Adding filter while "Telephony->VoIP Calls->Flow Sequence" open causes OOB memory reads and potential crashes.
Applying a filter to the list of packets while Telephony->VoIP Calls ladder graph is open can crash Wireshark, or will lead to garbage data in the Ladder graph most likely from OOB memory reads.
Version 3.2.7 (v3.2.7-0-gfb6522d8) Windows Version 10.0.19041 Build 19041
Steps to reproduce
- Open a PCAP with one or more SIP calls
- Open [Telephony]->[VoIP Calls]
- Select some calls and choose [Flow Sequence]
- Apply a filter to the main window such as ip.addr==127.0.0.1 (This filter must hide some of the packets in the ladder graph)
- If Wireshark doesn't crash, go to the Flow Sequence screen and click around various packets to see the garbage data.
What is the current bug behavior?
Smaller pcaps with just a few packets seem to crash more often, and larger ones are more likely to keep running but have garbled data, likely because of increased stack space. Clicking different packets in the ladder graph after initiating the bug transfer the garbled data into different garbled data.
What is the expected correct behavior?
The VoIP Flow Sequence window should be unaffected by filters being applied to the main window.
Sample capture file
I've seen some other examples that don't crash and let you click around to mangle more data, but I think these 2 are plenty to demonstrate the issue.
Relevant logs and/or screenshots
Copyright 1998-2020 Gerald Combs <firstname.lastname@example.org> and contributors. License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/gpl-2.0.html> This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled (64-bit) with Qt 5.12.9, with WinPcap SDK (WpdPack) 4.1.2, with GLib 2.52.3, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4, with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.39.2, with brotli, with LZ4, with Zstandard, with Snappy, with libxml2 2.9.9, with QtMultimedia, with automatic updates using WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled resampler), with SBC, with SpanDSP, with bcg729. Running on 64-bit Windows 10 (2004), build 19041, with Intel(R) Core(TM) i7-5960X CPU @ 3.00GHz (with SSE4.2), with 65437 MB of physical memory, with locale English_United States.1252, with light display mode, without HiDPI, with Npcap version 0.9997, based on libpcap version 1.9.1, with GnuTLS 3.6.3, with Gcrypt 1.8.3, with brotli 1.0.2, without AirPcap, binary plugins supported (19 loaded). Built using Microsoft Visual Studio 2019 (VC++ 14.27, build 29111).