[Wireshark-bugs] [Bug 16546] Problem with ending Tshark process
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16546 --- Comment #2 from Alex --- Hello! Details did not check the old release. Most likely there is the same problem. This happens both during capture and during reading of the pcap file. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 15219] UNISTIM dissector - Display Data Write - incorrect address data size for Line / Soft Label Key
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15219 David Perry changed: What|Removed |Added Assignee|bugzilla-ad...@wireshark.or |boolean...@gmail.com |g | Status|UNCONFIRMED |IN_PROGRESS Ever confirmed|0 |1 CC||boolean...@gmail.com --- Comment #4 from David Perry --- I believe that change 37190 will fix this, but my testing data is limited to the pcap attached by submitter, and the second pcap attached to the UNISTIM protocol wiki page[1] (unistim-call.pcap). I'm not super familiar with UNISTIM, I just saw a lot of repeated code and attempted to rationalize it. There was some inconsistency between arms of the case statement, but to me they looked unintentional. I welcome review by submitter and by anyone else familiar with UNISTIM. [1][https://wiki.wireshark.org/UNISTIM] -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 15219] UNISTIM dissector - Display Data Write - incorrect address data size for Line / Soft Label Key
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15219 --- Comment #3 from Gerrit Code Review --- Change 37190 had a related patch set uploaded by David Perry: UNISTIM: Refactor display address/control/tag handling https://code.wireshark.org/review/37190 -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16564] New: Buildbot crash output: fuzz-2020-05-13-12195.pcap
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16564 Bug ID: 16564 Summary: Buildbot crash output: fuzz-2020-05-13-12195.pcap Product: Wireshark Version: unspecified Hardware: x86-64 OS: Ubuntu Status: CONFIRMED Severity: Major Priority: High Component: Dissection engine (libwireshark) Assignee: bugzilla-ad...@wireshark.org Reporter: buildbot-do-not-re...@wireshark.org Target Milestone: --- Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2020-05-13-12195.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/2782-Re-Auth.pcap Build host information: Linux build6 4.15.0-99-generic #100-Ubuntu SMP Wed Apr 22 20:32:56 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description:Ubuntu 18.04.4 LTS Release:18.04 Codename: bionic Buildbot information: BUILDBOT_WORKERNAME=clang-code-analysis BUILDBOT_BUILDNUMBER=5211 BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/ BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark BUILDBOT_GOT_REVISION=fb28b60e3f739dc805d1b7cefa3d62f6a9b8478f Return value: 0 Dissector bug: 0 Valgrind error count: 0 Git commit commit fb28b60e3f739dc805d1b7cefa3d62f6a9b8478f Author: Alexis La Goutte Date: Mon Mar 2 20:49:17 2020 +0100 QUIC: Fix frame type (it is also a varint) Draft 13 changed it from a byte to a varint. Found during implementation of draft-huitema-quic-ts-02 which uses 0x02F5. Bug: 13881 Change-Id: I63d9469b539cf92b694bca85c00e07bd146abb5e Reviewed-on: https://code.wireshark.org/review/36259 Petri-Dish: Peter Wu Tested-by: Petri Dish Buildbot Reviewed-by: Peter Wu Command and args: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.asan/bin/tshark -nVxr ** (process:25605): WARNING **: 17:53:54.503: Dissector bug, protocol RADIUS, in packet 156: Null pointer passed to bytes_to_str() ** (process:25605): WARNING **: 17:53:54.546: Dissector bug, protocol RADIUS, in packet 201: Null pointer passed to bytes_to_str() = ==25605==ERROR: AddressSanitizer: heap-use-after-free on address 0x604000299810 at pc 0x7f2e694e1f53 bp 0x7ffd478b2b30 sp 0x7ffd478b2b28 READ of size 1 at 0x604000299810 thread T0 #0 0x7f2e694e1f52 in print_hex_data_buffer /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:1976:13 #1 0x7f2e694e19b1 in print_hex_data /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/print.c:1893:14 #2 0x5653c7f84307 in print_packet /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:4213:10 #3 0x5653c7f80712 in process_packet_single_pass /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:3779:7 #4 0x5653c7f8284e in process_cap_file_single_pass /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:3418:9 #5 0x5653c7f7c66c in process_cap_file /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:3573:26 #6 0x5653c7f77af4 in main /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../tshark.c:2045:16 #7 0x7f2e5b782b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310 #8 0x5653c7e74af9 in _start (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.asan/bin/tshark+0x59af9) 0x604000299810 is located 0 bytes inside of 36-byte region [0x604000299810,0x604000299834) freed by thread T0 here: #0 0x5653c7f20142 in __interceptor_free (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.asan/bin/tshark+0x105142) #1 0x7f2e67a7ce30 in vsa_buffer_destroy /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/dissectors/packet-radius.c:1373:2 #2 0x7f2e5c1cb13f (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x3a13f) previously allocated by thread T0 here: #0 0x5653c7f208df in realloc (/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.asan/bin/tshark+0x1058df) #1 0x7f2e5c1e2b6f in g_realloc (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x51b6f) #2 0x7f2e67a79a15 in dissect_radius /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/dissectors/packet-radius.c:2275:3 #3 0x7f2e694d2b44 in call_dissector_through_handle /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/packet.c:706:9 #4 0x7f2e694c7b99 in call_dissector_work /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/build/cmbuild/../epan/packet.c:799:9
[Wireshark-bugs] [Bug 16563] SMB2_CREATE_APP_INSTANCE_VERSION structure in SMB2 Create Request is not parsed
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16563 --- Comment #2 from Gerrit Code Review --- Change 37187 had a related patch set uploaded by Andy Zhao: smb2: add dissector for App_Instance_Version structure in SMB2 Create Context. https://code.wireshark.org/review/37187 -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 10702] Wiresharks assumes all IEEE 1722 packets transporting IEC 61883-6 stream data, regardless of the actual composition
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10702 David Perry changed: What|Removed |Added CC||boolean...@gmail.com --- Comment #1 from David Perry --- Looking at the attached trace in a modern Wireshark, it looks like this may have been addressed. Filtering on `eth.dst`, stream #1 now shows "CIP Format ID: IEC 61883-4: MPEG2-TS data transmission (0x20)" and has a "Video Data" member instead of the "Audio Data" member of stream #0. Stream #2 shows as having "AVBTP Subtype: Vendor Specific Format STream (0x6f)" followed by data. Build information of my test: 3.3.0 (v3.3.0rc0-1214-gda8c28dc67ac) Compiled (64-bit) with Qt 5.9.5, with libpcap, with POSIX capabilities (Linux), without libnl, with GLib 2.56.4, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with GnuTLS 3.5.18 and PKCS #11 support, with Gcrypt 1.8.1, with MIT Kerberos, without MaxMind DB resolver, with nghttp2 1.30.0, with brotli, with LZ4, with Zstandard, with Snappy, with libxml2 2.9.4, with QtMultimedia, without automatic updates, with SpeexDSP (using system library). Running on Linux 5.3.0-51-generic, with Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz (with SSE4.2), with 15907 MB of physical memory, with locale LC_CTYPE=en_CA.UTF-8, LC_NUMERIC=en_CA.UTF-8, LC_TIME=en_CA.UTF-8, LC_COLLATE=C, LC_MONETARY=en_CA.UTF-8, LC_MESSAGES=en_CA.UTF-8, LC_PAPER=en_CA.UTF-8, LC_NAME=en_CA.UTF-8, LC_ADDRESS=en_CA.UTF-8, LC_TELEPHONE=en_CA.UTF-8, LC_MEASUREMENT=en_CA.UTF-8, LC_IDENTIFICATION=en_CA.UTF-8, with light display mode, without HiDPI, with libpcap version 1.8.1, with GnuTLS 3.5.18, with Gcrypt 1.8.1, with brotli 1.0.4, with zlib 1.2.11, binary plugins supported (18 loaded). Built using gcc 7.5.0. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16563] SMB2_CREATE_APP_INSTANCE_VERSION structure in SMB2 Create Request is not parsed
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16563 Andy Zhao changed: What|Removed |Added Status|CONFIRMED |IN_PROGRESS -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16563] SMB2_CREATE_APP_INSTANCE_VERSION structure in SMB2 Create Request is not parsed
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16563 Andy Zhao changed: What|Removed |Added Status|UNCONFIRMED |CONFIRMED Ever confirmed|0 |1 Assignee|bugzilla-ad...@wireshark.or |jinh...@gmail.com |g | --- Comment #1 from Andy Zhao --- I'll work on a PR to fix it. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16563] New: SMB2_CREATE_APP_INSTANCE_VERSION structure in SMB2 Create Request is not parsed
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16563 Bug ID: 16563 Summary: SMB2_CREATE_APP_INSTANCE_VERSION structure in SMB2 Create Request is not parsed Product: Wireshark Version: 3.2.3 Hardware: x86-64 OS: Windows 10 Status: UNCONFIRMED Severity: Minor Priority: Low Component: Dissection engine (libwireshark) Assignee: bugzilla-ad...@wireshark.org Reporter: jinh...@gmail.com Target Milestone: --- Created attachment 17756 --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=17756=edit SMB2_CREATE_APP_INSTANCE_VERSION is not parsed in Create request. Build Information: 3.2.3 (v3.2.3-0-gf39b50865a13) Compiled (64-bit) with Qt 5.12.6, with WinPcap SDK (WpdPack) 4.1.2, with GLib 2.52.3, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4, with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.39.2, with brotli, with LZ4, with Zstandard, with Snappy, with libxml2 2.9.9, with QtMultimedia, with automatic updates using WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled resampler), with SBC, with SpanDSP, with bcg729. Running on 64-bit Windows 10 (1909), build 18363, with Intel(R) Core(TM) i7-6600U CPU @ 2.60GHz (with SSE4.2), with 16205 MB of physical memory, with locale English_United States.936, with light display mode, with mixed DPI, with Npcap version 0.9989, based on libpcap version 1.9.1, with GnuTLS 3.6.3, with Gcrypt 1.8.3, with brotli 1.0.2, without AirPcap, binary plugins supported (19 loaded). Built using Microsoft Visual Studio 2019 (VC++ 14.24, build 28316). -- SMB2_CREATE_APP_INSTANCE_VERSION structure in SMB2 Create Request context is not parsed in Wireshark. The structure is in MS-SMB2 document: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/dff54760-c485-41e0-978d-e4b2ccad2707. In Wireshark, it is shows as 'invalid'. Chain Element: "b7d082b9-563b-4f07-a07b-524a8116a010" Chain Offset: 0x Tag: b7d082b9-563b-4f07-a07b-524a8116a010 Blob Offset: 0x0020 Blob Length: 24 Data See first frame in the network trace file. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
