ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 10513] New: parse problem in RTP dissect_rtp_hext_rfc5215_

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 29 Sep 2014 11:01:22 +0000
Bug ID 10513
Summary parse problem in RTP dissect_rtp_hext_rfc5215_onebyte
Product Wireshark
Version unspecified
Hardware x86
OS All
Status UNCONFIRMED
Severity Normal
Priority Low
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected] 

Build Information:
wireshark 1.12.0 (Git Rev Unknown from unknown)

Copyright 1998-2014 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 3.14.1, with Cairo 1.13.1, with Pango 1.36.7, with
GLib 2.41.5, with libpcap, with libz 1.2.8, with POSIX capabilities (Linux),
with libnl 3, with SMI 0.4.8, with c-ares 1.10.0, with Lua 5.2, without Python,
with GnuTLS 3.2.16, with Gcrypt 1.5.4, with MIT Kerberos, with GeoIP, with
PortAudio V19-devel (built Feb 25 2014 21:09:53), without AirPcap.

Running on Linux 3.16.0-18-generic, with locale en_US.UTF-8, with libpcap
version 1.6.2, with libz 1.2.8, GnuTLS 3.2.16, Gcrypt 1.5.4.
Intel(R) Core(TM) i7-4750HQ CPU @ 2.00GHz

Built using gcc 4.9.1.
--
some commercial IPTV streamers send bogus info in the extension headers, add
some sanity check to skip the erroneous bytes.

Affected Version: All versions

the following patch is able to resolve the issue and give a clean trace of the
mp2t files:

sergio@MBP:~/wireshark/wireshark-1.12.0+git+4fab41a1/epan/dissectors$ diff -c 
packet-rtp.c.old packet-rtp.c
*** packet-rtp.c.old    2014-09-29 10:24:07.848699977 +0200
--- packet-rtp.c    2014-09-29 10:14:54.116722160 +0200
***************
*** 1832,1837 ****
--- 1832,1844 ----
              return;

          ext_length = (ext_hdr_hdr & 0x0F) + 1;
+ 
+     /* Exit on malformed extension headers */
+     if (ext_offset + ext_length + 1 > tvb_captured_length (tvb)) {
+         ext_offset = tvb_captured_length (tvb);
+         continue;
+     }
+ 
          if (rtp_hext_tree) {
              ti = proto_tree_add_text(rtp_hext_tree, tvb, ext_offset,
ext_length + 1, "RFC 5285 Header Extension (One-Byte Header)");
              rtp_hext_rfc5285_tree = proto_item_add_subtree( ti,
ett_hdr_ext_rfc5285);

You are receiving this mail because:
  • You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube