date:20180208

[Wireshark-bugs] [Bug 14403] Missing bounds check on memory allocation in pcapng.c

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403

--- Comment #4 from Gerrit Code Review  ---
Change 25703 merged by Guy Harris:
Do the maximum block size check in pcap_read_block().

https://code.wireshark.org/review/25703

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14403] Missing bounds check on memory allocation in pcapng.c

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403

--- Comment #3 from Gerrit Code Review  ---
Change 25703 had a related patch set uploaded by Guy Harris:
Do the maximum block size check in pcap_read_block().

https://code.wireshark.org/review/25703

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14403] Missing bounds check on memory allocation in pcapng.c

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403

--- Comment #2 from Gerrit Code Review  ---
Change 25702 merged by Guy Harris:
Do the maximum block size check in pcap_read_block().

https://code.wireshark.org/review/25702

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14403] Missing bounds check on memory allocation in pcapng.c

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403

--- Comment #1 from Gerrit Code Review  ---
Change 25702 had a related patch set uploaded by Guy Harris:
Do the maximum block size check in pcap_read_block().

https://code.wireshark.org/review/25702

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14404] New: Feature Request: pcap over netcat

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14404

Bug ID: 14404
   Summary: Feature Request: pcap over netcat
   Product: Wireshark
   Version: unspecified
  Hardware: All
OS: All
Status: UNCONFIRMED
  Severity: Enhancement
  Priority: Low
 Component: Extras
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: djcanadianj...@gmail.com
  Target Milestone: ---

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
In linux you can open wireshark and have it read from STDIN piped from netcat
STDOUT with the command

nc -l -v  | wireshark -k -i -

and on the remote host do something like

cat somefile.pcap | nc WIRESHARK-IP 
or
tcpdump -i eth0 -s0 -U -w - | nc WIRESHARK-IP 

the issue is you can not easily pipe netcat into wireshark running on windows

to solve this maybe have a remote capture tool that listens on a TCP/UDP port
that can read and dissect tcpdump/pcap raw capture

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14367] Extend ieee802154 CCM API to accept a generic nonce

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14367

Michael Mann  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 Resolution|--- |FIXED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #60 from Gerrit Code Review  ---
Change 25687 merged by Anders Broman:
QUIC: Add initial draft-09 support

https://code.wireshark.org/review/25687

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #59 from Gerrit Code Review  ---
Change 25686 merged by Anders Broman:
QUIC: remove draft-07 support

https://code.wireshark.org/review/25686

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #58 from Gerrit Code Review  ---
Change 25689 had a related patch set uploaded by Alexis La Goutte:
QUIC: Add new label of draft-09

https://code.wireshark.org/review/25689

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #57 from Gerrit Code Review  ---
Change 25687 had a related patch set uploaded by Alexis La Goutte:
QUIC: Add initial draft-09 support

https://code.wireshark.org/review/25687

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #56 from Gerrit Code Review  ---
Change 25686 had a related patch set uploaded by Alexis La Goutte:
QUIC: remove draft-07 support

https://code.wireshark.org/review/25686

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14403] New: Missing bounds check on memory allocation in pcapng.c

2018-02-08 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403

Bug ID: 14403
   Summary: Missing bounds check on memory allocation in pcapng.c
   Product: Wireshark
   Version: Git
  Hardware: x86-64
OS: Linux
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Capture file support (libwiretap)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: mag...@stubman.eu
  Target Milestone: ---

Build Information:
** (process:47134): WARNING **: No such preference "capture.devices_buffersize"
at line 286 of
/home/magnus/.wireshark/preferences (save preferences to remove this warning)
TShark (Wireshark) 2.5.1 (28960d79)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) without libpcap, with GLib 2.42.1, with zlib 1.2.8, without
SMI, with c-ares 1.10.0, with Lua 5.2.3, without GnuTLS, with Gcrypt 1.6.3,
without Kerberos, without GeoIP, without nghttp2, without LZ4, without Snappy,
with libxml2 2.9.1.

Running on Linux 3.16.0-5-amd64, with Intel(R) Core(TM) i7-6920HQ CPU @ 2.90GHz
(with SSE4.2), with 7359 MB of physical memory, with locale en_US.UTF-8, with
Gcrypt 1.6.3, with zlib 1.2.8.

Built using gcc 4.9.2.
--
magnus@h4xb0x:~/projects/wireshark/fuzz/wiresharknoasan$ git rev-parse HEAD
28960d79cca262ac6b974f339697b299a1e28fef
magnus@h4xb0x:~/projects/wireshark/fuzz/wiresharknoasan$ cat ../hugealloc.pcap
| base64
Cg0NCjgAAABNPCsaAQAAAP//BAARAEVkSHRjYXAgMi4xLjEtZ2l0AOsAADgE
AgAALAD//wAACAAIAP//CQABAAYALAYAAABEAQDwAOIFBAAyVVRA
ZEwoTgBzQQEBZAEBDgoDDQo4ZDwrRiAaAQAgAMZkKBr/gFQgTE0gFzMuMAD//wAACAAI
AP8BgAAAVXoATXM/Zm9ZIFdvcmtnd291cC4SWDAAMlUgVwBNPCsaAQAAAP//
BAARbwACTEFOTXM/Zm9ZIHJrAlNhbWJhAAJOAQBkIGYgaS7y8j4+Pj4+Pj4+Pj4+Pj4+Pj4+
PvLy8vIrGgEAAET4IBD//wQXEdPTAAf58gD6AA==
magnus@h4xb0x:~/projects/wireshark/fuzz/wiresharknoasan$ sha256sum
../hugealloc.pcap 
d06e724d1404481916ceb5d31749e8da09eeba7a5ee74e227871c3d103b5450b 
../hugealloc.pcap
magnus@h4xb0x:~/projects/wireshark/fuzz/wiresharknoasan$ valgrind ./tshark -r
../hugealloc.pcap
==39549== Memcheck, a memory error detector
==39549== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==39549== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==39549== Command: ./tshark -r ../hugealloc.pcap
==39549== 
==39549== Thread 2 register_all_protocols_worker:
==39549== Conditional jump or move depends on uninitialised value(s)
==39549==at 0x1150E32: ws_mempbrk_sse42_compile (ws_mempbrk_sse42.c:69)
==39549== 

** (process:39549): WARNING **: No such preference "capture.devices_buffersize"
at line 286 of
/home/magnus/.wireshark/preferences (save preferences to remove this warning)
buffer->allocated: 2048
space: 4294901768

(process:39549): GLib-ERROR **:
/build/glib2.0-y6934K/glib2.0-2.42.1/./glib/gmem.c:168: failed to allocate
4294904840 bytes
==39549== 
==39549== Process terminating with default action of signal 5 (SIGTRAP)
==39549==at 0x541FD30: g_logv (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==39549==by 0x541FF6E: g_log (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==39549==by 0x541E8B6: g_realloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==39549==by 0x114A37A: ws_buffer_assure_space (buffer.c:97)
==39549==by 0x49CC54: wtap_read_packet_bytes (wtap.c:1337)
==39549==by 0x490967: pcapng_read_sysdig_event_block (pcapng.c:2262)
==39549==by 0x490967: pcapng_read_block (pcapng.c:2429)
==39549==by 0x49220C: pcapng_read (pcapng.c:2640)
==39549==by 0x49CAA7: wtap_read (wtap.c:1230)
==39549==by 0x45B2CA: process_cap_file (tshark.c:3318)
==39549==by 0x45B2CA: main (tshark.c:2024)
==39549== 
==39549== HEAP SUMMARY:
==39549== in use at exit: 28,211,768 bytes in 42,733 blocks
==39549==   total heap usage: 52,260 allocs, 9,527 frees, 4,329,591,134 bytes
allocated
==39549== 
==39549== LEAK SUMMARY:
==39549==definitely lost: 0 bytes in 0 blocks
==39549==indirectly lost: 0 bytes in 0 blocks
==39549==  possibly lost: 0 bytes in 0 blocks
==39549==still reachable: 28,211,768 bytes in 42,733 blocks
==39549== suppressed: 0 bytes in 0 blocks
==39549== Rerun with --leak-check=full to see details of leaked memory
==39549== 
==39549== For counts of detected and suppressed errors, rerun with: -v
==39549== Use --track-origins=yes to see where uninitialised values come from
==39549== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Trace/breakpoint trap

-- 
You are receiving this mail because:
You are watching all bug

[Wireshark-bugs] [Bug 14403] Missing bounds check on memory allocation in pcapng.c

[Wireshark-bugs] [Bug 14403] Missing bounds check on memory allocation in pcapng.c

[Wireshark-bugs] [Bug 14403] Missing bounds check on memory allocation in pcapng.c

[Wireshark-bugs] [Bug 14403] Missing bounds check on memory allocation in pcapng.c

[Wireshark-bugs] [Bug 14404] New: Feature Request: pcap over netcat

[Wireshark-bugs] [Bug 14367] Extend ieee802154 CCM API to accept a generic nonce

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

[Wireshark-bugs] [Bug 14403] New: Missing bounds check on memory allocation in pcapng.c

12 matches

Site Navigation

Mail list logo

Footer information