date:20180319

[Wireshark-bugs] [Bug 14544] Buildbot crash output: fuzz-2018-03-19-19114.pcap

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14544

Guy Harris  changed:

   What|Removed |Added

 OS|Ubuntu  |All
 Status|CONFIRMED   |RESOLVED
   Hardware|x86-64  |All
 Resolution|--- |FIXED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14544] Buildbot crash output: fuzz-2018-03-19-19114.pcap

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14544

--- Comment #6 from Gerrit Code Review  ---
Change 26562 merged by Guy Harris:
Don't register the link-layer 802.11 dissector in the gre.proto table.

https://code.wireshark.org/review/26562

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14544] Buildbot crash output: fuzz-2018-03-19-19114.pcap

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14544

--- Comment #5 from Gerrit Code Review  ---
Change 26562 had a related patch set uploaded by Guy Harris:
Don't register the link-layer 802.11 dissector in the gre.proto table.

https://code.wireshark.org/review/26562

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14544] Buildbot crash output: fuzz-2018-03-19-19114.pcap

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14544

--- Comment #4 from Gerrit Code Review  ---
Change 26561 merged by Guy Harris:
Don't register the link-layer 802.11 dissector in the gre.proto table.

https://code.wireshark.org/review/26561

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14544] Buildbot crash output: fuzz-2018-03-19-19114.pcap

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14544

--- Comment #3 from Gerrit Code Review  ---
Change 26561 had a related patch set uploaded by Guy Harris:
Don't register the link-layer 802.11 dissector in the gre.proto table.

https://code.wireshark.org/review/26561

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14544] Buildbot crash output: fuzz-2018-03-19-19114.pcap

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14544

--- Comment #2 from Gerrit Code Review  ---
Change 26560 merged by Guy Harris:
Don't register the link-layer 802.11 dissector in the gre.proto table.

https://code.wireshark.org/review/26560

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14544] Buildbot crash output: fuzz-2018-03-19-19114.pcap

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14544

--- Comment #1 from Gerrit Code Review  ---
Change 26560 had a related patch set uploaded by Guy Harris:
Don't register the link-layer 802.11 dissector in the gre.proto table.

https://code.wireshark.org/review/26560

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14545] New: Unable to Export Objects -> HTTP after sorting columns

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14545

Bug ID: 14545
   Summary: Unable to Export Objects -> HTTP after sorting columns
   Product: Wireshark
   Version: Git
  Hardware: x86-64
OS: Ubuntu
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: m...@moshekaplan.com
  Target Milestone: ---

Build Information:
Wireshark 2.5.2 (v2.5.2rc0-44-g10b63fa6)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.9.1, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.54.1, with zlib 1.2.11, with SMI 0.4.8, with c-ares
1.13.0, with Lua 5.2.4, with GnuTLS 3.5.8, with Gcrypt 1.7.8, with MIT
Kerberos,
without MaxMind DB resolver, with nghttp2 1.25.0, with LZ4, with Snappy, with
libxml2 2.9.4, with QtMultimedia, with SBC, with SpanDSP, without bcg729.

Running on Linux 4.13.0-25-generic, withIntel(R) Core(TM) i5-2500K CPU
@
3.30GHz (with SSE4.2), with 3001 MB of physical memory, with locale
en_US.UTF-8,
with libpcap version 1.8.1, with GnuTLS 3.5.8, with Gcrypt 1.7.8, with zlib
1.2.11, binary plugins supported (0 loaded).

Built using gcc 7.2.0.
--
* Click File -> Export objects
* Click on a column, e.g., "hostname"
* Select an object
* Click save
and either:
1) no dialog appears to save the file, or 
2) the wrong filename appears to be saved

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12384] Qt: Packet list isn't updated with resolved names

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12384

--- Comment #5 from Stephen Donnelly  ---
(In reply to Peter Wu from comment #3)
> Hi, current master (since v2.5.1rc0-622-gbbe5fc1028) should have solved
> this, can you confirm?

Sorry, bad merge.

Testing with v2.5.2rc0-51-g7fc77962 it does appear to work correctly now.

After loading a file without stored name resolutions, the Source/Destination
columns do re-render automatically after a couple of seconds to show the
resolved names as expected.

I think this bug can be Closed Resolved.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12384] Qt: Packet list isn't updated with resolved names

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12384

--- Comment #4 from Stephen Donnelly  ---
(In reply to Peter Wu from comment #3)
> Hi, current master (since v2.5.1rc0-622-gbbe5fc1028) should have solved
> this, can you confirm?

No, it still appears to be broken.

Testing with git master 2.5.0rc0-656-g31868f1:

1 Start Wireshark
2 Ensure Name Resolution options are enabled
3 Load file with resolvable addresses, but no stored resolutions
4 (Note WS should start async resolver to resolve names)
5 Observe that addresses in Source/Destination columns are not resolved
6 Click on packet detail frame, verify addresses are resolved
7 Observe that addresses in Source/Destination columns are still not resolved
8 Enter filter 'Frame' in search box, execute
9 Observe that addresses in Source/Destination columns are now resolved

Note that files which have resolved names stored in the file (some pcapng and
erf files) appear to work, their resolved names are displayed in the
Source/Destination columns as soon as the file is loaded. Only files where the
names are not pre-resolved show the issue.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14544] New: Buildbot crash output: fuzz-2018-03-19-19114.pcap

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14544

Bug ID: 14544
   Summary: Buildbot crash output: fuzz-2018-03-19-19114.pcap
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
OS: Ubuntu
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: buildbot-do-not-re...@wireshark.org
  Target Milestone: ---

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2018-03-19-19114.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/2331-ArubaMTU.pcap

Build host information:
Linux wsbb04 4.4.0-116-generic #140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description:Ubuntu 16.04.4 LTS
Release:16.04
Codename:   xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=4682
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=4d3c8bc61e768b4789bd2fb8a40f848ac50f8936

Return value:  0

Dissector bug:  0

Valgrind error count:  3



Git commit
commit 4d3c8bc61e768b4789bd2fb8a40f848ac50f8936
Author: Pascal Quantin 
Date:   Sun Mar 18 21:35:48 2018 +0100

MAC-NR: unify BSR filters

Use a single filter for short/long (truncated) BS values to ease
filtering.
Rename other filters to the new mac-nr.bsr.* format.
Fill the missing entries in 8 bits buffer size levels array.

Change-Id: If150f9a951efb40e554c5ea18639cfd4539a1319
Reviewed-on: https://code.wireshark.org/review/26539
Reviewed-by: Pascal Quantin 
Petri-Dish: Pascal Quantin 
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson 


==14997== Memcheck, a memory error detector
==14997== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==14997== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==14997== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2018-03-19-19114.pcap
==14997== 
==14997== Conditional jump or move depends on uninitialised value(s)
==14997==at 0x6DF4EA7: dissect_ieee80211_common (packet-ieee80211.c:20413)
==14997==by 0x6DE38D1: dissect_ieee80211 (packet-ieee80211.c:21931)
==14997==by 0x7DC0E67: call_dissector_through_handle (packet.c:694)
==14997==by 0x7DBCCE9: call_dissector_work (packet.c:779)
==14997==by 0x7DBCAF7: dissector_try_uint_new (packet.c:1361)
==14997==by 0x6C9CDF3: dissect_gre (packet-gre.c:501)
==14997==by 0x7DC0E67: call_dissector_through_handle (packet.c:694)
==14997==by 0x7DBCCE9: call_dissector_work (packet.c:779)
==14997==by 0x7DBCAF7: dissector_try_uint_new (packet.c:1361)
==14997==by 0x6E35645: ip_try_dissect (packet-ip.c:1831)
==14997==by 0x6E38435: dissect_ip_v4 (packet-ip.c:2287)
==14997==by 0x7DC0E67: call_dissector_through_handle (packet.c:694)
==14997== 
==14997== 
==14997== HEAP SUMMARY:
==14997== in use at exit: 107,795 bytes in 150 blocks
==14997==   total heap usage: 327,661 allocs, 327,511 frees, 38,330,551 bytes
allocated
==14997== 
==14997== LEAK SUMMARY:
==14997==definitely lost: 72 bytes in 3 blocks
==14997==indirectly lost: 96 bytes in 3 blocks
==14997==  possibly lost: 0 bytes in 0 blocks
==14997==still reachable: 13,032 bytes in 101 blocks
==14997== suppressed: 94,595 bytes in 43 blocks
==14997== Rerun with --leak-check=full to see details of leaked memory
==14997== 
==14997== For counts of detected and suppressed errors, rerun with: -v
==14997== Use --track-origins=yes to see where uninitialised values come from
==14997== ERROR SUMMARY: 3 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #78 from Gerrit Code Review  ---
Change 26559 had a related patch set uploaded by Peter Wu:
[WIP] QUIC: Add packet decryption (draft -09)

https://code.wireshark.org/review/26559

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

Peter Wu  changed:

   What|Removed |Added

  Attachment #16152|0   |1
is obsolete||

--- Comment #77 from Peter Wu  ---
Created attachment 16228
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16228&action=edit
QUIC draft-09 (ngtcp2 client and server) - keys in comment 77

client and server commands as in comment 61, but now with TLS keylogging.

ngtcp2 master: 3a40f82cbc09ea1eeb50083281702342be276d2b
OpenSSL master: OpenSSL_1_1_1-pre2-221-g27df459731
(+ patches to enable logging of exporter secret)

TLS cipher for ngtcp2-09.pcap: AES256-GCM-SHA384

handshake_secret=5fa0b00a93fa35f4c884da1eb44f60cae7600219e1812e0ec2b24cdfc88856eb
client_hs_secret=4dea3288ba0c41aa5b202cca85f2b70619501314bc72122215c798595aeb6e9b
+ client_pp_key=f8567c7ff2b9c1a30aacb164ba7b3619
+ client_pp_iv=9a027c03dac366207f143917
server_hs_secret=2a5dc7ebe5a9e4a1b58d2641a8e4f729224fb1847f7bc8f6aac1f949862e1f53
+ server_pp_key=28c04e7316f89b4b48204708121ab338
+ server_pp_iv=d5f2e6baf384f0249b15194e

client_1rtt_secret=0e77ac42cc8c2a38a46cf5a58f5e76f0aadb2a90965b9a24c8bcbadd8d78a5b71b28dfe584ed820a26795fbc5930
+
client_pp_key=52c95d240ad5d304482833c2488e39e7d189e6cd8554f387b37f2dd7d1578314
+ client_pp_iv=e5a5262e1c4b18de01ca35f5
server_1rtt_secret=196e8c25392c67af4e046a0a8f0addaa682e55a1bcd0cd8f4ebce91d37ce9f309cab7d44ba9489eef605a0dc16ea29c2
+
server_pp_key=2249b63934c532b13efd4650fd62b9e601e5b66fca35ce9d6d331a7c80acaf9f
+ server_pp_iv=3bc401d995d70711ae67fd6c


TLS key log file:

SERVER_HANDSHAKE_TRAFFIC_SECRET
cb9268c8552454a538c659391ecf541a8a5cd4f99dd53a8f076110c75c2162bf
a0508a69f3eeffd7bf6218c36948beebcfdde899b29388f9c18a6c39285d54ae863f5e536d5fdf5d2a9d58dc4a07e1d2
EXPORTER_SECRET
cb9268c8552454a538c659391ecf541a8a5cd4f99dd53a8f076110c75c2162bf
7d7c11760b3ec0e650ad674abab6c79341ec678c0b28855571311d9a37c963dd5d31ea8e018e42ff9af00a26ffe9554b
SERVER_TRAFFIC_SECRET_0
cb9268c8552454a538c659391ecf541a8a5cd4f99dd53a8f076110c75c2162bf
3493ffb1f499511b86321a56866fc84de908bcbd68db8484d33c5051e5f2196491949fa82e735a1cf4ccdf89a29a7a77
CLIENT_HANDSHAKE_TRAFFIC_SECRET
cb9268c8552454a538c659391ecf541a8a5cd4f99dd53a8f076110c75c2162bf
ccd191f0477eeea281188fa67b356a3da103c02f1254dd773d0f12a15905fb6d9c21f481e866dcc60a49fb71db51d3f3
CLIENT_TRAFFIC_SECRET_0
cb9268c8552454a538c659391ecf541a8a5cd4f99dd53a8f076110c75c2162bf
6407d1649639b0dda7427a8231760df1e19ec71a9facda4f47f257b992ab81eb54fa5f28e47932fcd76b7e08fdebb719

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #76 from Gerrit Code Review  ---
Change 26557 had a related patch set uploaded by Peter Wu:
QUIC: ensure Initial Packet decryption at first pass

https://code.wireshark.org/review/26557

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14539] OID name resolution, various problems

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14539

--- Comment #5 from Gerrit Code Review  ---
Change 26555 had a related patch set uploaded by Jaap Keuter:
OID name resolv: Fix MIB/PIB path presentations

https://code.wireshark.org/review/26555

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14539] OID name resolution, various problems

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14539

--- Comment #4 from Jaap Keuter  ---
(In reply to Guy Harris from comment #3)
> (In reply to Jaap Keuter from comment #2)
> > My scope of comment was the MIB/PIB paths. These are absent in this case. Of
> > course other folders are visible.
> 
> I.e., what you meant was:

That is an accurate representation of my observations.

(In reply to Jaap Keuter from comment #2)
> (In reply to Guy Harris from comment #1)
> > (In reply to Jaap Keuter from comment #0)
> > Now, if I run a recent Wireshark build from the master branch, pop up the
> > About dialog, and select Folders, I see the folders in question.  If I then
> > close the dialog and enable OID name resolution, I get an *immediate* crash
> > with:
> > 
> 
> That would be an alternative scenario, which I have to try out as well.

I've tried it (on my Debian platform), but failed to reproduce that behaviour.
I recon it ties into the 'wrong way' libsmi is being used in these scenario's,
something that this bug is meant to address.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12779] Add TLS 1.3 support

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12779

--- Comment #94 from Gerrit Code Review  ---
Change 26554 had a related patch set uploaded by Peter Wu:
TLS13: fix decryption with KeyUpdate after draft -20

https://code.wireshark.org/review/26554

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14543] The information about capture library used (WinPcap/npcap) is confusing.

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14543

--- Comment #7 from Pavel Sindelka  ---
Yes, Pascal has hit the nail's head by pointing me to the zombie .dll problem
https://github.com/nmap/nmap/issues/1060. After uninstalling npcap, removing
the .dlls listed in that "issue" (plus one more left there from npcap's own
collection by npcap's uninstaller), and re-installing npcap again, Wireshark
now shows the correct version and provides the "monitor mode" checkbox in
capture interface list which was not there before.

So the summary is that the bug has already been reported at npcap and has been
marked as TODO there, and that what I've reported initially is just a symptom
of a more serious issue.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14543] The information about capture library used (WinPcap/npcap) is confusing.

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14543

--- Comment #6 from Guy Harris  ---
(In reply to Guy Harris from comment #5)
> From a quick look at the libpcap 1.8.1 source and the Npcap source in the
> GitHub repository, Npcap should always report that it's "Npcap" rather than
> "WinPcap".
> 
> And that comes from pcap_lib_version(), which is part of wpcap.dll, not part
> of packet32.dll, so having the wrong packet32.dll should not cause it to
> report that Npcap is WinPcap.
> 
> So it appears that you're using the *WinPcap* wpcap.dll and the *Npcap*
> packet32.dll.

So check that, by *completely* removing both WinPcap and Npcap (make sure you
do *not* have a wpcap.dll file or a packet32.dll file, regardless of
capitalization of the file name, after that's done), and then installing *only*
Npcap, before filing any libpcap or Npcap bugs.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14543] The information about capture library used (WinPcap/npcap) is confusing.

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14543

--- Comment #5 from Guy Harris  ---
>From a quick look at the libpcap 1.8.1 source and the Npcap source in the
GitHub repository, Npcap should always report that it's "Npcap" rather than
"WinPcap".

And that comes from pcap_lib_version(), which is part of wpcap.dll, not part of
packet32.dll, so having the wrong packet32.dll should not cause it to report
that Npcap is WinPcap.

So it appears that you're using the *WinPcap* wpcap.dll and the *Npcap*
packet32.dll.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14543] The information about capture library used (WinPcap/npcap) is confusing.

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14543

Pascal Quantin  changed:

   What|Removed |Added

 CC||pascal.quan...@gmail.com

--- Comment #4 from Pascal Quantin  ---
See also https://github.com/nmap/nmap/issues/1060

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14543] The information about capture library used (WinPcap/npcap) is confusing.

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14543

--- Comment #3 from Pascal Quantin  ---
This probably shows that you have a remnant of WinPcap installation that,
despite your use of its uninstall, did not remove Packet.dll. With a clean
Npcap installation you should have: "with Npcap version 0.92, based on libpcap
version 1.8.1".
So uninstall WinPcap / Npcap and manually removePacket.dll is it is still
present after that.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14543] The information about capture library used (WinPcap/npcap) is confusing.

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14543

--- Comment #2 from Guy Harris  ---
So please

1) file a bug at the libpcap GitHub issue page:

https://github.com/the-tcpdump-group/libpcap/issues

for this, to track making a long-term fix (any such fix will have to wait for
the next major libpcap release, which should happen in the not-too-distant
future, and for the next Npcap release that picks up that libpcap release);

2) file a bug at the map GitHub issue page:

https://github.com/nmap/nmap/issues/

for this, so that a short-term fix with the current libpcap-1.8.x-based Npcap
release can be tracked.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

Alexis La Goutte  changed:

   What|Removed |Added

 CC||alexis.lagou...@gmail.com

--- Comment #11 from Alexis La Goutte  ---
(In reply to azs from comment #10)
> There is another strange thing with v2.4.5, in the packet details view I get
> a message 
> "Undecoded byte number: 26 (0x0010+10)"
> "Undecoded byte number: 27 (0x0010+11)"
> 
> Do you know why?, appareantly the frame is correct and v1.8.12 does not say
> anything.
> It is the savPDU identifier and length that is correctly decoded.
> 
> Thanks for your help!!

You have enable a dev option for display a "warning" when there is some
undecoded (display) byte...

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14543] The information about capture library used (WinPcap/npcap) is confusing.

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14543

Guy Harris  changed:

   What|Removed |Added

 Resolution|--- |NOTOURBUG
 Status|UNCONFIRMED |RESOLVED

--- Comment #1 from Guy Harris  ---
That information comes from WinPcap/Npcap, so this is probably an Npcap bug or
a libpcap bug (or both).

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14543] New: The information about capture library used (WinPcap/npcap) is confusing.

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14543

Bug ID: 14543
   Summary: The information about capture library used
(WinPcap/npcap) is confusing.
   Product: Wireshark
   Version: 2.4.5
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Minor
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: sinde...@marconi.ttc.cz
  Target Milestone: ---

Build Information:
Version 2.4.5 (v2.4.5-0-g153e867ef1)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.3, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua 5.2.4, with GnuTLS
3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP, with nghttp2 1.14.0,
with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia, with AirPcap,
with
SBC, with SpanDSP.

Running on 64-bit Windows 10, build 16299, withIntel(R) Core(TM)
i5-3210M CPU @ 2.50GHz (with SSE4.2), with 8141 MB of physical memory, with
locale Czech_Czechia.1250, with WinPcap version 4.1.3 (packet.dll version
0.99-r2), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS
3.4.11, with Gcrypt 1.7.6, without AirPcap.

Built using Microsoft Visual C++ 14.0 build 24215

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
The Build information says "with WinPcap version 4.1.3 (packet.dll version
0.99-r2)" where the "WinPcap version 4.1.3" part suggests that version of
WinPcap to be used while the "packet.dll version 0.99-r2" matches the actually
used npcap which has even been installed in its native mode, i.e. not in the
WinPcap-compatible one.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14542] ieee802154: 6top Protocol (6P) draft-10 support

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14542

--- Comment #1 from Gerrit Code Review  ---
Change 26553 had a related patch set uploaded by Yasuyuki Tanaka:
ieee802154: support 6top protocol (6P) draft-10

https://code.wireshark.org/review/26553

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14542] New: ieee802154: 6top Protocol (6P) draft-10 support

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14542

Bug ID: 14542
   Summary: ieee802154: 6top Protocol (6P) draft-10 support
   Product: Wireshark
   Version: Git
  Hardware: All
OS: All
Status: UNCONFIRMED
  Severity: Enhancement
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: yasuyuki.tan...@inria.fr
  Target Milestone: ---

Created attachment 16227
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16227&action=edit
sample 6P packets in draft-10 formats

Build Information:
Wireshark 2.5.2 (v2.5.2rc0-40-g18cd454d)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.10.1, with libpcap, without POSIX capabilities,
with
GLib 2.54.3, with zlib 1.2.11, without SMI, with c-ares 1.14.0, without Lua,
with GnuTLS 3.5.18, with Gcrypt 1.8.2, with MIT Kerberos, without MaxMind DB
resolver, with nghttp2 1.30.0, with LZ4, with Snappy, with libxml2 2.9.4, with
QtMultimedia, without SBC, without SpanDSP, without bcg729.

Running on Mac OS X 10.13.3, build 17D102 (Darwin 17.4.0), with Intel(R)
Core(TM) i5-7267U CPU @ 3.10GHz (with SSE4.2), with 16384 MB of physical
memory,
with locale C/UTF-8/C/C/C/C, with libpcap version 1.8.1 -- Apple version
79.20.1, with GnuTLS 3.5.18, with Gcrypt 1.8.2, with zlib 1.2.11, binary
plugins
supported (0 loaded).

Built using clang 4.2.1 Compatible Apple LLVM 9.0.0 (clang-900.0.39.2).
--
While Wireshark supports 6top protocol, its version is
draft-ietf-6tisch-6top-protocol-07. The latest 6top protocol draft is
draft-ietf-6tisch-6top-protocol-10 and there are changes in its packet
definitions between draft-07 and draft-10.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14539] OID name resolution, various problems

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14539

--- Comment #3 from Guy Harris  ---
(In reply to Jaap Keuter from comment #2)
> My scope of comment was the MIB/PIB paths. These are absent in this case. Of
> course other folders are visible.

I.e., what you meant was:

With OID name resolution off (unchecked)
Qt: About Wireshark|Folders shows no MIB/PIB folders (ok)
GTK: About Wireshark|Folders shows no MIB/PIB folders (ok)
Tshark: -G folders shows no MIB/PIB folders (ok)

With OID name resolution on (checked)
Qt: About Wireshark|Folders shows user MIB/PIB folders twice (bug)
GTK: About Wireshark|Folders shows user MIB/PIB folders twice, all user paths
are concatenated (bug)
Tshark: -G folders shows no MIB/PIB folders (bug)

With OID name resolution off (unchecked), toggled to on (checked), without
restart
Qt: About Wireshark|Folder causes crash (bug)
GTK: About Wireshark|Folder causes crash (bug)
Tshark: N/A

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14539] OID name resolution, various problems

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14539

--- Comment #2 from Jaap Keuter  ---
(In reply to Guy Harris from comment #1)
> (In reply to Jaap Keuter from comment #0)
> > With OID name resolution off (unchecked)
> > Qt: About Wireshark|Folders shows no folders (ok)
> > GTK: About Wireshark|Folders shows no folders (ok)
> > Tshark: -G folders shows no folders (ok)
> 
> None of those seem OK to me - there are a lot of folders that have nothing
> to do with OID name resolution, and those should be shown.
> 

My scope of comment was the MIB/PIB paths. These are absent in this case. Of
course other folders are visible.

> Now, if I run a recent Wireshark build from the master branch, pop up the
> About dialog, and select Folders, I see the folders in question.  If I then
> close the dialog and enable OID name resolution, I get an *immediate* crash
> with:
> 

That would be an alternative scenario, which I have to try out as well.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

--- Comment #10 from a...@arteche.es ---
There is another strange thing with v2.4.5, in the packet details view I get a
message 
"Undecoded byte number: 26 (0x0010+10)"
"Undecoded byte number: 27 (0x0010+11)"

Do you know why?, appareantly the frame is correct and v1.8.12 does not say
anything.
It is the savPDU identifier and length that is correctly decoded.

Thanks for your help!!

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

Pascal Quantin  changed:

   What|Removed |Added

 Status|INCOMPLETE  |RESOLVED
 Resolution|--- |NOTABUG

--- Comment #9 from Pascal Quantin  ---
Thanks for confirming that it solves the issue.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

--- Comment #8 from a...@arteche.es ---
Yes, sorry and thanks for your help, it was just that

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

--- Comment #7 from a...@arteche.es ---
I attach 3 files, a pcap file with sample value frames and 2 screenshoots one
decoding the file with v1.8.12 (where those fields where properly decoded) and
another one with v2.4.5.
As you can see v2.4.5 understands the seqdata field but the values inside are
not identified. Those fields are 32bits for value followed by 32 bits of
quality. In the pcap file there are 8 pairs (value/quality). The number of
pairs (value/quality) is not fixed but it can be obtained dividing the length
of seqData by 8.
I also attach an image of the standard iec61850-9-2 that explains the frame.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

--- Comment #6 from a...@arteche.es ---
Created attachment 16226
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16226&action=edit
IEC61850-9-2

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

--- Comment #5 from Pascal Quantin  ---
So if you go to Edit -> Preferences -> Protocols -> SV and if you check the
"Force decoding of seqData as PhsMeas", do you get what you expect?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

--- Comment #4 from a...@arteche.es ---
Created attachment 16225
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16225&action=edit
pcap_sv

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

--- Comment #3 from a...@arteche.es ---
Created attachment 16224
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16224&action=edit
wirechark2.4.5

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

--- Comment #2 from a...@arteche.es ---
Created attachment 16223
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16223&action=edit
wireshark1.8.12

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

Pascal Quantin  changed:

   What|Removed |Added

 CC||pascal.quan...@gmail.com
 Status|UNCONFIRMED |INCOMPLETE
 Ever confirmed|0   |1

--- Comment #1 from Pascal Quantin  ---
Hi,

please provide a pcap file using those filters, and explain how it was decoded
before, how it is today, and why it is wrong.

Thanks for your help,
Pascal.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14541] New: sv.meas_value and sv.meas_quality in Sample Values dissector

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14541

Bug ID: 14541
   Summary: sv.meas_value and sv.meas_quality in Sample Values
dissector
   Product: Wireshark
   Version: 2.4.5
  Hardware: x86
OS: Windows 7
Status: UNCONFIRMED
  Severity: Normal
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: a...@arteche.es
  Target Milestone: ---

Build Information:
Version 2.4.5 (v2.4.5-0-g153e867ef1)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.3, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua 5.2.4, with GnuTLS
3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP, with nghttp2 1.14.0,
with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia, with AirPcap,
with
SBC, with SpanDSP.

Running on 64-bit Windows 7 Service Pack 1, build 7601, withIntel(R)
Core(TM) i7-3667U CPU @ 2.00GHz (with SSE4.2), with 12166 MB of physical
memory,
with locale Spanish_Spain.1252, with WinPcap version 4.1.3 (packet.dll version
4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with
GnuTLS 3.4.11, with Gcrypt 1.7.6, without AirPcap.

Built using Microsoft Visual C++ 14.0 build 24215

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
The dissector for  IEC61850 Sampled Values protocol does not work correctly
with fields sv.meas_value and sv.meas_quality.
It used to work in version 1.8.12, but when changed to 2.4.5 the field does not
work. There are new others (and useful) fields that work correctly but those
stopped working.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14540] New: Buildbot crash output: fuzz-2018-03-18-19989.pcap

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14540

Bug ID: 14540
   Summary: Buildbot crash output: fuzz-2018-03-18-19989.pcap
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
OS: Ubuntu
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: buildbot-do-not-re...@wireshark.org
  Target Milestone: ---

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2018-03-18-19989.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/2331-ArubaMTU.pcap

Build host information:
Linux wsbb04 4.4.0-116-generic #140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description:Ubuntu 16.04.4 LTS
Release:16.04
Codename:   xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=4681
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=56425fce7c16abb4138daf2e82ca5158d187fb4c

Return value:  0

Dissector bug:  0

Valgrind error count:  3



Git commit
commit 56425fce7c16abb4138daf2e82ca5158d187fb4c
Author: Peter Wu 
Date:   Fri Mar 16 21:04:34 2018 +0100

Qt: allow keyboard navigation in Unsaved packets dialog

Currently the "Continue without Saving" button is visually highlighted
in the "Unsaved packets..." dialog, but pressing Enter triggers "Save"
instead. Even after changing button focus with arrow or tab keys,
pressing Enter will not confirm the action (but Spacebar does).
Restore the expected behavior for Linux and Windows, but preserve the
fix for macOS since (for which this was originally added).

Bug: 14531
Change-Id: Ic20fc5809b55949f6fd960bcb32618a4fa7fd1e9
Fixes: v2.3.0rc0-2672-gb0335359e5 ("Qt: Give discard button focus (but not
as default)")
Reviewed-on: https://code.wireshark.org/review/26511
Petri-Dish: Peter Wu 
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke 
Reviewed-by: Alexis La Goutte 


==32032== Memcheck, a memory error detector
==32032== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==32032== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==32032== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-Vx -nr
/fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2018-03-18-19989.pcap
==32032== 
==32032== Conditional jump or move depends on uninitialised value(s)
==32032==at 0x6DF3937: dissect_ieee80211_common (packet-ieee80211.c:20413)
==32032==by 0x6DE2361: dissect_ieee80211 (packet-ieee80211.c:21931)
==32032==by 0x7DBF937: call_dissector_through_handle (packet.c:694)
==32032==by 0x7DBB7B9: call_dissector_work (packet.c:779)
==32032==by 0x7DBB5C7: dissector_try_uint_new (packet.c:1361)
==32032==by 0x6C9B883: dissect_gre (packet-gre.c:501)
==32032==by 0x7DBF937: call_dissector_through_handle (packet.c:694)
==32032==by 0x7DBB7B9: call_dissector_work (packet.c:779)
==32032==by 0x7DBB5C7: dissector_try_uint_new (packet.c:1361)
==32032==by 0x6E340D5: ip_try_dissect (packet-ip.c:1831)
==32032==by 0x6E36EC5: dissect_ip_v4 (packet-ip.c:2287)
==32032==by 0x7DBF937: call_dissector_through_handle (packet.c:694)
==32032== 
==32032== 
==32032== HEAP SUMMARY:
==32032== in use at exit: 107,538 bytes in 149 blocks
==32032==   total heap usage: 328,780 allocs, 328,631 frees, 38,409,122 bytes
allocated
==32032== 
==32032== LEAK SUMMARY:
==32032==definitely lost: 72 bytes in 3 blocks
==32032==indirectly lost: 96 bytes in 3 blocks
==32032==  possibly lost: 0 bytes in 0 blocks
==32032==still reachable: 12,775 bytes in 100 blocks
==32032== suppressed: 94,595 bytes in 43 blocks
==32032== Rerun with --leak-check=full to see details of leaked memory
==32032== 
==32032== For counts of detected and suppressed errors, rerun with: -v
==32032== Use --track-origins=yes to see where uninitialised values come from
==32032== ERROR SUMMARY: 3 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14538] WCCP logical error in CHECK_LENGTH_ADVANCE_OFFSET macros

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14538

Alexis La Goutte  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |INCOMPLETE
 CC||alexis.lagou...@gmail.com

--- Comment #4 from Alexis La Goutte  ---
Hi,

Can you push your patch directly on Gerrit ? http://code.wireshark.org/review/

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14539] OID name resolution, various problems

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14539

--- Comment #1 from Guy Harris  ---
(In reply to Jaap Keuter from comment #0)
> With OID name resolution off (unchecked)
> Qt: About Wireshark|Folders shows no folders (ok)
> GTK: About Wireshark|Folders shows no folders (ok)
> Tshark: -G folders shows no folders (ok)

None of those seem OK to me - there are a lot of folders that have nothing to
do with OID name resolution, and those should be shown.

Now, if I run a recent Wireshark build from the master branch, pop up the About
dialog, and select Folders, I see the folders in question.  If I then close the
dialog and enable OID name resolution, I get an *immediate* crash with:

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   org.qt-project.QtCore   0x00010d83fcb4
QSortFilterProxyModel::parent(QModelIndex const&) const + 84
1   org.qt-project.QtCore   0x00010d834455
QIdentityProxyModel::parent(QModelIndex const&) const + 53
2   org.qt-project.QtCore   0x00010d816dc3
QPersistentModelIndex::parent() const + 35
3   org.qt-project.QtCore   0x00010d82a769
qt_PersistentModelIndexLessThan(QPersistentModelIndex const&,
QPersistentModelIndex const&) + 41
4   org.qt-project.QtCore   0x00010d8319bb void
std::__1::__stable_sort_move(QPersistentModelIndex*,
QPersistentModelIndex*, bool (*&)(QPersistentModelIndex const&,
QPersistentModelIndex const&),
std::__1::iterator_traits::difference_type,
std::__1::iterator_traits::value_type*) + 59
5   org.qt-project.QtCore   0x00010d831810 void
std::__1::__stable_sort(QPersistentModelIndex*,
QPersistentModelIndex*, bool (*&)(QPersistentModelIndex const&,
QPersistentModelIndex const&),
std::__1::iterator_traits::difference_type,
std::__1::iterator_traits::value_type*, long) + 480
6   org.qt-project.QtCore   0x00010d82a4cd
QItemSelectionModelPrivate::_q_layoutChanged(QList
const&, QAbstractItemModel::LayoutChangeHint) + 1853
7   org.qt-project.QtCore   0x00010d82eb40
QItemSelectionModel::qt_static_metacall(QObject*, QMetaObject::Call, int,
void**) + 1888
8   org.qt-project.QtCore   0x00010d899b82
QMetaObject::activate(QObject*, int, int, void**) + 2994
9   org.qt-project.QtCore   0x00010d91a263
QAbstractItemModel::layoutChanged(QList const&,
QAbstractItemModel::LayoutChangeHint) + 67
10  org.qt-project.QtCore   0x00010d83590c
QIdentityProxyModelPrivate::_q_sourceLayoutChanged(QList
const&, QAbstractItemModel::LayoutChangeHint) + 1036
11  org.qt-project.QtCore   0x00010d835ede
QIdentityProxyModel::qt_static_metacall(QObject*, QMetaObject::Call, int,
void**) + 878
12  org.qt-project.QtCore   0x00010d899b82
QMetaObject::activate(QObject*, int, int, void**) + 2994
13  org.qt-project.QtCore   0x00010d91a263
QAbstractItemModel::layoutChanged(QList const&,
QAbstractItemModel::LayoutChangeHint) + 67
14  org.qt-project.QtCore   0x00010d84175b
QSortFilterProxyModel::invalidate() + 187
15  org.wireshark.Wireshark 0x0001063cac18
InterfaceSortFilterModel::resetPreferenceData() + 440 (qstring.h:1053)
16  org.qt-project.QtCore   0x00010d899b82
QMetaObject::activate(QObject*, int, int, void**) + 2994
17  org.wireshark.Wireshark 0x0001063177b8
WiresharkApplication::flushAppSignals() + 168 (qlist.h:106)
18  org.wireshark.Wireshark 0x0001062239bb
MainWindow::showPreferencesDialog(QString) + 171
19  org.wireshark.Wireshark 0x000106223a87
MainWindow::on_actionEditPreferences_triggered() + 71 (qstring.h:1053)
20  org.wireshark.Wireshark 0x000106431312
MainWindow::qt_metacall(QMetaObject::Call, int, void**) + 82
21  org.qt-project.QtCore   0x00010d899aa9
QMetaObject::activate(QObject*, int, int, void**) + 2777
22  org.qt-project.QtWidgets0x000106a8c7ef
QAction::activate(QAction::ActionEvent) + 271
23  org.qt-project.QtWidgets0x000106a8ccf5
QAction::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) + 565
24  org.qt-project.QtCore   0x00010d899b82
QMetaObject::activate(QObject*, int, int, void**) + 2994
25  org.qt-project.QtCore   0x00010d892753
QObject::event(QEvent*) + 755
26  org.qt-project.QtWidgets0x000106a956fb
QApplicationPrivate::notify_helper(QObject*, QEvent*) + 251
27  org.qt-project.QtWidgets0x000106a98ade
QApplication::notify(QObject*, QEvent*) + 8318
28  org.qt-project.QtCore   0x00010d869e8b
QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) + 971
29  libqcocoa.dylib 0x00010e31408e
QCocoaEventDispatcherPrivate::processPostedEvents() + 190
30  libqcocoa.dylib 0x00010e314911
QCocoaEventDispatcherPrivate::postedEventsSourceCallback(void*)

[Wireshark-bugs] [Bug 14539] New: OID name resolution, various problems

2018-03-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14539

Bug ID: 14539
   Summary: OID name resolution, various problems
   Product: Wireshark
   Version: unspecified
  Hardware: x86
OS: Debian
Status: IN_PROGRESS
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: jaap.keu...@xs4all.nl
  Target Milestone: ---

Build Information:
Wireshark 2.5.2 (v2.5.2rc0-33-gaeca321f)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.9.2, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.54.3, with zlib 1.2.8, with SMI 0.4.8, with c-ares
1.14.0, with Lua 5.2.4, with GnuTLS 3.5.18, with Gcrypt 1.8.1, with MIT
Kerberos, without MaxMind DB resolver, without nghttp2, without LZ4, without
Snappy, without libxml2, with QtMultimedia, without SBC, with SpanDSP, with
bcg729.

Running on Linux 4.14.0-3-amd64, with Intel(R) Core(TM)2 Duo CPU E6850  @
3.00GHz, with 3948 MB of physical memory, with locale en_US.UTF-8, with libpcap
version 1.8.1, with GnuTLS 3.5.18, with Gcrypt 1.8.1, with zlib 1.2.8, binary
plugins supported (0 loaded).

Built using gcc 7.2.0.
--
The features around OID name resolution have various problems, from finding
information to crashes. These problems have been observed (in various ways) in
the various (recent) versions of Wireshark and Tshark.

With OID name resolution off (unchecked)
Qt: About Wireshark|Folders shows no folders (ok)
GTK: About Wireshark|Folders shows no folders (ok)
Tshark: -G folders shows no folders (ok)

With OID name resolution on (checked)
Qt: About Wireshark|Folders shows user folders twice (bug)
GTK: About Wireshark|Folders shows user folders twice, all user paths are
concatenated (bug)
Tshark: -G folders shows no folders (bug)

With OID name resolution off (unchecked), toggled to on (checked), without
restart
Qt: About Wireshark|Folder causes crash (bug)
GTK: About Wireshark|Folder causes crash (bug)
Tshark: N/A

Expected result would be to show the folders list (without duplicates) when OID
name resolution enabled.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

45 matches

Mail list logo