Wireshark-bugs: [Wireshark-bugs] [Bug 12106] Buildbot crash output: fuzz-2016-02-09-3681.pcap
Date: Sat, 20 Feb 2016 14:05:03 +0000

Comment # 2 on bug 12106 from
Find all ber_sequence_t definitions with a single element:

 grep ber_sequence_t -lr > /tmp/1
 clang-query -p=/tmp/wsbuild $(cat /tmp/1) -c 'set output print' \
     -c 'm varDecl(hasType(asString("const ber_sequence_t [1]")))' > /tmp/2

Find all variables having a NULL element (ignoring sequence_of and set_of
definitions):

 awk '/void/{gsub(/[\[\]]/,"");print $4}' /tmp/2

There will be 29 of them. For the ansi_tcap example
(asn1/ansi_tcap/TCAPPackage.asn) we have this specification:

 Reject ::= SEQUENCE {
     componentID            [PRIVATE 15] IMPLICIT OCTET STRING (SIZE(0..1)),
     rejectProblem        [PRIVATE 21] IMPLICIT Problem,
     parameter CHOICE {
         paramSequence [PRIVATE 16] IMPLICIT SEQUENCE { },
         paramSet [PRIVATE 18] IMPLICIT SET { }
     }    --The choice between paramSequence and paramSet is implementation
         --dependent, however paramSequence is preferred.
 }

This empty "SET {}" will cause issues. ("SEQUENCE {}" will not cause issues
with dissect_ber_sequence because it checks seq->func before continuing).

According to 26.1 from X.680-0207 an empty set is valid. Patch is coming up.


You are receiving this mail because:
  • You are watching all bug changes.