https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4505
Summary: Wireshark crashes during IEEE 802.15.4 decryption
Product: Wireshark
Version: SVN
Platform: Other
OS/Version: Windows XP
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: osk@xxxxxxxxxx
Created an attachment (id=4304)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4304)
Fix to IEEE 802.15.4 dissector.
Build Information:
Version 1.3.3
Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.18.5, with GLib 2.22.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8,
with c-ares 1.7.0, with Lua 5.1, without Python, with GnuTLS 2.8.5, with Gcrypt
1.4.5, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Jan 26
2010), with AirPcap, with new_packet_list.
Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.0.2
(packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, GnuTLS 2.8.5,
Gcrypt 1.4.5, without AirPcap.
Built using Microsoft Visual C++ 9.0 build 30729
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
Wireshark crashes when decrypting IEEE 802.15.4 packets with a zero-length
payload. The crash happens when calling add_new_data_source() with a
zero-length tvbuff. The attached patch works around the problem by calling
add_new_data_source() only when there is a payload to decrypt.
I would have anticipated the dissector to catch an exception if the dissector
had done something wrong, instead the entire program crashes.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
