Wireshark-dev: [Wireshark-dev] Lua stringz
From: "Maynard, Christopher" <Christopher.Maynard@xxxxxxx>
Date: Fri, 29 Jan 2021 21:00:18 +0000
Hi list,
 
I was successfully using tvbrange:stringz() to retrieve a NULL-terminated string from a tvb, that is until I recently encountered a string containing extended-ASCII characters, at which point things starting failing because the length of the string returned was too long.  To work around the problem, I switched to using tvbrange:strsize() instead.
 
To help illustrate the problem, I’ve attached a simple Lua dissector and pcap file.  The Lua dissector has a preference for switching between using stringz() or strsize().  I’ve also attached the exported textual representations, both with "use_stringz" enabled and with it disabled (so it’s using strsize() instead).
 
Is this expected, or is this perhaps a bug?  Has anyone else encountered something like this?
 
Thanks.
- Chris
Ref:
11.8.3.21. tvbrange:stringz([encoding])
11.8.3.22. tvbrange:strsize([encoding])
 
 
 
 
 
 
 
 
 
 
 
CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the addressee. If you are not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited.
No.     Interface id AbsTime                       Epoch Time Time           DeltaT         SrcPort DstPort Protocol Length Stream index Device name Message ID Syserr     Info                                                            No.
      1              2013-09-17 14:40:32.225559    1379443232.225559000 0.000000       0.000000       33333   33333   FOO      69                                                    Ping: Hello �
World�                                       1

Frame 1: 69 bytes on wire (552 bits), 69 bytes captured (552 bits)
Ethernet II, Src: Riverbed_00:00:01 (00:0e:b6:00:00:01), Dst: Riverbed_00:00:02 (00:0e:b6:00:00:02)
Internet Protocol Version 4, Src: 192.0.2.101 (192.0.2.101), Dst: 192.0.2.102 (192.0.2.102)
User Datagram Protocol, Src Port: 33333 (33333), Dst Port: 33333 (33333)
FOO Protocol
    Foo Header: aabbccdd00010013
        Magic: 0xaabbccdd
        Type: Ping (1)
        Length: 19
    [Message Length: 19]
    Message: Hello �\177\nWorld�\177!2

0000  00 0e b6 00 00 02 00 0e b6 00 00 01 08 00 45 00   ..............E.
0010  00 37 00 00 40 00 40 11 b5 ea c0 00 02 65 c0 00   .7..@.@......e..
0020  02 66 82 35 82 35 00 23 cb eb aa bb cc dd 00 01   .f.5.5.#........
0030  00 13 48 65 6c 6c 6f 20 fa 7f 0a 57 6f 72 6c 64   ..Hello ...World
0040  fa 7f 21 32 00                                    ..!2.
No.     Interface id AbsTime                       Epoch Time Time           DeltaT         SrcPort DstPort Protocol Length Stream index Device name Message ID Syserr     Info                                                            No.
      1              2013-09-17 14:40:32.225559    1379443232.225559000 0.000000       0.000000       33333   33333   FOO      69                                                    Ping                                                            1

Frame 1: 69 bytes on wire (552 bits), 69 bytes captured (552 bits)
Ethernet II, Src: Riverbed_00:00:01 (00:0e:b6:00:00:01), Dst: Riverbed_00:00:02 (00:0e:b6:00:00:02)
Internet Protocol Version 4, Src: 192.0.2.101 (192.0.2.101), Dst: 192.0.2.102 (192.0.2.102)
User Datagram Protocol, Src Port: 33333 (33333), Dst Port: 33333 (33333)
FOO Protocol
    Foo Header: aabbccdd00010013
        Magic: 0xaabbccdd
        Type: Ping (1)
        Length: 19
    [Message Length: 23]
Lua Error: C:\Users\cmaynard\AppData\Roaming\Wireshark\plugins\foo.lua:64: Range is out of bounds

Attachment: foo.lua
Description: foo.lua

Attachment: foo_stringz.pcap
Description: foo_stringz.pcap