Re: [Wireshark-dev] tvb_get_nstringz0
On Fri, Mar 26, 2021 at 4:22 AM Dario Lombardo wrote: > Hi, > I am a bit puzzled by the use of tvb_get_nstringz0. Let's say I have a > packet 100 bytes long, that does NOT contain NUL. I call tvb_get_nstringz0 > with a buffer 10 bytes long. > For what I can see, the function will seek the packet for NUL, stopping at > the end of the packet, copying the result into the buffer. But the buffer > is too short, resulting in a crash. > What's the error here? How is the caller sure their call won't be invalid? > Should they always pass a long-enough buffer? Was the call to this function > wrong in the first place? > Hmm, looks okay to me. When you call tvb_get_nstringz0() you pass in bufsize = 10. tvb_get_nstringz0() calls _tvb_get_nstringz() check_offset_len() runs to the end of the packet, setting len to 100. Since len >= bufsize, it sets limit = bufsize. stringlen = tvb_strnlen(tvb, abs_offset, limit - 1) looks at the first 9 bytes, doesn't find a NUL, returns -1 stringlen is -1, tvb_memcpy copies over limit (10) bytes into buffer from tvb, bytes_copies is set to 10, _tvb_get_nstringz() returns -1. Since -1 was returned, tvb_get_nstringz0() sets buffer[9] to NULL, and returns 9. The caller assures that the call won't be invalid by passing in the size of the buffer. John Thacker ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Input plugin for PEAK Systems CAN interfaces
Hello all! I would like to create a Wireshark plugin for the PEAK CAN devices. Wireshark works fine with these devices on Linux over SocketCAN, however on Windows I did not found any way to utilize them. Is there any open source CAN input plugins out in the wild what I could use as a starting point? I only found this one from CCS: https://canlogger.csselectronics.com/files/wiresharkplugin/WS_v2.4-Plugin_v7.1.zip Unfortunately it is operating at the OBD level, however I would like pass raw CAN frames to Wireshark. (And at the another hand it looks a bit outdated.) Best regards, Miklos Marton ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] tvb_get_nstringz0
Hi, I am a bit puzzled by the use of tvb_get_nstringz0. Let's say I have a packet 100 bytes long, that does NOT contain NUL. I call tvb_get_nstringz0 with a buffer 10 bytes long. For what I can see, the function will seek the packet for NUL, stopping at the end of the packet, copying the result into the buffer. But the buffer is too short, resulting in a crash. What's the error here? How is the caller sure their call won't be invalid? Should they always pass a long-enough buffer? Was the call to this function wrong in the first place? Thanks. Dario. -- Naima is online. ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
