Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 7909] New: USB: Changeset 45310 broke dissection of some d

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 23 Oct 2012 12:14:53 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7909

           Summary: USB: Changeset 45310 broke dissection of some
                    descriptors
           Product: Wireshark
           Version: SVN
          Platform: x86
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: steve@xxxxxxxxxxxxxxx


Created attachment 9420
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=9420
Test case

Build Information:
wireshark 1.9.0 (SVN Rev 45737 from /trunk)

Copyright 1998-2012 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.13, with Cairo 1.10.2, with Pango 1.30.0, with
GLib 2.32.4, with libpcap, with libz 1.2.5, with POSIX capabilities (Linux),
without libnl, without SMI, without c-ares, without ADNS, without Lua, without
Python, with GnuTLS 2.12.17, with Gcrypt 1.5.0, with MIT Kerberos, without
GeoIP, without PortAudio, with AirPcap.

Running on Linux 3.6.1-1.steve, with locale en_US.UTF-8, with libpcap version
1.2.1, with libz 1.2.5, GnuTLS 2.12.17, Gcrypt 1.5.0, without AirPcap.

Built using gcc 4.7.2 20120921 (Red Hat 4.7.2-2).

--
Changeset 45310 altered how the USB dissector calculates the offset of the next
descriptor within a CONFIGURATION descriptor. Instead of using the stated
length of INTERFACE and ENDPOINT descriptors, the offset is now calculated
based on the sizes of (standard) fields dissected in those descriptors.

This breaks down when an INTERFACE or ENDPOINT descriptor contains more data
than the code was written to dissect. A case in point is a webcam with an AUDIO
class interface, where audio endpoint descriptors are 9 bytes long rather than
the usual 7. This causes the USB dissector to become confused about the
boundaries between descriptors.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube