolve=ON \
%else
-DBUILD_mmdbresolve=OFF \
%endif
-DBUILD_randpktdump=OFF \
-DBUILD_androiddump=ON \
-DBUILD_androiddump=OFF \
-DENABLE_SMI=ON \
%if %{with_portaudio} && 0%{?fedora}
-DENABLE_PORTAUDIO=ON \
%else
-DENABLE_PORTAUDIO=OFF \
%endif
-DENABLE_PLUGINS=ON \
-DENABLE_NETLINK=ON \
-DBUILD_dcerpcidl2wrs=OFF \
-DBUILD_sdjournal=ON \
%{nil}
-DBUILD_dcerpcidl2wrs=OFF
%cmake_build
make %{?_smp_mflags}
%install
%cmake_install
make DESTDIR=%{buildroot} install
desktop-file-validate %{buildroot}%{_datadir}/applications/wireshark.desktop
@ -170,7 +201,7 @@ mkdir -p "${IDIR}/epan/wmem"
mkdir -p "${IDIR}/wiretap"
mkdir -p "${IDIR}/wsutil"
mkdir -p %{buildroot}%{_udevrulesdir}
install -m 644 %{_vpath_builddir}/config.h epan/register.h "${IDIR}/"
install -m 644 config.h epan/register.h "${IDIR}/"
install -m 644 cfile.h file.h "${IDIR}/"
install -m 644 ws_symbol_export.h "${IDIR}/"
install -m 644 epan/*.h "${IDIR}/epan/"
@ -189,19 +220,30 @@ touch %{buildroot}%{_bindir}/%{name}
# Remove libtool archives and static libs
find %{buildroot} -type f -name "*.la" -delete
#fix multilib install of devel pkg in wireshark-2.6.2(fixed in 3.0.0)
mv %{buildroot}%{_includedir}/wireshark/config.h \
%{buildroot}%{_includedir}/wireshark/config-%{__isa_bits}.h
cat > %{buildroot}%{_includedir}/wireshark/config.h << EOF
#include <bits/wordsize.h>
#if __WORDSIZE == 32
#include <wireshark/config-32.h>
#elif __WORDSIZE == 64
#include <wireshark/config-64.h>
#else
#error "Unknown word size"
#endif
EOF
%pre cli
getent group wireshark >/dev/null || groupadd -r wireshark
getent group usbmon >/dev/null || groupadd -r usbmon
%post cli
%{?ldconfig}
# skip triggering if udevd isn't even accessible, e.g. containers or
# rpm-ostree-based systems
if [ -S /run/udev/control ]; then
/usr/bin/udevadm trigger --subsystem-match=usbmon
fi
/sbin/ldconfig
/usr/bin/udevadm trigger --subsystem-match=usbmon
%ldconfig_postun cli
%postun cli -p /sbin/ldconfig
%files
%{_datadir}/appdata/%{name}.appdata.xml
@ -224,7 +266,7 @@ fi
%{_bindir}/sharkd
%{_bindir}/text2pcap
%{_bindir}/tshark
%if %{with_maxminddb} && 0%{?fedora}
%if %{with_maxminddb}
%{_bindir}/mmdbresolve
%endif
%attr(0750, root, wireshark) %caps(cap_net_raw,cap_net_admin=ep) %{_bindir}/dumpcap
@ -237,16 +279,8 @@ fi
%{_libdir}/wireshark/extcap/ciscodump
%{_libdir}/wireshark/extcap/udpdump
%{_libdir}/wireshark/extcap/sshdump
%{_libdir}/wireshark/extcap/sdjournal
%{_libdir}/wireshark/extcap/dpauxmon
%{_libdir}/wireshark/extcap/androiddump
%dir %{_libdir}/wireshark/cmake
%{_libdir}/wireshark/cmake/*.cmake
%{_libdir}/wireshark/*.cmake
#the version wireshark uses to store plugins is only x.y, not .z
%dir %{_libdir}/wireshark/plugins/%{plugins_version}
%dir %{_libdir}/wireshark/plugins/%{plugins_version}/epan
%dir %{_libdir}/wireshark/plugins/%{plugins_version}/wiretap
%dir %{_libdir}/wireshark/plugins/%{plugins_version}/codecs
%{_libdir}/wireshark/plugins/%{plugins_version}/epan/*.so
%{_libdir}/wireshark/plugins/%{plugins_version}/wiretap/*.so
%{_libdir}/wireshark/plugins/%{plugins_version}/codecs/*.so
@ -267,15 +301,12 @@ fi
%{_mandir}/man1/captype.*
%{_mandir}/man1/ciscodump.*
%{_mandir}/man1/randpktdump.*
%{_mandir}/man1/dpauxmon.*
%{_mandir}/man1/sdjournal.*
%{_mandir}/man4/extcap.*
%if %{with_maxminddb} && 0%{?fedora}
%if %{with_maxminddb}
%{_mandir}/man1/mmdbresolve.*
%endif
%dir %{_datadir}/wireshark
%{_datadir}/wireshark/*
%{_docdir}/wireshark/*.html
%files devel
%doc doc/README.* ChangeLog
@ -284,163 +315,72 @@ fi
%{_libdir}/pkgconfig/%{name}.pc
%changelog
* Wed Jul 17 2024 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-7
- Resolves: RHEL-14596 - Wireshark hangs if dumpcap returned unexpected messages in sync pipe.
* Fri Jun 30 2023 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-17
- Resolves: #2211412 - XRA dissector infinite loop
* Mon Jun 19 2023 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-6
- Resolves: #2211413 - XRA dissector infinite loop
* Wed Jun 14 2023 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-16
- Resolves: #2210866 - VMS TCPIPtrace file parser crash
- Resolves: #2210867 - NetScaler file parser crash
- Resolves: #2210869 - RTPS dissector crash
* Wed Jun 07 2023 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-5
- Resolves: #2210864 - Candump log file parser crash
Resolves: #2210865 - VMS TCPIPtrace file parser crash
Resolves: #2210868 - NetScaler file parser crash
Resolves: #2210870 - RTPS dissector crash
Resolves: #2210871 - IEEE C37.118 Synchrophasor dissector crash
* Wed Aug 24 2022 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-15
- Resolves: #2119126 - Wireshark source rpm fails to build due to looking for incorrect libssh header files
* Fri Jan 20 2023 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-4
- Resolves: #2152064 - CVE-2022-3190 wireshark: f5ethtrailer Infinite loop in legacy style dissector
* Mon Apr 19 2021 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-14
- Resolves: #1851465 - [IBM 8.5 FEAT] wireshark: Update to include SMC support
* Thu Jan 19 2023 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-3
- Resolves: #2083581 - capinfos aborts in FIPS
* Tue Apr 13 2021 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-13
- Resolves: #1934617 - [RFE] better MPTCP dissection support
* Thu Jan 19 2023 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-2
- Resolves: #2160648 - Enhanced TMT testing for centos-stream
* Tue Oct 29 2019 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-12
- Resolves: #1609737 - wiretap does not write "drop_count" in pcapng format
* Thu Dec 16 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.10-1
- Resolves: #2032966 - Rebase wireshark to fix multiple CVEs
* Mon Apr 29 2019 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-11
- Related: #1602731 - Fixing multilib problem in devel subpackage
* Mon Aug 16 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.7-3
- Resolves: #1988120 - Enable LTO build of wireshark for RHEL 9
* Thu Apr 25 2019 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-10
- Resolves: #1602731 - Please review important issues found by covscan
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.4.7-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Sun Dec 16 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-9
- Related: #1642919 - Fixing RPMDiff errors
* Tue Jul 20 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.7-1
- Related: #1967546 - Rebase wireshark to latest version
* Tue Dec 11 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-8
- Related: #1642919 - changing wrong commit message
* Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.4.6-2
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Mon Dec 10 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-7
- Resolves: #1642919 - CVE-2018-12086, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227
- Resolves: #1656342 - CVE-2018-19623
- Resolves: #1657634 - CVE-2018-19625
- Resolves: #1657211 - CVE-2018-19626
- Resolves: #1657184 - CVE-2018-19627
- Resolves: #1657190 - CVE-2018-19628
- fixes CVE-2018-19622, CVE-2018-19624
* Fri Jun 11 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.6-1
- Related: #1967546 - Rebase wireshark to latest version
* Mon Nov 12 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-6
- Resolves: #1584214 - tshark does accept -N v while it shouldn't
* Thu Jun 03 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.5-1
- Resolves: #1967546 - Rebase wireshark to latest version
* Thu Sep 27 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-5
- Resolves: #1625926 - fixes CVE-2018-16056, CVE-2018-16057, CVE-2018-16058
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.4.4-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Mon Aug 27 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-4
- Resolves: #1618380 - Rebuild wireshark using libssh-0.8 for RHEL8
* Tue Mar 16 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.4-1
- New version 3.4.4
- Fix for CVE-2021-22191
* Mon Aug 13 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-3
- Resolves: #1615412 - FTBFS: wireshark fails to build
* Tue Feb 23 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.3-3
- Adding more commits to make SMC complete
* Mon Feb 22 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.3-2
- Adding SMC-R, SMC-D and SMC-D v2
* Tue Feb 16 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.3-1
- New version 3.4.3
- Fix for CVE-2021-22173, CVE-2021-22174
* Fri Jan 29 2021 Michal Ruprich <mruprich@redhat.com> - 1:3.4.2-1
- New version 3.4.2
- Fix for CVE-2020-26418, CVE-2020-26419, CVE-2020-26420, CVE-2020-26421
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Dec 02 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.4.0-1
- New version 3.4.0
- Fix for CVE-2020-26575, CVE-2020-28030
* Fri Oct 09 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.7-1
- New version 3.2.7
- Fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866
* Thu Sep 10 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.6-2
- Temprorarily disabling LTO build due to errors in libqt5core
* Wed Aug 19 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.6-1
- New version 3.2.6
- Fix for CVE-2020-17498
* Thu Jul 30 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.5-3
- Adding ownership for dirs created by wireshark (rhbz#1860650)
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.2.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu Jul 02 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.5-1
- New version 3.2.5
* Fri May 22 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.4-1
- New version 3.2.4
- Enabling build with androiddump (rhbz#1834367)
* Mon Apr 13 2020 Gwyn Ciesla <gwync@protonmail.com> - 1:3.2.3-1
- 3.2.3
* Fri Apr 03 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.2-1
- New version 3.2.2
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Dec 19 2019 Michal Ruprich <mruprich@redhat.com> - 1:3.2.0-1
- New version 3.2.0
* Wed Oct 30 2019 Michal Ruprich <mruprich@redhat.com> - 1:3.0.5-1
- New version 3.0.5
* Tue Aug 20 2019 Michal Ruprich <mruprich@redhat.com> - 1:3.0.3-1
- New version 3.0.3
- Fixes CVE-2019-13619
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Tue Apr 09 2019 Michal Ruprich <mruprich@redhat.com> - 1:3.0.1-1
- New version 3.0.1
- Fixes CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10897, CVE-2019-10898, CVE-2019-10899, CVE-2019-10900, CVE-2019-10901, CVE-2019-10902, CVE-2019-10903
* Mon Mar 11 2019 Michal Ruprich <mruprich@redhat.com> - 1:3.0.0-1
- New version 3.0.0
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.6.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 21 2019 Michal Ruprich <mruprich@redhat.com> - 1:2.6.6-1
- New version 2.6.6
- Contains fixes for CVE-2019-5716, CVE-2019-5717, CVE-2019-5718, CVE-2019-5719
- Add explicit curdir on CMake invokation
* Wed Jan 02 2019 Michal Ruprich <mruprich@redhat.com> - 1:2.6.5-2
- Adding libnghttp2-devel as BuildRequires - needed for HTTP2 support(rhbz#1512722)
* Mon Dec 10 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.5-1
- New version 2.6.5
- Contains fixes for CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628
* Mon Nov 12 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.4-1
- New version 2.6.4
- Contains fixes for CVE-2018-16056, CVE-2018-16057, CVE-2018-16058
* Thu Aug 02 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-2
- Turning on build with libmaxminddb (rhbz#1607934)
* Mon Jul 23 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.2-1
- New version 2.6.2
- Contains fixes for CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.6.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Jul 11 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.1-2
- Fixing build error with newer qt5 version
* Thu May 24 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.1-1
- New version 2.6.1
- Contains fixes for multiple CVEs
* Tue May 15 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.6.0-2
- Added Obsoletes for wireshark-qt and wireshark-gtk
@ -453,8 +393,9 @@ fi
- Removed python scripts
* Thu Mar 15 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.4.5-2
- Removing dependency on wireshark from wireshark-cli (rhbz#1554818)
- Removing dependency on wireshark from wireshark-cli
- Removing deprecated Group tags
- Disabling portaudio on RHEL (rhbz#1554834)
* Fri Mar 09 2018 Michal Ruprich <mruprich@redhat.com> - 1:2.4.5-1
- New upstream version 2.4.5