tools/wireshark, branch v1.12.11rc0 WIP Patches to add a samsung-ipc dissector to Wireshark 1.12.10 → 1.12.11. 2016-02-26T22:18:25+00:00 Gerald Combs gerald@wireshark.org 2016-02-26T22:16:35+00:00 194ea9e1a529415970540fd4dc4b9b79d1bbaed5 Change-Id: I6cce6adff00ad5f5d4e439b28c83c58a17946b68 Reviewed-on: https://code.wireshark.org/review/14181 Reviewed-by: Gerald Combs <gerald@wireshark.org> 
Change-Id: I6cce6adff00ad5f5d4e439b28c83c58a17946b68
Reviewed-on: https://code.wireshark.org/review/14181
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Build 1.12.10. 2016-02-26T19:52:25+00:00 Gerald Combs gerald@wireshark.org 2016-02-25T23:13:46+00:00 7f56a20e1e701216b3c31c3540022f604978b1e3 Change-Id: I9ac125306dc973dfcab9b2aaf064568d92e42e24 Reviewed-on: https://code.wireshark.org/review/14176 Reviewed-by: Gerald Combs <gerald@wireshark.org> 
Change-Id: I9ac125306dc973dfcab9b2aaf064568d92e42e24
Reviewed-on: https://code.wireshark.org/review/14176
Reviewed-by: Gerald Combs <gerald@wireshark.org>
snmp: Decode msgSecurityParameters ASN.1 header 2016-02-26T12:45:49+00:00 Stig Bjørlykke stig@bjorlykke.org 2016-02-26T11:03:25+00:00 f30a29e53e931563c7ca871297a5acbdc109770b Decode ASN.1 identifier and length to get correct offset to msgSecurityParameters. Bug: 12181 Change-Id: Icf83616ac0a63e1d48652738942fe339dd165cab Reviewed-on: https://code.wireshark.org/review/14158 Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org> Reviewed-on: https://code.wireshark.org/review/14161 
Decode ASN.1 identifier and length to get correct offset to
msgSecurityParameters.

Bug: 12181
Change-Id: Icf83616ac0a63e1d48652738942fe339dd165cab
Reviewed-on: https://code.wireshark.org/review/14158
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-on: https://code.wireshark.org/review/14161
ber: avoid deep recursion for constructed strings 2016-02-24T06:28:49+00:00 Peter Wu peter@lekensteyn.nl 2016-02-24T02:06:46+00:00 8f7a26e8fcf878bb55601edae5032caf71c2e587 Bound the recursion depth to avoid a stack overflow while parsing a deeply nested constructed string. Call chain before this patch: - dissect_ber_octet_string - dissect_ber_constrained_octet_string - reassemble_octet_string (called for constructed types) - dissect_ber_octet_string *recursion* After this patch, the reassemble_octet_string will throw if the maximum recursion depth is reached. Bug: 11822 Change-Id: I6753e3c9f5dcbfab0e4c174418b2c7eb784d64d2 Reviewed-on: https://code.wireshark.org/review/14108 Reviewed-by: Michael Mann <mmann78@netscape.net> Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com> (cherry picked from commit 9ff932bf5ea554f9e94ee1364284aff9eb3fd619) Reviewed-on: https://code.wireshark.org/review/14110 (cherry picked from commit 307bbd253fc61657935eca992ec9325dbfff3274) Reviewed-on: https://code.wireshark.org/review/14111 
Bound the recursion depth to avoid a stack overflow while parsing a
deeply nested constructed string.

Call chain before this patch:

 - dissect_ber_octet_string
   - dissect_ber_constrained_octet_string
     - reassemble_octet_string (called for constructed types)
       - dissect_ber_octet_string *recursion*

After this patch, the reassemble_octet_string will throw if the maximum
recursion depth is reached.

Bug: 11822
Change-Id: I6753e3c9f5dcbfab0e4c174418b2c7eb784d64d2
Reviewed-on: https://code.wireshark.org/review/14108
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 9ff932bf5ea554f9e94ee1364284aff9eb3fd619)
Reviewed-on: https://code.wireshark.org/review/14110
(cherry picked from commit 307bbd253fc61657935eca992ec9325dbfff3274)
Reviewed-on: https://code.wireshark.org/review/14111
[Automatic update for 2016-02-21] 2016-02-21T16:24:40+00:00 Gerald Combs gerald@wireshark.org 2016-02-21T16:24:34+00:00 ce2a840b28c250dbd93e9e081139fbd2396f8177 Update manuf, services enterprise-numbers, translations, and other items. Change-Id: I38a7ee2034cdf8cebaee545dd9db5091c39d10d5 Reviewed-on: https://code.wireshark.org/review/14056 Reviewed-by: Gerald Combs <gerald@wireshark.org> 
Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I38a7ee2034cdf8cebaee545dd9db5091c39d10d5
Reviewed-on: https://code.wireshark.org/review/14056
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Fix various off-by-one in buffer sizes 2016-02-20T15:37:08+00:00 Peter Wu peter@lekensteyn.nl 2016-02-20T15:02:54+00:00 2dd323bd63b4fd41d75c5ca262166e8ebd8926e0 Some only allow buffer overruns (read), others also buffer overflows (write). Found by looking for '\[ *N *\]' where N is 255, 0xff, 15 and 0xf (case insensitive). Change-Id: I250687e2fdeb8fbd5eaf0bbb8251c3dab9640760 Reviewed-on: https://code.wireshark.org/review/14034 Reviewed-by: Peter Wu <peter@lekensteyn.nl> (cherry picked from commit 3b644a75c9530b8fc60e2fa964dfb2ae327e240d) [Trivial conflict resolution] Reviewed-on: https://code.wireshark.org/review/14039 
Some only allow buffer overruns (read), others also buffer overflows
(write).

Found by looking for '\[ *N *\]' where N is 255, 0xff, 15 and 0xf (case
insensitive).

Change-Id: I250687e2fdeb8fbd5eaf0bbb8251c3dab9640760
Reviewed-on: https://code.wireshark.org/review/14034
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit 3b644a75c9530b8fc60e2fa964dfb2ae327e240d)
 [Trivial conflict resolution]
Reviewed-on: https://code.wireshark.org/review/14039
ber: fix buffer overrun when handling empty sets 2016-02-20T15:07:26+00:00 Peter Wu peter@lekensteyn.nl 2016-02-20T14:06:50+00:00 c43f94f03a46cd5778e807aa3454dbbb48dfaed9 When a set is empty, only a terminator (ber_sequence_t with NULL func) is present. In that case, do not try to find more values as that will never succeed. Bug: 12106 Change-Id: I26cd4ba84a9580e92d5921592a27c2af17c0bebf Reviewed-on: https://code.wireshark.org/review/14028 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Peter Wu <peter@lekensteyn.nl> (cherry picked from commit 55b5b7caf3ec4856838b0416d5a91d3a3ff67ec8) Reviewed-on: https://code.wireshark.org/review/14036 
When a set is empty, only a terminator (ber_sequence_t with NULL func)
is present. In that case, do not try to find more values as that will
never succeed.

Bug: 12106
Change-Id: I26cd4ba84a9580e92d5921592a27c2af17c0bebf
Reviewed-on: https://code.wireshark.org/review/14028
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit 55b5b7caf3ec4856838b0416d5a91d3a3ff67ec8)
Reviewed-on: https://code.wireshark.org/review/14036
gsm_abis_oml: fix buffer overrun 2016-02-20T14:39:38+00:00 Peter Wu peter@lekensteyn.nl 2016-02-20T14:27:40+00:00 1d5f6009bfa8a0a2dcdce269f6fca841839aa81c Do not read outside boundaries when tag is exactly 0xff. tag = tvb_get_guint8(tvb, offset); tdef = find_tlv_tag(tag); ... return &nm_att_tlvdef_base.def[tag]; Bug: 11825 Change-Id: I42e624185abb2166aa0f8d0dbd71a2a86fc0b18e Reviewed-on: https://code.wireshark.org/review/14030 Reviewed-by: Peter Wu <peter@lekensteyn.nl> (cherry picked from commit c31425f9ae15067e26ccc6183c206c34713cb256) Reviewed-on: https://code.wireshark.org/review/14032 
Do not read outside boundaries when tag is exactly 0xff.

    tag = tvb_get_guint8(tvb, offset);
    tdef = find_tlv_tag(tag);
        ...
        return &nm_att_tlvdef_base.def[tag];

Bug: 11825
Change-Id: I42e624185abb2166aa0f8d0dbd71a2a86fc0b18e
Reviewed-on: https://code.wireshark.org/review/14030
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit c31425f9ae15067e26ccc6183c206c34713cb256)
Reviewed-on: https://code.wireshark.org/review/14032
Prep for 1.12.10. 2016-02-19T23:49:45+00:00 Gerald Combs gerald@wireshark.org 2016-02-19T18:39:20+00:00 035c0f940a0f130147bea8a1110e83ed9da6c93f Change-Id: If724e053e1f2af6a963cc81ffa3e507a88719e1e Reviewed-on: https://code.wireshark.org/review/14021 Reviewed-by: Gerald Combs <gerald@wireshark.org> 
Change-Id: If724e053e1f2af6a963cc81ffa3e507a88719e1e
Reviewed-on: https://code.wireshark.org/review/14021
Reviewed-by: Gerald Combs <gerald@wireshark.org>
rsl: avoid buffer overread 2016-02-19T17:49:40+00:00 Peter Wu peter@lekensteyn.nl 2016-02-19T17:36:38+00:00 08d1876a23668470ea4f706ee6d7a5f102d72810 Fixes a buffer overrun in dissct_rsl_ipaccess_msg when the tag is exactly 0xff: tag = tvb_get_guint8(tvb, offset); tdef = &rsl_att_tlvdef.def[tag]; Bug: 11829 Change-Id: I25a3c6948242a52f59431ce84c108b2e52008930 Reviewed-on: https://code.wireshark.org/review/14011 Reviewed-by: Peter Wu <peter@lekensteyn.nl> (cherry picked from commit de65fd6b00d0b891930324b9549c93ccfe9cac30) Reviewed-on: https://code.wireshark.org/review/14013 
Fixes a buffer overrun in dissct_rsl_ipaccess_msg when the tag is
exactly 0xff:

        tag = tvb_get_guint8(tvb, offset);
        tdef = &rsl_att_tlvdef.def[tag];

Bug: 11829
Change-Id: I25a3c6948242a52f59431ce84c108b2e52008930
Reviewed-on: https://code.wireshark.org/review/14011
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit de65fd6b00d0b891930324b9549c93ccfe9cac30)
Reviewed-on: https://code.wireshark.org/review/14013