date:20170519

[Wireshark-bugs] [Bug 13730] New: ESP Null Encrypted packets not dissected unless "Attempt to detect/decode encrypted ESP payloads" box set

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13730

Bug ID: 13730
   Summary: ESP Null Encrypted packets not dissected unless
"Attempt to detect/decode encrypted ESP payloads" box
set
   Product: Wireshark
   Version: 2.2.0
  Hardware: x86
OS: Linux (other)
Status: UNCONFIRMED
  Severity: Normal
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: emw...@gmail.com
  Target Milestone: ---

Created attachment 15566
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15566=edit
Screen shot showing NULL encrypted ESP payload checkbox issue

Build Information:
Version 2.2.0 (Git Rev Unknown from unknown)

Copyright 1998-2016 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.1, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.48.1, with zlib 1.2.8, with SMI 0.4.8, with c-ares
1.11.0, with Lua 5.2.4, with GnuTLS 3.5.3, with Gcrypt 1.7.3-beta, with MIT
Kerberos, with GeoIP, with QtMultimedia, without AirPcap.

Running on Linux 4.6.0-kali1-amd64, with locale en_US.UTF-8, with libpcap
version 1.7.4, with GnuTLS 3.5.3, with Gcrypt 1.7.3-beta, with zlib 1.2.8.
Intel(R) Core(TM)2 Extreme CPU X9100  @ 3.06GHz

Built using gcc 6.1.1 20160815.

Wireshark is Open Source Software released under the GNU General Public
License.
--
Tried to view "NULL encrypted ESP" packets with HMAC-SHA256-128 authentication.
I created entries for two SAs, entered the current session SPI values, set  the
ESP Protocol Preferences "ESP SAs" Menu for "NULL Encryption", and set
Authentication  option to "HMAC-SHA256-128", and set the "Attempt to
detect/decode NULL encrypted ESP payloads" checkbox.  The dissector does not
decode the encapsulated contents after the ESP header.   Strangely,  if I check
the "Attempt to detect/decode encrypted ESP payloads" then the NULL encrypted
ESP payload is decoded properly and I can see the ICMP packet as expected.   

Please see attached screenshot showing the checkbox configuration mentioned
above sucessfully decoding "NULL encrypted" ESP packets when the "Attempt to
detect/decode NULL encrypted ESP payloads" box is cleared and the "Attempt to
detect/decode encrypted ESP payloads" box is set. 

Otherwise you have a great product !

Evan Wheeler

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13722] Heuristic check of tcpencap dissector is too weak

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13722

Michael Mann  changed:

   What|Removed |Added

 CC||mman...@netscape.net

--- Comment #1 from Michael Mann  ---
Comparatively, it doesn't seem like that weak a heuristic.  You can also simply
disable the tcpencap heuristic dissector through Analyze -> Enable protocols
dialog.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725

--- Comment #7 from Gerrit Code Review  ---
Change 21713 merged by Michael Mann:
msnip: Verify pinfo->dst is a valid IPv4 address

https://code.wireshark.org/review/21713

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725

--- Comment #6 from Gerrit Code Review  ---
Change 21714 merged by Michael Mann:
msnip: Verify pinfo->dst is a valid IPv4 address

https://code.wireshark.org/review/21714

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13723

--- Comment #8 from Gerrit Code Review  ---
Change 21717 had a related patch set uploaded by Stig Bjørlykke:
Qt: Add check for packet bytes

https://code.wireshark.org/review/21717

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13723

--- Comment #9 from Gerrit Code Review  ---
Change 21717 merged by Stig Bjørlykke:
Qt: Add check for packet bytes

https://code.wireshark.org/review/21717

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13723

--- Comment #4 from Gerrit Code Review  ---
Change 21709 merged by Stig Bjørlykke:
Qt: Check for no tvb in Show Packet Bytes

https://code.wireshark.org/review/21709

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13723

--- Comment #5 from Gerrit Code Review  ---
Change 21716 had a related patch set uploaded by Stig Bjørlykke:
Qt: Check for no tvb in Show Packet Bytes

https://code.wireshark.org/review/21716

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13723

--- Comment #7 from Gerrit Code Review  ---
Change 21710 merged by Stig Bjørlykke:
Qt: Add check for packet bytes

https://code.wireshark.org/review/21710

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13723

--- Comment #6 from Gerrit Code Review  ---
Change 21716 merged by Stig Bjørlykke:
Qt: Check for no tvb in Show Packet Bytes

https://code.wireshark.org/review/21716

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13698] SIP packets with SDP marked as malformed

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13698

--- Comment #9 from Gerrit Code Review  ---
Change 21715 had a related patch set uploaded by Jaap Keuter:
SDP: Handle incomplete media attributes

https://code.wireshark.org/review/21715

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725

--- Comment #5 from Gerrit Code Review  ---
Change 21714 had a related patch set uploaded by Michael Mann:
msnip: Verify pinfo->dst is a valid IPv4 address

https://code.wireshark.org/review/21714

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725

Michael Mann  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|CONFIRMED   |RESOLVED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725

--- Comment #3 from Gerrit Code Review  ---
Change 21712 merged by Michael Mann:
msnip: Verify pinfo->dst is a valid IPv4 address

https://code.wireshark.org/review/21712

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725

--- Comment #4 from Gerrit Code Review  ---
Change 21713 had a related patch set uploaded by Michael Mann:
msnip: Verify pinfo->dst is a valid IPv4 address

https://code.wireshark.org/review/21713

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13727] IS-IS: Add support for CRYPTO_AUTH authentication type

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13727

--- Comment #2 from Gerrit Code Review  ---
Change 21697 merged by Peter Wu:
IS-IS: Add support for CRYPTO_AUTH authentication type

https://code.wireshark.org/review/21697

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725

--- Comment #2 from Gerrit Code Review  ---
Change 21712 had a related patch set uploaded by Björn Ruytenberg:
msnip: Verify pinfo->dst is a valid IPv4 address

https://code.wireshark.org/review/21712

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13729] The protocol automatic matching doesn't work when we press lte-rrc. in display filter combo box on Fedora 25

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13729

Pascal Quantin  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |INCOMPLETE
 CC||pascal.quan...@gmail.com

--- Comment #1 from Pascal Quantin  ---
I cannot reproduce using the follwoing build on my Fedora 25:

Version 2.3.0 (v2.3.0rc0-3571-gb1225fe)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.7.1, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.50.3, with zlib 1.2.8, with SMI 0.4.8, with c-ares
1.12.0, without Lua, with GnuTLS 3.5.12, with Gcrypt 1.6.6, with MIT Kerberos,
with GeoIP, with nghttp2 1.13.0, with LZ4, with Snappy, with libxml2 2.9.4,
with
QtMultimedia, without AirPcap, with SBC, with SpanDSP.

Running on Linux 4.10.15-200.fc25.x86_64, with Intel(R) Core(TM) i7-7500U CPU @
2.70GHz (with SSE4.2), with 7863 MB of physical memory, with locale
en_US.UTF-8,
with libpcap version 1.7.4, with GnuTLS 3.5.12, with Gcrypt 1.6.6, with zlib
1.2.8.

Built using gcc 6.3.1 20161221 (Red Hat 6.3.1-1).

I see that you used Qt 5.8, while the Fedora qt5-devel package is still 5.7.1.

It could be related to some different Qt behavior. Does it happen when you use
Qt 5.7.1 as provided by Fedora RPM?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13729] New: The protocol automatic matching doesn't work when we press lte-rrc. in display filter combo box on Fedora 25

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13729

Bug ID: 13729
   Summary: The protocol automatic matching doesn't work when we
press lte-rrc. in display filter combo box on Fedora
25
   Product: Wireshark
   Version: 2.3.x (Experimental)
  Hardware: x86
OS: Fedora
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: xiaoc...@foxmail.com
  Target Milestone: ---

Build Information:
Version 2.3.0-3570-g3fbb583 (v2.3.0rc0-3570-g3fbb583)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.8.0, with libpcap, without POSIX capabilities,
without libnl, with GLib 2.50.3, with zlib 1.2.8, without SMI, without c-ares,
without Lua, without GnuTLS, with Gcrypt 1.6.6, with MIT Kerberos, without
GeoIP, without nghttp2, without LZ4, without Snappy, without libxml2, with
QtMultimedia, without AirPcap, without SBC, without SpanDSP.

Running on Linux 4.10.15-200.fc25.x86_64, with Intel(R) Core(TM)2 Duo CPU
P9300  @ 2.26GHz, with 1928 MB of physical memory, with locale en_US.UTF-8,
with
libpcap version 1.7.4, with Gcrypt 1.6.6, with zlib 1.2.8.

Built using gcc 6.3.1 20161221 (Red Hat 6.3.1-1).

Wireshark is Open Source Software released under the GNU General Public
License.
--
  The protocol automatic matching doesn't work when we press lte-rrc. in
display filter combo box on Fedora 25. It works fine on WIN7.
  Furthermore, I found a strange thing.
1) We input lte-rrc.rrc in display filter box, no drop list pops up
2) We delete one character using backspace key, then the drop list pops up.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13728] [oss-fuzz] ASAN: stack-overflow epan/expert.c:485:30 in expert_set_item_flags

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13728

--- Comment #2 from Peter Wu  ---
In my ASAN setup, it required "ulimit -s 1000" to trigger (the above stack
trace was obtained from "ulimit -s 100"). (That reduces the stack size from 8M
to 1M).

Without stack limitation, I get this report in stderr:
Dissector bug, protocol AMQP, in packet 1: Maximum tree depth 500 exceeded for
"list-item" - "amqp.list" (proto_tree_add_node:4770)

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13728] [oss-fuzz] ASAN: stack-overflow epan/expert.c:485:30 in expert_set_item_flags

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13728

--- Comment #1 from Peter Wu  ---
Created attachment 15565
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15565=edit
Packet capture file

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13728] New: [oss-fuzz] ASAN: stack-overflow epan/expert.c:485:30 in expert_set_item_flags

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13728

Bug ID: 13728
   Summary: [oss-fuzz] ASAN: stack-overflow epan/expert.c:485:30
in expert_set_item_flags
   Product: Wireshark
   Version: Git
  Hardware: x86-64
   URL: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=
1697
OS: Linux (other)
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: pe...@lekensteyn.nl
  Target Milestone: ---

Build Information:
TShark (Wireshark) 2.3.0 (v2.3.0rc0-3582-ge79488911f)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.52.2, with zlib 1.2.11, without SMI, with c-ares 1.12.0, with Lua
5.2.4, with GnuTLS 3.5.12, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP,
with nghttp2 1.22.0, with LZ4, with Snappy, with libxml2 2.9.4.

Running on Linux 4.10.13-1-ARCH, with Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
(with SSE4.2), with 31996 MB of physical memory, with locale C, with libpcap
version 1.8.1, with GnuTLS 3.5.12, with Gcrypt 1.7.6, with zlib 1.2.11.

Built using clang 4.2.1 Compatible Clang 4.0.0 (tags/RELEASE_400/final).
--
A problem was found by the oss-fuzz project:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1697

Attached is the sample that triggers this error which can be reproduced with an
ASAN+UBSAN build of Wireshark ("tshark -Vr test.pcap").
--
ASAN:DEADLYSIGNAL
=
==31418==ERROR: AddressSanitizer: stack-overflow on address 0x7ffe2958 (pc
0x7f84d7aec054 bp 0x7ffe296001c0 sp 0x7ffe2960 T0)
#0 0x7f84d7aec053 in expert_set_item_flags epan/expert.c:485:30
#1 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#2 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#3 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#4 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#5 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#6 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#7 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#8 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#9 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#10 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#11 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#12 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#13 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#14 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#15 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#16 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#17 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#18 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#19 0x7f84d7aec06b in expert_set_item_flags epan/expert.c:486:3
#20 0x7f84d7ae602f in expert_set_info_vformat epan/expert.c:537:3
#21 0x7f84d7ae58e8 in expert_add_info_format epan/expert.c:631:2
#22 0x7f84d404b0ab in dissect_amqp_1_0_list
epan/dissectors/packet-amqp.c:5948:9
#23 0x7f84d404f30d in get_amqp_1_0_value_formatter
epan/dissectors/packet-amqp.c:9975:32
#24 0x7f84d40513b5 in dissect_amqp_1_0_array
epan/dissectors/packet-amqp.c:6212:9
#25 0x7f84d404f4f4 in get_amqp_1_0_value_formatter
epan/dissectors/packet-amqp.c:9990:32
#26 0x7f84d40513b5 in dissect_amqp_1_0_array
epan/dissectors/packet-amqp.c:6212:9
#27 0x7f84d404f4f4 in get_amqp_1_0_value_formatter
epan/dissectors/packet-amqp.c:9990:32
#28 0x7f84d40513b5 in dissect_amqp_1_0_array
epan/dissectors/packet-amqp.c:6212:9
#29 0x7f84d404f4f4 in get_amqp_1_0_value_formatter
epan/dissectors/packet-amqp.c:9990:32
#30 0x7f84d40513b5 in dissect_amqp_1_0_array
epan/dissectors/packet-amqp.c:6212:9
#31 0x7f84d404f4f4 in get_amqp_1_0_value_formatter
epan/dissectors/packet-amqp.c:9990:32
#32 0x7f84d40513b5 in dissect_amqp_1_0_array
epan/dissectors/packet-amqp.c:6212:9
#33 0x7f84d404f4f4 in get_amqp_1_0_value_formatter
epan/dissectors/packet-amqp.c:9990:32
#34 0x7f84d404ba4c in get_amqp_1_0_type_value_formatter
epan/dissectors/packet-amqp.c:10128:5
#35 0x7f84d404b2d0 in dissect_amqp_1_0_list
epan/dissectors/packet-amqp.c:5962:9
#36 0x7f84d404f30d in get_amqp_1_0_value_formatter
epan/dissectors/packet-amqp.c:9975:32
#37 0x7f84d40513b5 in

[Wireshark-bugs] [Bug 13726] Adding capture file for the nfapi protocol

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13726

--- Comment #3 from Jaap Keuter  ---
If you attach the capture to this bug (the intent of this original request)
this will remain available, be harvested for automatic testing, etc. So could
you attach the file here please?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13723

--- Comment #3 from Gerrit Code Review  ---
Change 21710 had a related patch set uploaded by Stig Bjørlykke:
Qt: Add check for packet bytes

https://code.wireshark.org/review/21710

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13723

--- Comment #2 from Gerrit Code Review  ---
Change 21709 had a related patch set uploaded by Stig Bjørlykke:
Qt: Check for no tvb in Show Packet Bytes

https://code.wireshark.org/review/21709

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13726] Adding capture file for the nfapi protocol

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13726

--- Comment #2 from ho...@whitedoor.plus.com ---
Link to pcap file

https://drive.google.com/file/d/0B40qGFlciYvWRnlCcnRrSFY3blk/view?usp=sharing

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13726] Adding capture file for the nfapi protocol

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13726

Jaap Keuter  changed:

   What|Removed |Added

 Ever confirmed|0   |1
Version|unspecified |Git
 Status|UNCONFIRMED |INCOMPLETE

--- Comment #1 from Jaap Keuter  ---
Where's the capture?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13698] SIP packets with SDP marked as malformed

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13698

--- Comment #8 from Gerrit Code Review  ---
Change 21699 merged by Anders Broman:
SDP: Handle incomplete media attributes

https://code.wireshark.org/review/21699

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13727] IS-IS: Add support for CRYPTO_AUTH authentication type

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13727

Graham Bloice  changed:

   What|Removed |Added

 Status|UNCONFIRMED |IN_PROGRESS
 Ever confirmed|0   |1
   Severity|Major   |Enhancement
 CC||graham.blo...@trihedral.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13727] IS-IS: Add support for CRYPTO_AUTH authentication type

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13727

--- Comment #1 from Dhiru Kholia  ---
Created attachment 15564
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15564=edit
IS-IS packet captures

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13727] New: IS-IS: Add support for CRYPTO_AUTH authentication type

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13727

Bug ID: 13727
   Summary: IS-IS: Add support for CRYPTO_AUTH authentication type
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: All
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: dhiru.kho...@gmail.com
  Target Milestone: ---

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
CRYPTO_AUTH (generic cryptographic authentication) is documented in RFC 5310,
https://tools.ietf.org/html/rfc5310.

Sample IS-IS .pcap files using CRYPTO_AUTH (HMAC-SHA1/HMAC-SHA256) can be found
at https://c0decafe.de/svn/codename_loki/test/.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13726] Adding capture file for the nfapi protocol

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13726

ho...@whitedoor.plus.com changed:

   What|Removed |Added

Summary|Adding cpature file for the |Adding capture file for the
   |nfapi protocol  |nfapi protocol

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13726] New: Adding cpature file for the nfapi protocol

2017-05-19 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13726

Bug ID: 13726
   Summary: Adding cpature file for the nfapi protocol
   Product: Wireshark
   Version: unspecified
  Hardware: x86
OS: Windows 7
Status: UNCONFIRMED
  Severity: Enhancement
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: ho...@whitedoor.plus.com
  Target Milestone: ---

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
Uploading pacp file for the nfapi protocol as requested as part of
https://code.wireshark.org/review/#/c/21493/

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13730] New: ESP Null Encrypted packets not dissected unless "Attempt to detect/decode encrypted ESP payloads" box set

[Wireshark-bugs] [Bug 13722] Heuristic check of tcpencap dissector is too weak

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

[Wireshark-bugs] [Bug 13698] SIP packets with SDP marked as malformed

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

[Wireshark-bugs] [Bug 13727] IS-IS: Add support for CRYPTO_AUTH authentication type

[Wireshark-bugs] [Bug 13725] [oss-fuzz] UBSAN: null pointer passed as argument 1, which is declared to never be null in packet-msnip.c:220:13

[Wireshark-bugs] [Bug 13729] The protocol automatic matching doesn't work when we press lte-rrc. in display filter combo box on Fedora 25

[Wireshark-bugs] [Bug 13729] New: The protocol automatic matching doesn't work when we press lte-rrc. in display filter combo box on Fedora 25

[Wireshark-bugs] [Bug 13728] [oss-fuzz] ASAN: stack-overflow epan/expert.c:485:30 in expert_set_item_flags

[Wireshark-bugs] [Bug 13728] [oss-fuzz] ASAN: stack-overflow epan/expert.c:485:30 in expert_set_item_flags

[Wireshark-bugs] [Bug 13728] New: [oss-fuzz] ASAN: stack-overflow epan/expert.c:485:30 in expert_set_item_flags

[Wireshark-bugs] [Bug 13726] Adding capture file for the nfapi protocol

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

[Wireshark-bugs] [Bug 13723] Crash on "Show packet bytes..." context menu item click

[Wireshark-bugs] [Bug 13726] Adding capture file for the nfapi protocol

[Wireshark-bugs] [Bug 13726] Adding capture file for the nfapi protocol

[Wireshark-bugs] [Bug 13698] SIP packets with SDP marked as malformed

[Wireshark-bugs] [Bug 13727] IS-IS: Add support for CRYPTO_AUTH authentication type

[Wireshark-bugs] [Bug 13727] IS-IS: Add support for CRYPTO_AUTH authentication type

[Wireshark-bugs] [Bug 13727] New: IS-IS: Add support for CRYPTO_AUTH authentication type

[Wireshark-bugs] [Bug 13726] Adding capture file for the nfapi protocol

[Wireshark-bugs] [Bug 13726] New: Adding cpature file for the nfapi protocol

33 matches

Site Navigation

Mail list logo

Footer information