Wireshark-bugs: [Wireshark-bugs] [Bug 5277] New: Crash if using ssl.debug.file with no password
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5277
Summary: Crash if using ssl.debug.file with no password for
ssl.keys_list.
Product: Wireshark
Version: 1.4.0
Platform: x86
OS/Version: Solaris
Status: NEW
Severity: Normal
Priority: Low
Component: TShark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: james.templeton@xxxxxxxxxx
Build Information:
TShark 1.2.3
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GLib 2.20.0, with libpcap 1.1.1, with libz 1.2.3, without POSIX
capabilities, with libpcre 8.0, without SMI, without c-ares, without ADNS, with
Lua 5.1, with GnuTLS 2.6.4, with Gcrypt 1.4.4, with MIT Kerberos, with GeoIP.
Running on SunOS 5.10, with libpcap version 1.1.1, GnuTLS 2.8.6, Gcrypt 1.4.6.
Built using Sun C 5.8
--
If you run tshark with the ssl.debug_file preference set to a file name or '-',
and with the ssl.key_list preference set with just 4 parameters -- that is, no
password -- tshark will cause a seg fault.
Looks like the code on line 3137 of packet-ssl-utils.c is at fault. It attempts
to print out the ssl parameters, including the password. Since there is no
password, it is using a null pointer, causing the seg fault. Suggest adding
logic to only print the password if the pointer is not null.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.