wireshark/wireshark-0008-CVE-2018-16056.patch

87 lines
5.3 KiB
Diff

diff --git a/epan/dissectors/packet-btatt.c b/epan/dissectors/packet-btatt.c
index 803ed14f92..10375c0046 100644
--- a/epan/dissectors/packet-btatt.c
+++ b/epan/dissectors/packet-btatt.c
@@ -4205,6 +4205,19 @@ dissect_handle(proto_tree *tree, packet_info *pinfo, gint hf,
static gint
btatt_dissect_attribute_handle(guint16 handle, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, btatt_data_t *att_data);
+static int
+btatt_call_dissector_by_dissector_name_with_data(const char *dissector_name,
+ tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
+{
+ dissector_handle_t handle;
+
+ handle = find_dissector(dissector_name);
+ if (handle != NULL)
+ return call_dissector_with_data(handle, tvb, pinfo, tree, data);
+ else
+ return call_data_dissector(tvb, pinfo, tree);
+}
+
static gint
dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *pinfo, tvbuff_t *old_tvb,
gint old_offset, gint length, guint16 handle, bluetooth_uuid_t uuid, btatt_data_t *att_data)
@@ -4728,7 +4741,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
proto_tree_add_item(tree, hf_btatt_value_trigger_setting_analog, tvb, offset, 2, ENC_LITTLE_ENDIAN);
offset += 2;
} else if (value == 4) {
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a56"), tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a56", tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
offset += 1;
} else if (value == 5 || value == 6) {
proto_tree_add_item(tree, hf_btatt_value_trigger_setting_analog_one, tvb, offset, 2, ENC_LITTLE_ENDIAN);
@@ -6443,10 +6456,10 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
if (bluetooth_gatt_has_no_parameter(att_data->opcode))
break;
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a56"), tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a56", tvb_new_subset_length_caplen(tvb, offset, 1, 1), pinfo, tree, att_data);
offset += 1;
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a58"), tvb_new_subset_length_caplen(tvb, offset, 2, 2), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a58", tvb_new_subset_length_caplen(tvb, offset, 2, 2), pinfo, tree, att_data);
offset += 2;
break;
@@ -6543,7 +6556,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
sub_item = proto_tree_add_item(tree, hf_btatt_plx_spot_check_measurement_timestamp, tvb, offset, 7, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_btatt_value);
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
offset += 7;
}
@@ -9116,7 +9129,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
sub_item = proto_tree_add_item(tree, hf_btatt_ots_object_first_created, tvb, offset, 7, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_btatt_value);
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
offset += 7;
break;
@@ -9135,7 +9148,7 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
sub_item = proto_tree_add_item(tree, hf_btatt_ots_object_last_modified, tvb, offset, 7, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_btatt_value);
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, sub_tree, att_data);
offset += 7;
break;
@@ -9342,10 +9355,10 @@ dissect_attribute_value(proto_tree *tree, proto_item *patron_item, packet_info *
break;
case 0x06: /* Created Between */
case 0x07: /* Modified Between */
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
offset += 7;
- call_dissector_with_data(find_dissector("btgatt.uuid0x2a08"), tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
+ btatt_call_dissector_by_dissector_name_with_data("btgatt.uuid0x2a08", tvb_new_subset_length_caplen(tvb, offset, 7, 7), pinfo, tree, att_data);
offset += 7;
break;