Wireshark-bugs: [Wireshark-bugs] [Bug 12826] New: usage http-tcp dissector from lua dissector le
Date: Tue, 06 Sep 2016 06:14:28 +0000
Bug ID 12826
Summary usage http-tcp dissector from lua dissector lead to Segmentation fault
Product Wireshark
Version 2.2.0
Hardware x86
OS Linux (other)
Status UNCONFIRMED
Severity Normal
Priority Low
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter ychislov@trustwave.com

Created attachment 14880 [details]
proxy protocol v2 lua dissector

Build Information:
tshark -v
Duplicate dissectors http and http-over-ssl for protocol HTTP in dissector
table ssl.port
TShark (Wireshark) 2.2.0 (Git Rev Unknown from unknown)

Copyright 1998-2016 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.48.1, with zlib 1.2.8, with SMI 0.4.8, with c-ares 1.11.0, with Lua
5.2.4, with GnuTLS 3.5.3, with Gcrypt 1.7.3-beta, with MIT Kerberos, with
GeoIP.

Running on Linux 4.7.2, with locale en_US.UTF-8, with libpcap version 1.7.4,
with GnuTLS 3.5.2, with Gcrypt 1.7.2-beta, with zlib 1.2.8.
       Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz (with SSE4.2)

Built using gcc 6.1.1 20160815.

--
used lua dissector for proxy protocol v2 (attached) that call to
http dissector

---
local original_http_dissector
local tcp_dissector_table = DissectorTable.get("tcp.port")
original_http_dissector = tcp_dissector_table:get_dissector(80)
---
---

    else
        original_http_dissector:call(tvbuf,pktinfo,root)
    end
---

in the wireshark ver. 2.2.0 automatically chosen http-tcp (dissect_http_tcp)
that require not empty data.

./epan/dissectors/packet-http.c
3127 dissect_http_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
void* data)
3128 {
3129         struct tcpinfo *tcpinfo = (struct tcpinfo *)data;
...
3161         end_of_stream = IS_TH_FIN(tcpinfo->flags);

but from lua dissector data set to NULL

epan/wslua/wslua_dissector.c
110 len = call_dissector(d, tvb->ws_tvb, pinfo->ws_pinfo, ti->tree);

epan/packet.c
2805 int
2806 call_dissector(dissector_handle_t handle, tvbuff_t *tvb,
2807                packet_info *pinfo, proto_tree *tree)
2808 {
2809         return call_dissector_with_data(handle, tvb, pinfo, tree, NULL);
2810 }

that lead to Segmentation fault(core attached)

The current solution is explicit http dissector usage from lua
---
original_http_dissector = Dissector.get("http")
---


You are receiving this mail because:
  • You are watching all bug changes.