Wireshark-bugs: [Wireshark-bugs] [Bug 5394] New: Function dissect_per_bit_string_display might r
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Sat, 13 Nov 2010 06:30:43 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5394

           Summary: Function dissect_per_bit_string_display might read
                    more bytes than available (PER dissector)
           Product: Wireshark
           Version: 1.5.x (Experimental)
          Platform: x86
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: jodd@xxxxxx


Created an attachment (id=5460)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5460)
Corrected reading of 24, 40, 48 and 56 bits

Build Information:
Version 1.5.0 (SVN Rev 34855 from /trunk)

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.16.6, with GLib 2.24.2, with WinPcap (version
unknown), with libz 1.2.3, without POSIX capabilities, without libpcre, with
SMI
0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.8.5, with
Gcrypt 1.4.5, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built
Nov
13 2010), with AirPcap.

Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.2
(packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch 1_0_rel0b
(20091008), GnuTLS 2.8.5, Gcrypt 1.4.5, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 21022

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
With SVN revision 33798 the bit retrieval was changed to use 64 bits instead of
32 bits but the different access types were left to distinguish only 8, 16, 32
and 64 bits. This can lead to attempts to read more bytes from the tvb as
actually available. More specifically this can happen in case of 24, 40, 48 and
56 bits (3, 5, 6 and 7 bytes).

To give an example we have a tvb with 6 bytes and want to read 40 bits.
Currently, the access will be done with 64 bits (8 bytes) which will fail
because only 6 bytes are available. To correct this one has to first read 32
bits and then 8 afterwards.

See the attached patch for a possible fix. Please note that reading multiple of
8 bits might be optimized by exchanging the tvb_get_bits[x] with
tvb_get_guint[x].

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.