This project is mirrored from https://gitlab.com/wireshark/wireshark.git. Pull mirroring updated .
  1. 23 Oct, 2021 9 commits
    • Brian Sipos's avatar
    • Brian Sipos's avatar
      BPv7: Add proper heuristic block/payload dissection. · 1e42357d
      Brian Sipos authored and  Wireshark GitLab Utility's avatar Wireshark GitLab Utility committed
      This also touches up the INFO column display of bundle src/dst EID.
      1e42357d
    • John Thacker's avatar
      exceptions: set FragmentBoundsError priority above ContainedBoundsError · fad83462
      John Thacker authored and  Wireshark GitLab Utility's avatar Wireshark GitLab Utility committed
      All fragment errors are bounds errors that go past the contained length,
      but they do not necessarily involve going past the reported length,
      so the checks for FragmentBoundsError should reflect that.
      
      With some forms of reassembly, like IP fragmentation, we don't know how
      big the PDU/reassembled packet is until reassembly is complete, so we
      probably use tvb_new_subset_remaining() to create fragments and the tvb's
      reported length is equal to its contained length. In these cases
      ReportedBoundsError would be otherwise thrown, except when the existing
      checks for FragmentBoundsError intervene.
      
      However, with other forms of reassembly, like various PDUs carried over TCP,
      we know the total PDU length, so we use tvb_new_subset_length[_caplen](),
      setting the proper reported length, but not changing the contained
      length when reassembly is not performed. In those cases, a bounds error
      that occurs due to lack of reassembly is otherwise a ContainedBoundsError,
      not a ReportedBoundsError.
      
      In both cases, a bounds error caused by an unreassembled fragment should
      be a FragmentBoundsError for the existing reasons. It is not necessarily
      a malformed packet (to the extent reassembly is not performed because of a
      malformed error elsewhere, that should be reported separately) and can
      likely be avoided by changing preferences (e.g., turning reassembly
      preferences on, turning off checksum verification, etc.) Otherwise it
      is probably a dissector bug.
      fad83462
    • huangqiangxiong's avatar
      grpc: do not dissect empty grpc message body · 33708af7
      huangqiangxiong authored and  Wireshark GitLab Utility's avatar Wireshark GitLab Utility committed
      close #17675
      33708af7
    • Eugène Adell's avatar
      Follow Stream: Minor update of a variable scope · 9bedc8af
      Eugène Adell authored and Martin Mathieson's avatar Martin Mathieson committed
      To enhance the Merge 4644, the isReadRunning variable scope is
      changed to reduce the header footprint and make the code compliant
      to the usual coding rules.
      9bedc8af
    • Alexis La Goutte's avatar
      ieee80211: Fix warnings found by Clang Analyzer · 62de74f6
      Alexis La Goutte authored and  Wireshark GitLab Utility's avatar Wireshark GitLab Utility committed
      packet-ieee80211.c:17420:9: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
      62de74f6
    • Martin Mathieson's avatar
      ORAN FH CUS: Avoid infinite loop on section extension · 811a80b8
      Martin Mathieson authored
      Found by fuzzing local captures.
      811a80b8
    • j.novak@netsystem.cz's avatar
      IAX2 Stream Analysis: Fix of mean jitter calculation · cf41fbd8
      j.novak@netsystem.cz authored and  Wireshark GitLab Utility's avatar Wireshark GitLab Utility committed
      Calculation was using incorrect variable so calculation was incorrect.
      Patch corrected this mistake.
      cf41fbd8
    • John Thacker's avatar
      DCERPC: Strengthen heuristic, fix PDU length · 11298a5b
      John Thacker authored
      The fragment length field of DCERPC connection-oriented PDUs includes
      the length of the fixed header, and so must be at least that large.
      Don't return a (bogus) PDU length zero from get_dcerpc_pdu_len,
      because tcp_dissect_pdus interprets that as "need one more segment"
      instead of as a bogus value; instead return one, which the TCP
      dissector will correctly recognize as bogus.
      
      Also, take into account the offset passed into get_dcerpc_pdu_len
      (it is almost always 0, which is why the code previously worked),
      and increase the fixed length value passed to tcp_dissect_pdus
      to the real fixed header length (so that the TCP dissector will
      recognize more bogus values as bogus.)
      Fix #14728.
      11298a5b
  2. 22 Oct, 2021 17 commits
  3. 21 Oct, 2021 8 commits
  4. 20 Oct, 2021 6 commits