Commit 8eae1a6b authored by Balint Reczey's avatar Balint Reczey Committed by Mati

Imported Debian patch 1.8.2-2

parent cd7f4e23
I. Capturing packets with Wireshark/Tshark
There are two ways of installing Wireshark/Tshark on Debian:
I./a. Installing dumpcap without allowing non-root users to capture packets
Only root user will be able to capture packets. It is advised to capture
packets with the bundled dumpcap program as root and then run
Wireshark/Tshark as an ordinary user to analyze the captured logs. [2]
This is the default on Debian systems.
I./b. Installing dumpcap and allowing non-root users to capture packets
Members of the wireshark group will be able to capture packets on network
interfaces. This is the preferred way of installation if Wireshark/Tshark
will be used for capturing and displaying packets at the same time, since
that way only the dumpcap process has to be run with elevated privileges
thanks to the privilege separation[1].
Note that no user will be added to group wireshark automatically, the
system administrator has to add them manually.
The additional privileges are provided using the Linux Capabilities
system where it is available and resort to setting the set-user-id bit
of the dumpcap binary as a fall-back, where the Linux Capabilities system
is not present (Debian GNU/kFreeBSD, Debian GNU/Hurd).
Linux kernels provided by Debian support Linux Capabilities, but custom
built kernels may lack this support. If the support for Linux
Capabilities is not present at the time of installing wireshark-common
package, the installer will fall back to set the set-user-id bit to
allow non-root users to capture packets.
If installation succeeds with using Linux Capabilities, non-root users
will not be able to capture packets while running kernels not supporting
Linux Capabilities.
Note that capturing USB packets is not enabled for non-root users by using
Linux Capabilities. You have to capture the packets using the method
described in I./a., setting the set-user-id permanently using
dpkg-statoverride or running Wireshark as root.
The installation method can be changed any time by running:
dpkg-reconfigure wireshark-common
II. Installing SNMP MIBs
SNMP [4] OIDs can be decoded using MIBs provided by other packages.
wireshark-common suggests snmp-mibs-downloader which package can be used to
download a set of common MIBs Wireshark/Tshark tries to load at startup.
At the time of writing, MIBs are distributed under DFSG incompatible terms
[5] thus snmp-mibs-downloader has to be in the non-free archive area.
To keep wireshark in the main area [7], wireshark-common does not depend on
or recommend snmp-mibs-downloader and as a result snmp-mibs-downloader is
not installed automatically with wireshark.
To make Wireshark/Tshark able to decode OIDs, please install
snmp-mibs-downloader manually.
To help Wireshark/Tshark to decode OIDs without having to install packages
manually, please support the initiative of requesting additional rights
from RFC authors [5].
[1] http://wiki.wireshark.org/Development/PrivilegeSeparation
[2] http://wiki.wireshark.org/CaptureSetup/CapturePrivileges
[3] https://blog.wireshark.org/2010/02/running-wireshark-as-you
[4] http://wiki.wireshark.org/SNMP
[5] http://wiki.debian.org/NonFreeIETFDocuments
[6] http://www.debian.org/doc/debian-policy/ch-archive.html#s-non-free
[7] http://www.debian.org/doc/debian-policy/ch-archive.html#s-main
Handling security fixes in source package wireshark
Wireshark is a network protocol analyzer and it's ability to perform deep
packet inspection in live traffic may encourage users to use Wireshark/Tshark
as a part of an intrusion detection or traffic monitoring system.
In that case, please note that Wireshark/Tshark may contain remotely
triggerable bugs causing crashes or allowing code injection.
Bugs allowing code injection will be fixed in regular Debian Security
Advisories, but fixes for pure crash bugs may be delayed.
-- Balint Reczey <balint@balintreczey.hu> Fri, 10 Jul 2009 15:38:33 +0200
This diff is collapsed.
This diff is collapsed.
......@@ -27,7 +27,7 @@ Wireshark is copyright (c) 1998-2006 Gerald Combs.
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
On Debian systems the GNU GPL may be viewed in /usr/share/common-licenses/GPL.
On Debian systems the GNU GPL (v2) may be viewed in /usr/share/common-licenses/GPL-2.
Wireshark and the "fin" logo are trademarks of Gerald Combs.
......@@ -68,6 +68,7 @@ LGPL
mkstemp.c: LGPL, from GNU C Library
mkstemp.h: idem
strcasecmp.c: idem
strncasecmp.c: idem
strptime.c: idem
ps.c: idem
......
usr/bin
usr/share/lintian/overrides
wireshark (0.99.2-1) unstable; urgency=low
Same developers, same code, different name. The Ethereal network protocol
analyzer has changed its name to Wireshark.
Name changes:
- ethereal -> wireshark
- tethereal -> tshark
- idl2eth -> idl2wrs
See http://www.wireshark.org/news/20060607.html for more information.
-- Frederic Peters <fpeters@debian.org> Thu, 12 Oct 2006 15:35:25 +0200
/usr/share/wireshark/*
/etc/wireshark/init.lua
/usr/lib/libwireshark.so
/usr/include/wireshark/*.h
/usr/include/wireshark/epan/*
color.h
config.h
register.h
epan/*.h
epan/crypt/*.h
epan/dfilter/*.h
epan/dissectors/*.h
epan/ftypes/*.h
/usr/lib/libwireshark.so.2
/usr/lib/libwireshark.so.2.*
/usr/lib/wireshark/libwireshark2/plugins/*.so
libwireshark2 binary: hardening-no-stackprotector usr/lib/wireshark/libwireshark2/plugins/coseventcomm.so
libwireshark2 binary: hardening-no-stackprotector usr/lib/wireshark/libwireshark2/plugins/cosnaming.so
libwireshark2 binary: hardening-no-stackprotector usr/lib/wireshark/libwireshark2/plugins/docsis.so
libwireshark2 binary: hardening-no-stackprotector usr/lib/wireshark/libwireshark2/plugins/interlink.so
libwireshark2 binary: hardening-no-stackprotector usr/lib/wireshark/libwireshark2/plugins/m2m.so
libwireshark2 binary: hardening-no-stackprotector usr/lib/wireshark/libwireshark2/plugins/parlay.so
libwireshark2 binary: hardening-no-stackprotector usr/lib/wireshark/libwireshark2/plugins/stats_tree.so
libwireshark2 binary: hardening-no-stackprotector usr/lib/wireshark/libwireshark2/plugins/tango.so
libwireshark2 binary: hardening-no-stackprotector usr/lib/wireshark/libwireshark2/plugins/unistim.so
libwireshark2 binary: hardening-no-fortify-functions usr/lib/wireshark/libwireshark2/plugins/unistim.so
libwireshark2 binary: hardening-no-stackprotector usr/lib/wireshark/libwireshark2/plugins/wimax.so
libwireshark2 binary: hardening-no-fortify-functions usr/lib/wireshark/libwireshark2/plugins/wimax.so
libwireshark 2 libwireshark2 (>= 1.8.0~rc1-1)
/usr/lib/libwiretap.so
/usr/include/wireshark/wiretap/*
/usr/lib/libwiretap.so.2
/usr/lib/libwiretap.so.2.*
libwiretap 2 libwiretap2 (>= 1.8.0~rc1-1)
/usr/lib/libwsutil.so
/usr/include/wireshark/wsutil/*
/usr/lib/libwsutil.so.2
/usr/lib/libwsutil.so.2.0.0
libwsutil2 binary: hardening-no-stackprotector usr/lib/libwsutil.so.2.0.0
libwsutil 2 libwsutil2 (>= 1.8.0~rc1-1)
Wireshark is distributed under the GNU GPL version 2. There are no
restrictions on its use. There are significant restrictions on its
distribution.
Parts of Wireshark can be built and distributed as libraries. These
parts are still covered by the GPL, and NOT by the Lesser General Public
License or any other license.
If you create a combined work using all or part of Wireshark, then your
combined work must be released under a license compatible with the GPL.
...and don't get us started on trademarks.
The full text of the GNU GPL may be viewed in
/usr/share/common-licenses/GPL-2.
This diff is collapsed.
This diff is collapsed.
Description: Use Debian sensible-browser
Forwarded: not-needed
Author: Frederic Peters <fpeters@debian.org>
--- a/epan/prefs.c
+++ b/epan/prefs.c
@@ -1253,7 +1253,7 @@
prefs.gui_ask_unsaved = TRUE;
prefs.gui_find_wrap = TRUE;
prefs.gui_use_pref_save = FALSE;
- prefs.gui_webbrowser = g_strdup(HTML_VIEWER " %s");
+ prefs.gui_webbrowser = g_strdup("sensible-browser %s");
prefs.gui_window_title = g_strdup("");
prefs.gui_start_title = g_strdup("The World's Most Popular Network Protocol Analyzer");
prefs.gui_version_in_start_page = TRUE;
Description: Use lex/yacc from ply
Forwarded: not-needed
Bug-Debian: http://bugs.debian.org/554613
Author: Jakub Wilk <ubanus@users.sf.net>
--- a/tools/asn2wrs.py
+++ b/tools/asn2wrs.py
@@ -47,8 +47,8 @@
import getopt
import traceback
-import lex
-import yacc
+from ply import lex
+from ply import yacc
from string import maketrans
Description: Note about README.Debian when running wireshark as root.
Forwarded: not-needed
Author: Balint Reczey <balint@balintreczey.hu>
--- ./ui/gtk/main.c.orig 2012-06-05 18:33:15.000000000 +0200
+++ ./ui/gtk/main.c 2012-06-07 01:13:54.000000000 +0200
@@ -2069,7 +2069,7 @@
"This could be dangerous.\n\n"
"If you're running Wireshark this way in order to perform live capture, "
"you may want to be aware that there is a better way documented at\n"
- "http://wiki.wireshark.org/CaptureSetup/CapturePrivileges", cur_user, cur_group);
+ "/usr/share/doc/wireshark-common/README.Debian", cur_user, cur_group);
g_free(cur_user);
g_free(cur_group);
simple_dialog_check_set(priv_warning_dialog, "Don't show this message again.");
Description: Don't regenerate svnversion.h
Forwarded: not-needed
Author: Balint Reczey <balint@balintreczey.hu>
Index: ./Makefile.am
===================================================================
--- ./Makefile.am (revision 37943)
+++ ./Makefile.am (working copy)
@@ -474,7 +474,7 @@
# FORCE is the portable version of .PHONY
FORCE:
-svnversion.h: FORCE
+svnversion.h:
$(PERL) $(srcdir)/make-version.pl $(srcdir)
#
Description: Change Icon and Categories for desktop file
Forwarded: not-needed
Author: <fred@candle>
Index: b/wireshark.desktop
===================================================================
--- a/wireshark.desktop 2010-02-15 17:23:17.000000000 +0100
+++ b/wireshark.desktop 2010-02-15 17:24:59.000000000 +0100
@@ -68,11 +68,12 @@
Comment[fi]=Verkkoliikenne analysaattori
Comment[fr]=Analyseur de trafic réseau
Comment[sv]=Nätverkstrafikanalysator
-Icon=wireshark.png
+Icon=wireshark
TryExec=wireshark
Exec=wireshark %f
Terminal=false
MimeType=application/vnd.tcpdump.pcap;
# Categorie entry according to version 1.0 of
# http://www.freedesktop.org/wiki/Specifications/menu-spec
-Categories=System;Monitor;GTK;
+Categories=GNOME;Network;
+Encoding=UTF-8
Description: Do not try to locate wireshark_be.py and wireshark_gen.py in
non-standard places.
Author: Frederic Peters <fpeters@debian.org>
Index: b/tools/idl2wrs
===================================================================
--- a/tools/idl2wrs 2010-02-15 17:23:17.000000000 +0100
+++ b/tools/idl2wrs 2010-02-15 17:24:59.000000000 +0100
@@ -48,40 +48,6 @@
exit 1;
fi
-#
-# Run wireshark backend, looking for wireshark_be.py and wireshark_gen.py
-# in pythons's "site-packages" directory. If cannot find that, then
-# try looking in current directory. If still cannot, then exit with
-# error.
-
-if [ -f $PYTHONPATH/site-packages/wireshark_be.py ] && [ -f $PYTHONPATH/site-packages/wireshark_gen.py ]; then
- exec omniidl -p $PYTHONPATH/site-packages -b wireshark_be $@
- /* not reached */
-fi
-
-# Try current directory.
-
-if [ -f ./wireshark_be.py ] && [ -f ./wireshark_gen.py ]; then
- exec omniidl -p ./ -b wireshark_be $@
- /* not reached */
-fi
-
-# Could not find both wireshark_be.py AND wireshark_gen.py
-# So let's just try to run it without -p, hoping that the installation
-# set up a valid path.
exec omniidl -b wireshark_be $@
-old code: not reached
-
-echo "idl2wrs Error: Could not find both wireshark_be.py AND wireshark_gen.py."
-echo "Please ensure you have the PYTHONPATH variable set, or that wireshark_be.py "
-echo "and wireshark_gen.py exist in the current directory. "
-echo
-echo "On this system, PYTHONPATH is : $PYTHONPATH"
-echo
-
-exit 2
-
-
-
Description: Change location of license file in about dialog
Forwarded: not-needed
Author: Frederic Peters <fpeters@debian.org>
--- a/ui/gtk/about_dlg.c
+++ b/ui/gtk/about_dlg.c
@@ -478,7 +478,7 @@
#if defined(_WIN32)
absolute_path = get_datafile_path("COPYING.txt");
#else
- absolute_path = get_datafile_path("COPYING");
+ absolute_path = get_datafile_path("ABOUT.GPL");
#endif
page = text_page_new(absolute_path);
From a98fae4a9fafb9fac459d67d13525af5e726fbca Mon Sep 17 00:00:00 2001
From: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Date: Sun, 12 Aug 2012 15:08:00 +0000
Subject: [PATCH 1/4] Revert r41311, fix bug #7581
svn path=/trunk/; revision=44454
---
epan/dissectors/packet-hsrp.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/epan/dissectors/packet-hsrp.c b/epan/dissectors/packet-hsrp.c
index 3db3d4f..866249d 100644
--- a/epan/dissectors/packet-hsrp.c
+++ b/epan/dissectors/packet-hsrp.c
@@ -411,6 +411,7 @@ dissect_hsrp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
auth_buf);
offset += 8;
proto_tree_add_item(hsrp_tree, hf_hsrp_virt_ip_addr, tvb, offset, 4, ENC_BIG_ENDIAN);
+ /* offset += 4; */
} else if (opcode == 3) {
proto_tree_add_item(hsrp_tree, hf_hsrp_adv_type, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
@@ -425,6 +426,7 @@ dissect_hsrp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
proto_tree_add_item(hsrp_tree, hf_hsrp_adv_passivegrp, tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
proto_tree_add_item(hsrp_tree, hf_hsrp_adv_reserved2, tvb, offset, 4, ENC_BIG_ENDIAN);
+ /* offset += 4; */
} else {
next_tvb = tvb_new_subset_remaining(tvb, offset);
call_dissector(data_handle, next_tvb, pinfo, hsrp_tree);
@@ -433,7 +435,7 @@ dissect_hsrp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
} else if ((pinfo->dst.type == AT_IPv4 && strcmp(dst,HSRP2_DST_IP_ADDR) == 0) ||
(pinfo->dst.type == AT_IPv6 && pinfo->destport == UDP_PORT_HSRP2_V6)) {
/* HSRPv2 */
- guint offset = 0;
+ guint offset = 0, offset2;
proto_item *ti = NULL;
proto_tree *hsrp_tree = NULL;
guint8 type,len;
@@ -449,6 +451,7 @@ dissect_hsrp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
type = tvb_get_guint8(tvb, offset);
len = tvb_get_guint8(tvb, offset+1);
+ offset2 = offset;
if (type == 1 && len == 40) {
/* Group State TLV */
guint8 opcode, state = 0, ipver;
@@ -516,6 +519,7 @@ dissect_hsrp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
call_dissector(data_handle, next_tvb, pinfo, hsrp_tree);
break;
}
+ /* offset+=16; */
}
} else if (type == 2 && len == 4) {
/* Interface State TLV */
@@ -538,6 +542,7 @@ dissect_hsrp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
proto_tree_add_item(interface_state_tlv, hf_hsrp2_active_group, tvb, offset, 2, ENC_BIG_ENDIAN);
offset+=2;
proto_tree_add_item(interface_state_tlv, hf_hsrp2_passive_group, tvb, offset, 2, ENC_BIG_ENDIAN);
+ /* offset+=2; */
}
} else if (type == 3 && len == 8) {
/* Text Authentication TLV */
@@ -558,6 +563,7 @@ dissect_hsrp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
"Authentication Data: %sDefault (%s)",
(tvb_strneql(tvb, offset, "cisco", strlen("cisco"))) == 0 ? "" : "Non-",
auth_buf);
+ /* offset += 8; */
}
} else if (type == 4 && len == 28) {
/* Text Authentication TLV */
@@ -581,6 +587,7 @@ dissect_hsrp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
proto_tree_add_item(md5_auth_tlv, hf_hsrp2_md5_key_id, tvb, offset, 4, ENC_BIG_ENDIAN);
offset+=4;
proto_tree_add_item(md5_auth_tlv, hf_hsrp2_md5_auth_data, tvb, offset, 16, ENC_BIG_ENDIAN);
+ /* offset += 16; */
}
} else {
/* Undefined TLV */
@@ -590,6 +597,7 @@ dissect_hsrp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
}
break;
}
+ offset = offset2+len+2;
}
}
--
1.7.10.4
From ac3bdf57670fd59afef128b33d11907fc28436ba Mon Sep 17 00:00:00 2001
From: Jeff Morriss <jeff.morriss.ws@gmail.com>
Date: Fri, 7 Sep 2012 01:35:16 +0000
Subject: [PATCH 4/4] From Aditya Ambadkar via
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7046
:
Fix CID 703472 and (external) fuzz failure 7567:
The dissect_subtlv_interface_parameters is missing the handling of BFD 2..4.
For the crash patch, we decided to add the bfd2..4 in dissect_tlc function(in
the diff). We plan to open a separate bug to fix
dissect_subtlv_interface_parameters to make it handle BFD2..4. (Thanks to Arun
Arunachalam for this analysis)
From me: fix up some indentation and replace tabs with spaces (for consistency).
svn path=/trunk/; revision=44801
---
epan/dissectors/packet-ldp.c | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/epan/dissectors/packet-ldp.c b/epan/dissectors/packet-ldp.c
index 86a6301..4d08088 100644
--- a/epan/dissectors/packet-ldp.c
+++ b/epan/dissectors/packet-ldp.c
@@ -2459,7 +2459,13 @@ dissect_tlv(tvbuff_t *tvb, guint offset, proto_tree *tree, int rem)
&hf_ldp_tlv_intparam_vccv_cctype_ttl1 ,
&hf_ldp_tlv_intparam_vccv_cvtype_icmpping ,
&hf_ldp_tlv_intparam_vccv_cvtype_lspping ,
- &hf_ldp_tlv_intparam_vccv_cvtype_bfd
+ &hf_ldp_tlv_intparam_vccv_cvtype_bfd,
+ &hf_ldp_tlv_fec_vc_intparam_vccv_cvtype_bfd2,
+ &hf_ldp_tlv_fec_vc_intparam_vccv_cvtype_bfd3,
+ &hf_ldp_tlv_fec_vc_intparam_vccv_cvtype_bfd4,
+ &hf_ldp_tlv_fec_vc_intparam_flowlabel_t,
+ &hf_ldp_tlv_fec_vc_intparam_flowlabel_r,
+ &hf_ldp_tlv_fec_vc_intparam_flowlabel_res
};
int vc_len = length;
offset += 4;
@@ -3568,25 +3574,25 @@ proto_register_ldp(void)
{ "BFD IP/UDP-encapsulated, for PW Fault Detection only", "ldp.msg.tlv.fec.vc.intparam.vccv.cvtype_bfd1", FT_BOOLEAN, 8,
NULL, 0x04, "VC FEC Interface Param VCCV CV Type BFD IP/UDP-encapsulated, for PW Fault Detection only", HFILL }},
- { &hf_ldp_tlv_fec_vc_intparam_vccv_cvtype_bfd2,
+ { &hf_ldp_tlv_fec_vc_intparam_vccv_cvtype_bfd2,
{ "BFD IP/UDP-encapsulated, for PW Fault Detection and AC/PW Fault Status Signaling", "ldp.msg.tlv.fec.vc.intparam.vccv.cvtype_bfd2", FT_BOOLEAN, 8,
NULL, 0x08, "VC FEC Interface Param VCCV CV Type BFD IP/UDP-encapsulated, for PW Fault Detection and AC/PW Fault Status Signaling", HFILL }},
- { &hf_ldp_tlv_fec_vc_intparam_vccv_cvtype_bfd3,
+ { &hf_ldp_tlv_fec_vc_intparam_vccv_cvtype_bfd3,
{ "BFD BFD PW-ACH-encapsulated, for PW Fault Detection only", "ldp.msg.tlv.fec.vc.intparam.vccv.cvtype_bfd3", FT_BOOLEAN, 8,
NULL, 0x10, "VC FEC Interface Param VCCV CV Type BFD PW-ACH-encapsulated, for PW Fault Detection only", HFILL }},
- { &hf_ldp_tlv_fec_vc_intparam_vccv_cvtype_bfd4,
+ { &hf_ldp_tlv_fec_vc_intparam_vccv_cvtype_bfd4,
{ "BFD BFD PW-ACH-encapsulated, for PW Fault Detection and AC/PW Fault Status Signaling", "ldp.msg.tlv.fec.vc.intparam.vccv.cvtype_bfd4", FT_BOOLEAN, 8,
NULL, 0x20, "VC FEC Interface Param VCCV CV Type BFD PW-ACH-encapsulated, for PW Fault Detection and AC/PW Fault Status Signaling", HFILL }},
- { &hf_ldp_tlv_fec_vc_intparam_flowlabel_t,
+ { &hf_ldp_tlv_fec_vc_intparam_flowlabel_t,
{ "Flow Label Transmit bit", "ldp.msg.tlv.fec.vc.intparam.flowlabel.t", FT_UINT8, BASE_DEC, NULL, 0x80, NULL, HFILL}},
- { &hf_ldp_tlv_fec_vc_intparam_flowlabel_r,
+ { &hf_ldp_tlv_fec_vc_intparam_flowlabel_r,
{ "Flow Label Receive bit", "ldp.msg.tlv.fec.vc.intparam.flowlabel.r", FT_UINT8, BASE_DEC, NULL, 0x40, NULL, HFILL}},
- { &hf_ldp_tlv_fec_vc_intparam_flowlabel_res,
+ { &hf_ldp_tlv_fec_vc_intparam_flowlabel_res,
{ "Flow Label Reserved", "ldp.msg.tlv.fec.vc.intparam.flowlabel.res", FT_UINT16, BASE_HEX, NULL, 0x3FFF, NULL, HFILL}},
{ &hf_ldp_tlv_lspid_act_flg,
--
1.7.10.4
From cfbeab2a4421ca0ba8f19d3958abe9e2fc5898bc Mon Sep 17 00:00:00 2001
From: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Date: Tue, 28 Aug 2012 08:44:41 +0000
Subject: [PATCH 2/4] Fix bug #7668
Use correct field type for lcp.opt.oui
svn path=/trunk/; revision=44688
---
epan/dissectors/packet-ppp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/epan/dissectors/packet-ppp.c b/epan/dissectors/packet-ppp.c
index ca740c5..6109313 100644
--- a/epan/dissectors/packet-ppp.c
+++ b/epan/dissectors/packet-ppp.c
@@ -5570,7 +5570,7 @@ proto_register_lcp(void)
{ "Length", "lcp.opt.length", FT_UINT8, BASE_DEC,
NULL, 0x0, NULL, HFILL }},
{ &hf_lcp_opt_oui,
- { "OUI", "lcp.opt.oui", FT_BYTES, BASE_NONE,
+ { "OUI", "lcp.opt.oui", FT_UINT24, BASE_HEX,
NULL, 0x0, NULL, HFILL }},
{ &hf_lcp_opt_kind,
{ "Kind", "lcp.opt.kind", FT_UINT8, BASE_DEC_HEX,
--
1.7.10.4
From 2105bbdfcf11082765daba013b64f1c37aaf6245 Mon Sep 17 00:00:00 2001
From: Pascal Quantin <pascal.quantin@gmail.com>
Date: Mon, 3 Sep 2012 12:48:57 +0000
Subject: [PATCH 3/4] Fix
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7666
: Check that DRDA command has a minimum length of 10
bytes to prevent a potential infinite loop
svn path=/trunk/; revision=44749
---
epan/dissectors/packet-drda.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/epan/dissectors/packet-drda.c b/epan/dissectors/packet-drda.c
index f5d701b..730f687 100644
--- a/epan/dissectors/packet-drda.c
+++ b/epan/dissectors/packet-drda.c
@@ -55,6 +55,7 @@
#include <epan/packet.h>
#include <epan/conversation.h>
#include <epan/prefs.h>
+#include <epan/expert.h>
#include "packet-tcp.h"
static int proto_drda = -1;
@@ -696,6 +697,10 @@ dissect_drda(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
iCommand = tvb_get_ntohs(tvb, offset + 8);
iLength = tvb_get_ntohs(tvb, offset + 0);
+ if (iLength < 10) {
+ expert_add_info_format(pinfo, NULL, PI_MALFORMED, PI_ERROR, "Invalid length detected (%u): should be at least 10 bytes long", iLength);
+ break;
+ }
/* iCommandEnd is the length of the packet up to the end of the current command */
iCommandEnd += iLength;
--
1.7.10.4
01_idl2deb.patch
02_asn2deb.patch
03_preferences.patch
04_asn2wrs_ply.patch
05_note-README-when-running-as-root.patch
06_release-version.patch
08_wireshark-desktop-menu.patch
09_idl2wrs.patch
16_licence_about_location.patch
17_fix_from_1.8.3_fix_HSRP_crash.patch
17_fix_from_1.8.3_fix_infinite_loop_in_DRDA_dissector.patch
17_fix_from_1.8.3_fix_LDP_crash.patch
17_fix_from_1.8.3_fix_PPP_crash.patch
[type: gettext/rfc822deb] templates
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the wireshark package.
# Martin Sin <martin.sin@zshk.cz>, 2009.
#
msgid ""
msgstr ""
"Project-Id-Version: wireshark 1.2.1-3\n"
"Report-Msgid-Bugs-To: wireshark@packages.debian.org\n"
"POT-Creation-Date: 2010-06-20 16:35+0200\n"
"PO-Revision-Date: 2010-06-20 17:12+0200\n"
"Last-Translator: Martin Sin <martin.sin@zshk.cz>\n"
"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
#. Type: boolean
#. Description
#: ../templates:2001
msgid "Should non-superusers be able to capture packets?"
msgstr "Mohou obyčejní uživatelé zachytávat pakety?"
#. Type: boolean
#. Description
#: ../templates:2001
#| msgid ""
#| "Dumpcap can be installed with the set-user-id bit set, so members of the "
#| "\"wireshark\" system group will have the privileges required to use it. "
#| "This way of capturing packets using Wireshark/Tshark is recommended over "
#| "the alternative of running them directly as superuser, because less of "
#| "the code will run with elevated privileges."
msgid ""
"Dumpcap can be installed in a way that allows members of the \"wireshark\" "
"system group to capture packets. This is recommended over the alternative of "
"running Wireshark/Tshark directly as root, because less of the code will run "
"with elevated privileges."
msgstr ""
"Dumpcap můžete nainstalovat tak, že budou moci zachytávat pakety pouze "
"členové skupiny „wireshark“. Tento způsob zachytávání paketů pomocí "
"Wireshark/Tshark se obecně doporučuje. Druhou možností je spuštění programu "
"přímo pod superuživatelem, to ovšem nelze doporučit, protože je pak pod tímto "
"uživatelem spuštěna větší část potencionálně nebezpečného kódu."
#. Type: boolean
#. Description
#: ../templates:2001
msgid ""
"For more detailed information please see /usr/share/doc/wireshark-common/"
"README.Debian."
msgstr ""
"Pro více informací se prosím podívejte na /usr/share/doc/wireshark-common/"
"README.Debian."
#. Type: boolean
#. Description
#: ../templates:2001
msgid ""
"Enabling this feature may be a security risk, so it is disabled by default. "
"If in doubt, it is suggested to leave it disabled."
msgstr ""
"Povolení této možnosti může být bezpečnostním rizikem a tak je ve výchozím "
"nastavení vypnuté. Jste-li na pochybách, doporučuje se nechat volbu vypnutou."
#~ msgid "Should dumpcap be installed \"setuid root\"?"
#~ msgstr "M?? se dumpcap nainstalovat s ???setuid root????"
# Danish translation wireshark.
# Copyright (C) 2010 wireshark & nedenstående oversættere.
# This file is distributed under the same license as the wireshark package.
# Joe Hansen <joedalton2@yahoo.dk>, 2010.
#
msgid ""
msgstr ""
"Project-Id-Version: wireshark\n"
"Report-Msgid-Bugs-To: wireshark@packages.debian.org\n"
"POT-Creation-Date: 2010-06-20 16:35+0200\n"
"PO-Revision-Date: 2010-08-28 23:51+0200\n"
"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n"
"Language-Team: Danish <dansk@dansk-gruppen.dk>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"