[Wireshark-bugs] [Bug 13748] New: Wireshark needs a way to specify arbitrary strings as capture devices

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13748

Bug ID: 13748
   Summary: Wireshark needs a way to specify arbitrary strings as
capture devices
   Product: Wireshark
   Version: unspecified
  Hardware: All
OS: All
Status: UNCONFIRMED
  Severity: Enhancement
  Priority: Medium
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: g...@alum.mit.edu
  Target Milestone: ---

Build Information:
N/A
--
I just checked into the libpcap repository source Luigi Rizzo's code for
capturing on netmap devices:

https://www.freebsd.org/cgi/man.cgi?query=netmap=4

The device "names" that can be specified aren't identifiers for devices, they
include expressions that specify how to plumb the device.  See the syntaxes
described in the section for the NIOCREGIF ioctl.

So the netmap support doesn't attempt to enumerate devices, and there won't be
any netmap devices in the local capture device list.

To capture on netmap devices, there will need to be a way to let the user type
in the appropriate string and have Wireshark capture on that device.

Perhaps adding [+] and [-] buttons to the "Capture Interfaces" dialog, letting
you add devices (specifying a name) and remove devices (enabled only if you've
selected an added device).

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13747] New: [oss-fuzz] UBSAN: division by zero in packet-thread.c:1824:82

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13747

Bug ID: 13747
   Summary: [oss-fuzz] UBSAN: division by zero in
packet-thread.c:1824:82
   Product: Wireshark
   Version: Git
  Hardware: x86-64
   URL: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=
1979
OS: Linux (other)
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: pe...@lekensteyn.nl
  Target Milestone: ---

Build Information:
TShark (Wireshark) 2.3.0 (v2.3.0rc0-3646-g0a3df90afc)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.52.2, with zlib 1.2.11, without SMI, with c-ares 1.12.0, with Lua
5.2.4, with GnuTLS 3.5.12, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP,
with nghttp2 1.22.0, with LZ4, with Snappy, with libxml2 2.9.4.

Running on Linux 4.10.13-1-ARCH, with Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
(with SSE4.2), with 31996 MB of physical memory, with locale C, with libpcap
version 1.8.1, with GnuTLS 3.5.12, with Gcrypt 1.7.6, with zlib 1.2.11.

Built using clang 4.2.1 Compatible Clang 4.0.0 (tags/RELEASE_400/final).
--
A problem was found by the oss-fuzz project:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1979

Attached is the sample that triggers this error which can be reproduced with an
ASAN+UBSAN build of Wireshark ("tshark -Vr test.pcap").
--
epan/dissectors/packet-thread.c:1824:82: runtime error: division by zero
#0 0x7fefc327cdd7 in dissect_thread_mc
epan/dissectors/packet-thread.c:1824:82
#1 0x7fefc4aeecbd in call_dissector_through_handle epan/packet.c:684:8
#2 0x7fefc4ad94bf in call_dissector_work epan/packet.c:759:9
#3 0x7fefc4ae80d7 in call_dissector_only epan/packet.c:2992:8
#4 0x7fefc4ad0284 in call_dissector_with_data epan/packet.c:3005:8
#5 0x7fefc4ae8121 in call_dissector epan/packet.c:3022:9
#6 0x7fefc24921e6 in dissect_mle epan/dissectors/packet-mle.c:1053:25
#7 0x7fefc4aeecbd in call_dissector_through_handle epan/packet.c:684:8
#8 0x7fefc4ad94bf in call_dissector_work epan/packet.c:759:9
#9 0x7fefc4ad84dd in dissector_try_uint_new epan/packet.c:1329:8
#10 0x7fefc4ad9a19 in dissector_try_uint epan/packet.c:1353:9
#11 0x7fefc332469b in decode_udp_ports epan/dissectors/packet-udp.c:673:7
#12 0x7fefc333a1d2 in dissect epan/dissectors/packet-udp.c:1131:5
#13 0x7fefc33294ff in dissect_udp epan/dissectors/packet-udp.c:1137:3
#14 0x7fefc4aeecbd in call_dissector_through_handle epan/packet.c:684:8
#15 0x7fefc4ad94bf in call_dissector_work epan/packet.c:759:9
#16 0x7fefc4ad84dd in dissector_try_uint_new epan/packet.c:1329:8
#17 0x7fefc1fc5b5c in ip_try_dissect epan/dissectors/packet-ip.c:1854:7
#18 0x7fefc2041685 in ipv6_dissect_next
epan/dissectors/packet-ipv6.c:2418:9
#19 0x7fefc2044f4d in dissect_ipv6 epan/dissectors/packet-ipv6.c:2366:5
#20 0x7fefc4aeecbd in call_dissector_through_handle epan/packet.c:684:8
#21 0x7fefc4ad94bf in call_dissector_work epan/packet.c:759:9
#22 0x7fefc4ae80d7 in call_dissector_only epan/packet.c:2992:8
#23 0x7fefc4ad0284 in call_dissector_with_data epan/packet.c:3005:8
#24 0x7fefc4ae8121 in call_dissector epan/packet.c:3022:9
#25 0x7fefc0e821d9 in dissect_6lowpan
epan/dissectors/packet-6lowpan.c:1059:9
#26 0x7fefc0e82a37 in dissect_6lowpan_heur
epan/dissectors/packet-6lowpan.c:983:5
#27 0x7fefc4ae5e15 in dissector_try_heuristic epan/packet.c:2617:7
#28 0x7fefc1f65b59 in dissect_ieee802154_common
epan/dissectors/packet-ieee802154.c:1856:21
#29 0x7fefc1f52d77 in dissect_ieee802154_nofcs
epan/dissectors/packet-ieee802154.c:1101:5
#30 0x7fefc4aeecbd in call_dissector_through_handle epan/packet.c:684:8
#31 0x7fefc4ad94bf in call_dissector_work epan/packet.c:759:9
#32 0x7fefc4ae80d7 in call_dissector_only epan/packet.c:2992:8
#33 0x7fefc4ad0284 in call_dissector_with_data epan/packet.c:3005:8
#34 0x7fefc4ae8121 in call_dissector epan/packet.c:3022:9
#35 0x7fefc2cc6cae in dissect_scop_bridge
epan/dissectors/packet-scop.c:308:5
#36 0x7fefc2cc6844 in dissect_scop epan/dissectors/packet-scop.c:193:13
#37 0x7fefc4aeecbd in call_dissector_through_handle epan/packet.c:684:8
#38 0x7fefc4ad94bf in call_dissector_work epan/packet.c:759:9
#39 0x7fefc4ad84dd in dissector_try_uint_new epan/packet.c:1329:8
#40 0x7fefc4ad9a19 in dissector_try_uint epan/packet.c:1353:9
#41 0x7fefc332469b in 

[Wireshark-bugs] [Bug 13747] [oss-fuzz] UBSAN: division by zero in packet-thread.c:1824:82

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13747

--- Comment #1 from Peter Wu  ---
Created attachment 15588
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15588=edit
Packet capture file

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13732] Invalid certificate for https://wireshark.org

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13732

Gerald Combs  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 Resolution|--- |FIXED

--- Comment #1 from Gerald Combs  ---
Fixed.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13746] Dissectors using Decode As need to account for tunneling

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13746

Jaap Keuter  changed:

   What|Removed |Added

URL||https://code.wireshark.org/
   ||review/21559

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13746] New: Dissectors using Decode As need to account for tunneling

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13746

Bug ID: 13746
   Summary: Dissectors using Decode As need to account for
tunneling
   Product: Wireshark
   Version: Git
  Hardware: All
OS: All
Status: UNCONFIRMED
  Severity: Normal
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: mman...@netscape.net
  Target Milestone: ---

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
Any (transport) protocol, using pinfo field values in 'decode as', may not
decode the correct layer if a tunnelled (transport) protocol is using the same
pinfo fields because pinfo (address) fields may be overwritten.

The following protocols are affected because "address" field in pinfo may be
overwritten:
DTLS
SCTP
SSL
TCP

The following protocols are affected because they are using a single key value
to store proto data (instead of current layer) so proto data may get
overwritten.
Ethertype

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13662] [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13662

--- Comment #10 from Gerald Combs  ---
This doesn't appear to be exploitable or cause a denial of service, so I'm
assuming it doesn't warrant a CVE ID. If that's not the case please let me
know.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13599] libfuzzer: BZR dissector loop (get_bzr_pdu_len)

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599

Gerald Combs  changed:

   What|Removed |Added

  Attachment #15449|1   |0
 is private||

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13588] LibFuzzer: ISUP dissector bug (isup.number_different_meaning)

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13588

Gerald Combs  changed:

   What|Removed |Added

Summary|libfuzzer: isup dissector   |LibFuzzer: ISUP dissector
   |bug |bug
   |(isup.number_different_mean |(isup.number_different_mean
   |ing)|ing)

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13745] RADIUS: Vendor-Specific Extended Attributes (RFC 6929) are not correctly decoded

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13745

João Valverde  changed:

   What|Removed |Added

 Status|INCOMPLETE  |CONFIRMED

--- Comment #2 from João Valverde  ---
I wasn't aware of that format when I closed bug 13176. It is indeed not
supported by our parser.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13745] RADIUS: Vendor-Specific Extended Attributes (RFC 6929) are not correctly decoded

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13745

Alexis La Goutte  changed:

   What|Removed |Added

 Status|UNCONFIRMED |INCOMPLETE
 Ever confirmed|0   |1
 CC||alexis.lagou...@gmail.com,
   ||joao.valverde@tecnico.ulisb
   ||oa.pt

--- Comment #1 from Alexis La Goutte  ---
Hi,

Can you atttach a pcap sample ?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13744] Assert/Crash in Manage Interfaces dialog (debug only)

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13744

--- Comment #2 from Michael Mann  ---
(In reply to Roland Knall from comment #1)
> Could you add a textfile with the asserts please? I do not have access to
> VS2013 (only 2015 and higher) and will take a look at it.

I will see what I can do, but all of the asserts are in the Qt code (and I
don't think this would be just a VS2013 issue).  And if you look at the fix for
bug 13180 (https://code.wireshark.org/review/19007) the asserts didn't exactly
correlate to the fix.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13745] New: RADIUS: Vendor-Specific Extended Attributes (RFC 6929) are not correctly decoded

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13745

Bug ID: 13745
   Summary: RADIUS: Vendor-Specific Extended Attributes (RFC 6929)
are not correctly decoded
   Product: Wireshark
   Version: 2.3.x (Experimental)
  Hardware: All
OS: All
Status: UNCONFIRMED
  Severity: Normal
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: mareko.pal...@gmail.com
  Target Milestone: ---

Build Information:
TShark (Wireshark) 2.3.0 (ac016c1d65 from master.el6)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, without POSIX capabilities, without libnl, with
GLib 2.44.1, with zlib 1.2.3, without SMI, without c-ares, with Lua 5.1.4, with
GnuTLS 3.5.11, with Gcrypt 1.4.5, with MIT Kerberos, without GeoIP, without
nghttp2, without LZ4, without Snappy, with libxml2 2.7.6.

Running on Linux 2.6.32-220.7.1.el6.x86_64, with Intel(R) Xeon(R) CPU
X3440  @ 2.53GHz (with SSE4.2), with 15943 MB of physical memory, with locale
en_US.UTF-8, with libpcap version 1.7.2, with GnuTLS 3.5.11, with Gcrypt 1.4.5,
with zlib 1.2.3.

Built using gcc 6.3.0.

--
Please see bug 13176 for details about RFC 6929 implementation:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13176

The issue is that extended attributes are not interpreted correctly.
VSA type is taken from vendor's dictionary as "normal" attributes instead of
extended ones.

For VSAs in the RFC 6929 we should take attributes from vendor's dictionary
section followed by "format=Extended-Vendor-Specific-1":
http://freeradius.org/radiusd/man/dictionary.html


Example: The following dictionary entries seems to be ignored (specified with
"format=Extended-Vendor-Specific-1"):

BEGIN-VENDORAlcatel-IPD format=Extended-Vendor-Specific-1

ATTRIBUTE Alc-PPPoE-Client-Service   1  integer
ATTRIBUTE Alc-PPPoE-Client-MAC   2  string

...

END-VENDOR  Alcatel-IPD


Instead of this wireshark takes attributes from vendor's section without
"format=" keyword.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13743] SSL decryption does not work as documented for nonstandard SSL port

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13743

--- Comment #2 from Peter Wu  ---
Can you clarify the report? It is not clear whether the TCP payload is not
recognized as SSL or whether the SSL decryption fails for some other reason.
Something like this:

-
Steps to reproduce:
1. Load a capture with SSL traffic on port 
2. Select packet, Decode As -> TCP port  - SSL

Expected results:
Protocol column shows "SSL", "Client Hello", "Server Hello", etc. are visible.
The Application Data packets have a "Decrypted SSL data" tab in the bytes view.
Following the SSL layer, the HTTP layer is visible.

Actual results:
Protocol column shows "TCP", no trace of "SSL" is available (no "Client Hello",
"Application data", etc. Or:
Protocol column shows "SSL", "Application Data", etc., but the "Decrypted SSL
data" tab is not visible.
-

There are currently two uses for the keys dialog:
1. Set the application layer protocol to be used for a port (port *must* be
non-zero and protocol must be set).
2. Load RSA private keys (address/port are ignored and can be zero, keyfile is
the only required field).

The first option is deprecated, in the next Wireshark version (2.4) you can
change the application layer protocol through "Decode As" -> "SSL TCP
Dissector" (e.g. to HTTP, SMTP).

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13743] SSL decryption does not work as documented for nonstandard SSL port

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13743

Alexis La Goutte  changed:

   What|Removed |Added

 CC||alexis.lagou...@gmail.com,
   ||pe...@lekensteyn.nl

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13744] Assert/Crash in Manage Interfaces dialog (debug only)

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13744

--- Comment #1 from Roland Knall  ---
Could you add a textfile with the asserts please? I do not have access to
VS2013 (only 2015 and higher) and will take a look at it.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13744] Assert/Crash in Manage Interfaces dialog (debug only)

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13744

Michael Mann  changed:

   What|Removed |Added

 CC||rkn...@gmail.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13744] New: Assert/Crash in Manage Interfaces dialog (debug only)

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13744

Bug ID: 13744
   Summary: Assert/Crash in Manage Interfaces dialog (debug only)
   Product: Wireshark
   Version: Git
  Hardware: x86-64
OS: Windows 7
Status: UNCONFIRMED
  Severity: Minor
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: mman...@netscape.net
  Target Milestone: ---

Build Information:
Version 2.3.0 (v2.3.0rc0-3686-g0b6ab24c93)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.2, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua 5.2.4, with GnuTLS
3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP, with nghttp2 1.14.0,
with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia, with AirPcap,
with
SBC, with SpanDSP.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with Intel(R) Core(TM)
i7-6820HQ CPU @ 2.70GHz (with SSE4.2), with 4095 MB of physical memory, with
locale English_United States.1252, with WinPcap version 4.1.3 (packet.dll
version 4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008),
with GnuTLS 3.4.11, with Gcrypt 1.7.6, with AirPcap 4.1.0 build 1622.

Built using Microsoft Visual C++ 12.0 build 31101
--
Whenever I launch the Manage Interfaces dialog with a debug build using VS2013,
I get a handful of asserts.  I originally thought this was because I was
running only extcap interfaces, but I reinstalled WinPcap (which exposed an
"standard" Ethernet interface) and still see the problem.

This seems similar to the symptoms of bug 13180, but nothing jumped out at me
as being empty/missing text.

I can ignore the asserts and it doesn't actually crash and I don't see the
behavior on a release build (again, just like bug 13180)

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 11668] extcap: capture filter should be validated by the extcap

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11668

Michael Mann  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|CONFIRMED   |RESOLVED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13743] SSL decryption does not work as documented for nonstandard SSL port

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13743

--- Comment #1 from AN  ---
Wireshark 2.2.6 (v2.2.6-0-g32dac6a)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.1, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua 5.2.4, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows Server 2008 R2 Service Pack 1, build 7601, with
locale

English_United States.1252, with WinPcap version 4.1.3 (packet.dll version
4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with
GnuTLS 3.2.15, with Gcrypt 1.6.2, without AirPcap.
  Intel(R) Xeon(R) CPU E5-2690 v2 @ 3.00GHz (with SSE4.2), with 32767MB of
physical memory.


Built using Microsoft Visual C++ 12.0 build 40629

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13743] New: SSL decryption does not work as documented for nonstandard SSL port

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13743

Bug ID: 13743
   Summary: SSL decryption does not work as documented for
nonstandard SSL port
   Product: Wireshark
   Version: 2.2.6
  Hardware: x86
OS: Windows Server 2008
Status: UNCONFIRMED
  Severity: Normal
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: alim.need...@secunetics.com
  Target Milestone: ---

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
1) I have SSL traffic on port ,so I used decode as to decode packets
2) When I set the IP to any, port 0 it works for 443, but not for SSL on .I
have to add an explicit entry for port  in order for it to be decrypted. 
3) Export session ssl keys does not work for port , it works for 443. It
allows me to export to a file; however, when i try to import it doesn't work.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13653] extcap: Several issues when capturing from multiple extcap interfaces

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13653

--- Comment #1 from Pascal Quantin  ---
*** Bug 13742 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13742] Wireshark format error when capturing on multiple USB interfaces on the same machine

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13742

Pascal Quantin  changed:

   What|Removed |Added

 Status|INCOMPLETE  |RESOLVED
 Resolution|--- |DUPLICATE

--- Comment #7 from Pascal Quantin  ---
As no one seems to be working on it right now, it might take time before this
is fixed.
Maybe you can try launching 2 tshark instances (one for each interface) and
then reassemble the pcap files with mergecap.

*** This bug has been marked as a duplicate of bug 13653 ***

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13653] extcap: Several issues when capturing from multiple extcap interfaces

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13653

Ganesan  changed:

   What|Removed |Added

 CC||paganesa...@gmail.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13742] Wireshark format error when capturing on multiple USB interfaces on the same machine

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13742

--- Comment #6 from Ganesan  ---
(In reply to Pascal Quantin from comment #5)
> If you are using USBPcap extcap interfaces, you are probably facing bug
> 13653. For now on Windows you can only capture with a single USBPcap
> interface at a time.

Thanks for the reply. When we can expect a solution for this in Windows (or)
Any temporary solution for this?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13742] Wireshark format error when capturing on multiple USB interfaces on the same machine

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13742

Pascal Quantin  changed:

   What|Removed |Added

 CC||pascal.quan...@gmail.com

--- Comment #5 from Pascal Quantin  ---
If you are using USBPcap extcap interfaces, you are probably facing bug 13653.
For now on Windows you can only capture with a single USBPcap interface at a
time.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13742] Wireshark format error when capturing on multiple USB interfaces on the same machine

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13742

Ganesan  changed:

   What|Removed |Added

 CC||paganesa...@gmail.com

--- Comment #4 from Ganesan  ---
Rarely, the command prints some output as below and exits immediately.

Capturing on 2 interfaces
tshark: Unrecognized libpcap format or not libpcap data.

  1   0.00 host → 770.31.0 USB 1907884059 URB_ISOCHRONOUS
out[Pa
cket size limited during capture]
  2   0.000481 host → 770.512.0USB 2653421595 URB_ISOCHRONOUS
out[Pa
cket size limited during capture]
  3  -0.18 host → 897.13.0 USB 2653421595 URB_ISOCHRONOUS out
  4   0.00 host → 770.31.0 USB 2653421595 URB_ISOCHRONOUS
out[Pa
cket size limited during capture]
4 packets captured

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13742] Wireshark format error when capturing on multiple USB interfaces on the same machine

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13742

--- Comment #3 from Ganesan  ---
(In reply to Guy Harris from comment #2)
> (In reply to Ganesan from comment #0)
> > Capturing on 2 interfaces
> > tshark: Unrecognized libpcap format or not libpcap data.
> 
> That's a dumpcap error, printed if it's capturing from a pipe and doesn't
> see a pcap header.
> 
> What does the command
> 
> tshark.exe -D
> 
> print?

tshark.exe -D:
-

1. \Device\NPF_{8EE25303-DD1E-497C-988B-12E041A3AD04} (Local Area Connection 5)
2. \Device\NPF_{FC500EC0-307A-4624-A282-0D2B9653AF32} (Local Area Connection 6)
3. \\.\USBPcap1 (USBPcap1)
4. \\.\USBPcap2 (USBPcap2)
5. \\.\USBPcap3 (USBPcap3)
6. \\.\USBPcap4 (USBPcap4)

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13742] Wireshark format error when capturing on multiple USB interfaces on the same machine

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13742

Guy Harris  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |INCOMPLETE

--- Comment #2 from Guy Harris  ---
(In reply to Ganesan from comment #0)
> Capturing on 2 interfaces
> tshark: Unrecognized libpcap format or not libpcap data.

That's a dumpcap error, printed if it's capturing from a pipe and doesn't see a
pcap header.

What does the command

tshark.exe -D

print?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe