[Wireshark-bugs] [Bug 14995] New Feature: Export Objects should support FTP

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14995

--- Comment #1 from Moshe Kaplan  ---
Some other protocols that should be added to export objects:
* IRC-DCC
* SSL (for certs)
* POP3
* IMAP
* HTTP2

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14998] New: New Feature: Support integration commands

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14998

Bug ID: 14998
   Summary: New Feature: Support integration commands
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Enhancement
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: m...@moshekaplan.com
  Target Milestone: ---

Build Information:
Wireshark 2.9.0 (2cfa3013)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.9.1, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.54.1, with zlib 1.2.11, with SMI 0.4.8, with c-ares
1.13.0, with Lua 5.2.4, with GnuTLS 3.5.8, with Gcrypt 1.7.8, with MIT
Kerberos,
without MaxMind DB resolver, with nghttp2 1.25.0, with LZ4, with Snappy, with
libxml2 2.9.4, with QtMultimedia, with SBC, with SpanDSP, without bcg729.

Running on Linux 4.13.0-37-generic, withIntel(R) Core(TM) i5-2500K CPU
@
3.30GHz (with SSE4.2), with 3001 MB of physical memory, with locale
en_US.UTF-8,
with libpcap version 1.8.1, with GnuTLS 3.5.8, with Gcrypt 1.7.8, with zlib
1.2.11, binary plugins supported (0 loaded).

Built using gcc 7.2.0.
--
Wireshark should support integration commands, that when a field is
right-clicked, it can do things like "run a program" or "open a URL" with the
selected field substituted in as a parameter.

Ideally, the list of integration commands would be generated dynamically,
allowing a user to create/distribute their own commands, independent of
Wireshark's source code.

Note that this would be similar to ArcSight's integration commands feature.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14995] New Feature: Export Objects should support FTP

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14995

Moshe Kaplan  changed:

   What|Removed |Added

Summary|Export Objects should   |New Feature: Export Objects
   |support FTP |should support FTP
   Severity|Major   |Enhancement

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14997] New: Buildbot crash output: fuzz-2018-07-19-24218.pcap

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14997

Bug ID: 14997
   Summary: Buildbot crash output: fuzz-2018-07-19-24218.pcap
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
OS: Ubuntu
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: buildbot-do-not-re...@wireshark.org
  Target Milestone: ---

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2018-07-19-24218.pcap

stderr:
Input file:
/home/wireshark/menagerie/menagerie/16494-clusterfuzz-testcase-minimized-fuzzshark_ip-5721574211584000.pcap

Build host information:
Linux wsbb04 4.4.0-130-generic #156-Ubuntu SMP Thu Jun 14 08:53:28 UTC 2018
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description:Ubuntu 16.04.4 LTS
Release:16.04
Codename:   xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=4832
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=381ea0973f09669eb70506ec9fa9cc14bf69db0d

Return value:  0

Dissector bug:  0

Valgrind error count:  0



Git commit
commit 381ea0973f09669eb70506ec9fa9cc14bf69db0d
Author: Moshe Kaplan 
Date:   Wed Jul 18 22:17:45 2018 -0400

WSUG: Update the Statistics chapter to match current Qt UI

Hide the Compare option, reorder the chapters to match the current Qt
order and move the Wireless menu to a new chapter.

Change-Id: I7f0eeb45f4894f66a9c91d62d7d43db775f469e5
Reviewed-on: https://code.wireshark.org/review/28761
Reviewed-by: Gerald Combs 


Command and args:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.asan/bin/tshark
 -nVxr
**
ERROR:../epan/packet.c:3089:call_dissector_only: assertion failed: (handle !=
NULL)

[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14996] New: New Feature: Support listing/exporting plaintext credentials

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14996

Bug ID: 14996
   Summary: New Feature: Support listing/exporting plaintext
credentials
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Enhancement
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: m...@moshekaplan.com
  Target Milestone: ---

Build Information:
Wireshark 2.9.0 (2cfa3013)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.9.1, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.54.1, with zlib 1.2.11, with SMI 0.4.8, with c-ares
1.13.0, with Lua 5.2.4, with GnuTLS 3.5.8, with Gcrypt 1.7.8, with MIT
Kerberos,
without MaxMind DB resolver, with nghttp2 1.25.0, with LZ4, with Snappy, with
libxml2 2.9.4, with QtMultimedia, with SBC, with SpanDSP, without bcg729.

Running on Linux 4.13.0-37-generic, withIntel(R) Core(TM) i5-2500K CPU
@
3.30GHz (with SSE4.2), with 3001 MB of physical memory, with locale
en_US.UTF-8,
with libpcap version 1.8.1, with GnuTLS 3.5.8, with Gcrypt 1.7.8, with zlib
1.2.11, binary plugins supported (0 loaded).

Built using gcc 7.2.0.
--
Wireshark should support displaying and exporting credentials transferred over
insecure protocols, including:

* ftp
* http (HTTP auth)
* pop3
* imap
* smtp

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14995] Export Objects should support FTP

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14995

Moshe Kaplan  changed:

   What|Removed |Added

Version|unspecified |Git

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14995] New: Export Objects should support FTP

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14995

Bug ID: 14995
   Summary: Export Objects should support FTP
   Product: Wireshark
   Version: unspecified
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: m...@moshekaplan.com
  Target Milestone: ---

Build Information:
Wireshark 2.9.0 (2cfa3013)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.9.1, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.54.1, with zlib 1.2.11, with SMI 0.4.8, with c-ares
1.13.0, with Lua 5.2.4, with GnuTLS 3.5.8, with Gcrypt 1.7.8, with MIT
Kerberos,
without MaxMind DB resolver, with nghttp2 1.25.0, with LZ4, with Snappy, with
libxml2 2.9.4, with QtMultimedia, with SBC, with SpanDSP, without bcg729.

Running on Linux 4.13.0-37-generic, withIntel(R) Core(TM) i5-2500K CPU
@
3.30GHz (with SSE4.2), with 3001 MB of physical memory, with locale
en_US.UTF-8,
with libpcap version 1.8.1, with GnuTLS 3.5.8, with Gcrypt 1.7.8, with zlib
1.2.11, binary plugins supported (0 loaded).

Built using gcc 7.2.0.
--
"Export Objects" does not support exporting files transferred over FTP. This
would be a useful feature to have.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14987] Incorrect presentation of dissected data item (NETMASK) in ISAKMP dissector

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14987

--- Comment #6 from Gerrit Code Review  ---
Change 28771 had a related patch set uploaded by Alexis La Goutte:
ISAKMP: Incorrect presentation of NETMASK for INTERNAL_IP4_SUBNET Config
Attribute

https://code.wireshark.org/review/28771

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14987] Incorrect presentation of dissected data item (NETMASK) in ISAKMP dissector

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14987

--- Comment #5 from Gerrit Code Review  ---
Change 28770 had a related patch set uploaded by Alexis La Goutte:
ISAKMP: Incorrect presentation of NETMASK for INTERNAL_IP4_SUBNET Config
Attribute

https://code.wireshark.org/review/28770

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14987] Incorrect presentation of dissected data item (NETMASK) in ISAKMP dissector

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14987

--- Comment #4 from Gerrit Code Review  ---
Change 28747 merged by Anders Broman:
ISAKMP: Incorrect presentation of NETMASK for INTERNAL_IP4_SUBNET Config
Attribute

https://code.wireshark.org/review/28747

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14408] [oss-fuzz] dmp long dissector loop (dissect_dmp_security_category)

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408

Carlo B.  changed:

   What|Removed |Added

 CC||castro8583benn...@gmx.com

--- Comment #13 from Carlo B.  ---
(In reply to Gerrit Code Review from comment #12)
> Change 26042 merged by Stig Bjørlykke:
> dmp: Allow multiple SecurityCategories again
> 
> https://code.wireshark.org/review/26042

Does this changes keep occurring? But it is already marked as Fixed. How is
that? Thanks

Carlo B.
https://alternatives.co/

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14990] PTP: Incorrectly interprets UDP packets as 802.1as

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14990

--- Comment #2 from Gerrit Code Review  ---
Change 28762 merged by Alexis La Goutte:
PTP: Don't interpret UDP packets as 802.1as

https://code.wireshark.org/review/28762

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14994] New: Buildbot crash output: fuzz-2018-07-19-10297.pcap

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14994

Bug ID: 14994
   Summary: Buildbot crash output: fuzz-2018-07-19-10297.pcap
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
OS: Ubuntu
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: buildbot-do-not-re...@wireshark.org
  Target Milestone: ---

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2018-07-19-10297.pcap

stderr:
Input file:
/home/wireshark/menagerie/menagerie/16494-clusterfuzz-testcase-minimized-fuzzshark_ip-5721574211584000.pcap

Build host information:
Linux wsbb04 4.4.0-130-generic #156-Ubuntu SMP Thu Jun 14 08:53:28 UTC 2018
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description:Ubuntu 16.04.4 LTS
Release:16.04
Codename:   xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=4830
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=065a76257935e0699b6cf4aa2352d2f7de914a87

Return value:  0

Dissector bug:  0

Valgrind error count:  0



Git commit
commit 065a76257935e0699b6cf4aa2352d2f7de914a87
Author: Guy Harris 
Date:   Thu Jul 19 02:27:02 2018 -0700

Extcap programs must write to the packet pipe in binary mode.

It doesn't matter on UN*X, but it definitely matters on Windows; we're
writing a pcap file, not a text file, so every byte we write should go
down the pipe as is.

Bug: 14989
Change-Id: I26c067b8ff5dba644a579846dd97b568a81c7053
Reviewed-on: https://code.wireshark.org/review/28764
Reviewed-by: Guy Harris 


Command and args:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.asan/bin/tshark
 -nVxr
**
ERROR:../epan/packet.c:3089:call_dissector_only: assertion failed: (handle !=
NULL)

[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14992] Unreadable ADF attributes

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14992

jewgenij.bytsch...@t-systems.com changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|UNCONFIRMED |RESOLVED

--- Comment #2 from jewgenij.bytsch...@t-systems.com ---
The issue is solved. I had to uncomment "X-Ascend-Data-Filter" in
dictionary.ascend. After I did this, ADF (attr 242) are readable again in
Wireshark. It was successfully tested with Wireshark 2.6.2.

So the issue is really fixed. The ticket can be closed. Thanks!

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13523] "Export Objects - IMF" produces incorrect file, TCP reassembly fails with retransmissions that have additional data

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13523

--- Comment #4 from Peter Wu  ---
Had another careful look, the retransmission behavior is this "weird" due to
SACK. At first the client sends large TCP segments (5760 bytes). The server
recognizes that some segments are lost and informs the client with a SACK. The
client then starts retransmitting the lost segments, but it does not literally
line up with previous sequence numbers.

Here is the interpretation from a tool I wrote, the first column is the packet
number. For Retransmissions, something like "21:(46004,47444:1440)" means that
an overlap was found with original packet number 21 at seq 46004, nextseq
47444, len 1440.

  1 seq=0 nextseq=6 len=6OK
  3 seq=6 nextseq=355   len=349  OK
  4 seq=355   nextseq=4450  len=4095 OK
  5 seq=4450  nextseq=7348  len=2898 OK
  6 seq=7348  nextseq=11444 len=4096 OK
  7 seq=11444 nextseq=14324 len=2880 OK
  9 seq=14324 nextseq=17204 len=2880 OK
 11 seq=17204 nextseq=22964 len=5760 OK
 13 seq=22964 nextseq=28724 len=5760 OK
 15 seq=28724 nextseq=34484 len=5760 OK
 17 seq=34484 nextseq=40244 len=5760 OK
 19 seq=40244 nextseq=46004 len=5760 OK
 21 seq=46004 nextseq=51764 len=5760 OK
 23 seq=51764 nextseq=57524 len=5760 OK
 25 seq=57524 nextseq=63284 len=5760 OK
 27 seq=63284 nextseq=69044 len=5760 OK
 29 seq=69044 nextseq=74804 len=5760 OK
 31 seq=74804 nextseq=80564 len=5760 OK
 33 seq=80564 nextseq=86324 len=5760 OK
 35 seq=86324 nextseq=92084 len=5760 OK
 37 seq=92084 nextseq=97844 len=5760 OK
 39 seq=97844 nextseq=103604 len=5760 OK
 41 seq=103604 nextseq=105044 len=1440 OK
 42 seq=105044 nextseq=106484 len=1440 OK
 44 seq=106484 nextseq=107924 len=1440 OK
 46 seq=46004 nextseq=47444 len=1440 Retransmission | 21:(46004,47444:1440)
 56 seq=47444 nextseq=48884 len=1440 Retransmission | 21:(47444,48884:1440)
 57 seq=53204 nextseq=54644 len=1440 Retransmission | 23:(53204,54644:1440)
 58 seq=58964 nextseq=58992 len=28   Retransmission | 25:(58964,58992:28)
 60 seq=58992 nextseq=60404 len=1412 Retransmission | 25:(58992,60404:1412)
 61 seq=64724 nextseq=64752 len=28   Retransmission | 27:(64724,64752:28)
 63 seq=64752 nextseq=66192 len=1440 Retransmission | 27:(64752,66192:1440)
 64 seq=66192 nextseq=67632 len=1440 Retransmission | 27:(66192,67632:1440)
 65 seq=67632 nextseq=69072 len=1440 Retransmission | 27:(67632,69044:1412),
29:(69044,69072:28)
 67 seq=69072 nextseq=70512 len=1440 Retransmission | 29:(69072,70512:1440)
 69 seq=70512 nextseq=71952 len=1440 Retransmission | 29:(70512,71952:1440)
 70 seq=71952 nextseq=73364 len=1412 Retransmission | 29:(71952,73364:1412)
 71 seq=76244 nextseq=76272 len=28   Retransmission | 31:(76244,76272:28)
 73 seq=76272 nextseq=77712 len=1440 Retransmission | 31:(76272,77712:1440)
 75 seq=77712 nextseq=79124 len=1412 Retransmission | 31:(77712,79124:1412)
 76 seq=82004 nextseq=82032 len=28   Retransmission | 33:(82004,82032:28)
 78 seq=82032 nextseq=83444 len=1412 Retransmission | 33:(82032,83444:1412)
 80 seq=107924 nextseq=109364 len=1440 OK
108 seq=107924 nextseq=109364 len=1440 Retransmission | 80:(107924,109364:1440)
110 seq=47444 nextseq=48884 len=1440 Retransmission | 21:(47444,48884:1440)

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14921] SetSecurityDescriptorDacl

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14921

Jaap Keuter  changed:

   What|Removed |Added

  Component|Extras  |Common utilities
   ||(libwsutil)

--- Comment #2 from Jaap Keuter  ---
(In reply to Dhiraj from comment #1)
> Any update on this ?

Seem not to be the case. If you have a patch, please feel free to push to
Gerrit (https://wiki.wireshark.org/Development/SubmittingPatches)

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14992] Unreadable ADF attributes

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14992

--- Comment #1 from Jaap Keuter  ---
(In reply to Jewgenij.Bytschkow from comment #0)

> It's unclear why the issue once successfully fixed appears again in the new
> Wireshark releases. Please see my related old tickets regarding ADF attrs
> and please fix the bug.

Do you happen to have the numbers of these tickets?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14991] make rpm-package failure

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14991

Mehul  changed:

   What|Removed |Added

   Priority|Low |High

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14993] [oss-fuzz] UBSAN: member access within null pointer of type 'zbee_nwk_green_power_packet' in packet-zbee-nwk-gp.c:1139:48

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14993

--- Comment #1 from Peter Wu  ---
Created attachment 16506
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16506=edit
Packet capture file

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14993] New: [oss-fuzz] UBSAN: member access within null pointer of type 'zbee_nwk_green_power_packet' in packet-zbee-nwk-gp.c:1139:48

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14993

Bug ID: 14993
   Summary: [oss-fuzz] UBSAN: member access within null pointer of
type 'zbee_nwk_green_power_packet' in
packet-zbee-nwk-gp.c:1139:48
   Product: Wireshark
   Version: Git
  Hardware: x86-64
   URL: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=
9478
OS: Linux
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: pe...@lekensteyn.nl
  Target Milestone: ---

Build Information:
TShark (Wireshark) 2.9.0 (v2.9.0rc0-1240-g268883d1)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.56.0, with zlib 1.2.11, without SMI, with c-ares 1.14.0, with Lua
5.2.4, with GnuTLS 3.5.18, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind
DB
resolver, with nghttp2 1.32.0, with LZ4, with Snappy, with libxml2 2.9.8.

Running on Linux 4.17.2-1-ARCH, with Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
(with SSE4.2), with 31988 MB of physical memory, with locale C, with libpcap
version 1.8.1, with GnuTLS 3.5.18, with Gcrypt 1.8.3, with zlib 1.2.11, binary
plugins supported (13 loaded).

Built using clang 4.2.1 Compatible Clang 6.0.0 (tags/RELEASE_600/final).
--
A problem was found by the oss-fuzz project:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9478

Attached is the sample that triggers this error which can be reproduced with an
ASAN+UBSAN build of Wireshark:
tshark -Vxr
clusterfuzz-testcase-minimized-fuzzshark_ip_proto-udp-5116583054671872.pcap
--
epan/dissectors/packet-zbee-nwk-gp.c:1139:48: runtime error: member access
within null pointer of type 'zbee_nwk_green_power_packet'
#0 0x7f6b24f5272e in dissect_zbee_nwk_gp_cmd_commissioning_reply
epan/dissectors/packet-zbee-nwk-gp.c:1139:48
#1 0x7f6b24f4c7f8 in dissect_zbee_nwk_gp_cmd
epan/dissectors/packet-zbee-nwk-gp.c:1681:22
#2 0x7f6b263268db in call_dissector_through_handle epan/packet.c:692:9
#3 0x7f6b26310eb7 in call_dissector_work epan/packet.c:777:9
#4 0x7f6b2631f8c7 in call_dissector_only epan/packet.c:3090:8
#5 0x7f6b24fad2ba in dissect_zbee_zcl_gp_payload
epan/dissectors/packet-zbee-zcl-general.c:13648:9
#6 0x7f6b24f90815 in dissect_zbee_zcl_gp
epan/dissectors/packet-zbee-zcl-general.c:14871:26
#7 0x7f6b263268db in call_dissector_through_handle epan/packet.c:692:9
#8 0x7f6b26310eb7 in call_dissector_work epan/packet.c:777:9
#9 0x7f6b2631f8c7 in call_dissector_only epan/packet.c:3090:8
#10 0x7f6b26308981 in call_dissector_with_data epan/packet.c:3103:8
#11 0x7f6b24f6d5cf in dissect_zbee_zcl
epan/dissectors/packet-zbee-zcl.c:878:13
#12 0x7f6b263268db in call_dissector_through_handle epan/packet.c:692:9
#13 0x7f6b26310eb7 in call_dissector_work epan/packet.c:777:9
#14 0x7f6b2631f8c7 in call_dissector_only epan/packet.c:3090:8
#15 0x7f6b26308981 in call_dissector_with_data epan/packet.c:3103:8
#16 0x7f6b24f38a44 in dissect_zbee_apf
epan/dissectors/packet-zbee-aps.c:1691:9
#17 0x7f6b263268db in call_dissector_through_handle epan/packet.c:692:9
#18 0x7f6b26310eb7 in call_dissector_work epan/packet.c:777:9
#19 0x7f6b2631f8c7 in call_dissector_only epan/packet.c:3090:8
#20 0x7f6b26308981 in call_dissector_with_data epan/packet.c:3103:8
#21 0x7f6b24f38563 in dissect_zbee_aps
epan/dissectors/packet-zbee-aps.c:1070:13
#22 0x7f6b263268db in call_dissector_through_handle epan/packet.c:692:9
#23 0x7f6b26310eb7 in call_dissector_work epan/packet.c:777:9
#24 0x7f6b2631f8c7 in call_dissector_only epan/packet.c:3090:8
#25 0x7f6b26308981 in call_dissector_with_data epan/packet.c:3103:8
#26 0x7f6b24f423e4 in dissect_zbee_nwk_full
epan/dissectors/packet-zbee-nwk.c:738:9
#27 0x7f6b24f3a943 in dissect_zbee_nwk
epan/dissectors/packet-zbee-nwk.c:768:9
#28 0x7f6b24f3c6a3 in dissect_zbee_nwk_heur
epan/dissectors/packet-zbee-nwk.c:413:5
#29 0x7f6b2631d1db in dissector_try_heuristic epan/packet.c:2699:9
#30 0x7f6b234f5e70 in ieee802154_dissect_frame_payload
epan/dissectors/packet-ieee802154.c:2079:21
#31 0x7f6b2350a8c3 in dissect_ieee802154_common
epan/dissectors/packet-ieee802154.c:1422:13
#32 0x7f6b23502f8c in dissect_ieee802154_nofcs
epan/dissectors/packet-ieee802154.c:1239:5
#33 0x7f6b263268db in call_dissector_through_handle epan/packet.c:692:9
#34 0x7f6b26310eb7 in call_dissector_work epan/packet.c:777:9
#35 0x7f6b2631f8c7 in call_dissector_only

[Wireshark-bugs] [Bug 14989] udpdump frame too long error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989

Guy Harris  changed:

   What|Removed |Added

  Component|Common utilities|Extras
   |(libwsutil) |
 Resolution|--- |FIXED
 OS|Windows 7   |Windows
   Hardware|x86 |All
 Status|UNCONFIRMED |RESOLVED

--- Comment #9 from Guy Harris  ---
*Several* extcap programs were opening with "w" rather than "wb" (ciscodump,
dpauxmon, udpdump).  All should be fixed in the next 2.6.x, 2.4.x, and 2.2.x
releases.

This is not an issue on UN*X, but it *is* an issue on Windows.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14989] udpdump frame too long error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989

--- Comment #8 from Gerrit Code Review  ---
Change 28767 merged by Guy Harris:
Extcap programs must write to the packet pipe in binary mode.

https://code.wireshark.org/review/28767

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14989] udpdump frame too long error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989

--- Comment #7 from Gerrit Code Review  ---
Change 28767 had a related patch set uploaded by Guy Harris:
Extcap programs must write to the packet pipe in binary mode.

https://code.wireshark.org/review/28767

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14989] udpdump frame too long error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989

--- Comment #5 from Gerrit Code Review  ---
Change 28766 had a related patch set uploaded by Guy Harris:
Extcap programs must write to the packet pipe in binary mode.

https://code.wireshark.org/review/28766

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14989] udpdump frame too long error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989

--- Comment #6 from Gerrit Code Review  ---
Change 28766 merged by Guy Harris:
Extcap programs must write to the packet pipe in binary mode.

https://code.wireshark.org/review/28766

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14989] udpdump frame too long error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989

--- Comment #4 from Gerrit Code Review  ---
Change 28765 merged by Guy Harris:
Extcap programs must write to the packet pipe in binary mode.

https://code.wireshark.org/review/28765

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14989] udpdump frame too long error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989

--- Comment #3 from Gerrit Code Review  ---
Change 28765 had a related patch set uploaded by Guy Harris:
Extcap programs must write to the packet pipe in binary mode.

https://code.wireshark.org/review/28765

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14992] New: Unreadable ADF attributes

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14992

Bug ID: 14992
   Summary: Unreadable ADF attributes
   Product: Wireshark
   Version: 2.6.2
  Hardware: x86
OS: Windows 7
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: jewgenij.bytsch...@t-systems.com
  Target Milestone: ---

Build Information:
The version 2.6.2 is already uninstalled because it does NOT work as expected.
--
IPv4/IPv6 Ascend Data Filter (ADF attributes in RADIUS Access-Accept) are not
shown in readable form with Wireshark 2.6.2. It is an old bug already fixed
several times for earlier Wireshark releases. However the bug is still active
also in the new Wireshark 2.6.2. The last Wireshark version ADF are shown
normally (readable) with was 2.4.6.

Examples of readable ADF attributes as they are shown in Wireshark 2.4.6
(SHOULD behavior):

AVP: l=26 t=Extended-Attribute-2(242): ipv4 in drop dstip 10.29.4.111/32

AVP: l=26 t=Extended-Attribute-2(242): ipv4 in forward srcip 10.29.4.197/32

AVP: l=50 t=Extended-Attribute-2(242): ipv6 in forward srcip
2010:14:f1:1800::/64

AVP: l=50 t=Extended-Attribute-2(242): ipv6 in drop

It's unclear why the issue once successfully fixed appears again in the new
Wireshark releases. Please see my related old tickets regarding ADF attrs and
please fix the bug.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14989] udpdump frame too long error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989

--- Comment #2 from Gerrit Code Review  ---
Change 28764 merged by Guy Harris:
Extcap programs must write to the packet pipe in binary mode.

https://code.wireshark.org/review/28764

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14989] udpdump frame too long error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989

--- Comment #1 from Gerrit Code Review  ---
Change 28764 had a related patch set uploaded by Guy Harris:
Extcap programs must write to the packet pipe in binary mode.

https://code.wireshark.org/review/28764

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14989] udpdump frame too long error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989

Alexis La Goutte  changed:

   What|Removed |Added

 CC||alexis.lagou...@gmail.com,
   ||lom...@gmail.com,
   ||rkn...@gmail.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14988] Decode NFAPI: CONFIG.request Error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14988

--- Comment #2 from Simon  ---
Hello Alexis,
Yes , you must decode SCTP-port:50001 as "NFAPI" to show the NFAPI-fields

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14988] Decode NFAPI: CONFIG.request Error

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14988

Alexis La Goutte  changed:

   What|Removed |Added

 Status|UNCONFIRMED |INCOMPLETE
 CC||alexis.lagou...@gmail.com
 Ever confirmed|0   |1

--- Comment #1 from Alexis La Goutte  ---
Hi Simon,

Need to make a specific configuration on Decode AS for display FAPI payload?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14991] New: make rpm-package failure

2018-07-19 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14991

Bug ID: 14991
   Summary: make rpm-package failure
   Product: Wireshark
   Version: 2.6.2
  Hardware: x86-64
OS: Red Hat
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Build process
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: mehul.prajap...@mobileinternet.com
  Target Milestone: ---

Build Information:
Steps to reproduce,

# ./autogen.sh
# ./configure
# make rpm-package
--
Hi,

I am getting following error message when generating rpm packages,


RPM build errors:
Directory not found:
/root/Public/wshark/wireshark-2.6.2/packaging/rpm/BUILDROOT/wireshark-2.6.2-1.x86_64/usr/local/share/doc/wireshark/guides
File not found by glob:
/root/Public/wshark/wireshark-2.6.2/packaging/rpm/BUILDROOT/wireshark-2.6.2-1.x86_64/usr/local/lib64/wireshark/plugins/2.6/*.la


Thanks,
Mehul

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe