Wireshark · Wireshark-dev: [Wireshark-dev] [PATCH] cond_one

Wireshark-dev: [Wireshark-dev] [PATCH] cond_one_of return too fast.

From: Jakub Zawadzki <darkjames@xxxxxxxxxxxxxxxx>

Date: Sat, 8 May 2010 23:36:22 +0200

Hi,

I hit a bug while writting JSON dissector.

If one codition of tvbparse_set_oneof() is tvbparse_string with some big string,
and when we are dissecting end of the packet where it's no space for this condition
(offset + length_of_this_string > end_offset), cond_one_of returns -1 instead of checking
other possibilities.

It could be workarounded by sorting set_oneof() conditions from smallest one to biggest,
but attaching proper fix :)

Regards.

diff --git epan/tvbparse.c epan/tvbparse.c
index 01d7936..9c1d9f9 100644
--- epan/tvbparse.c
+++ epan/tvbparse.c
@@ -448,13 +448,13 @@ static int cond_one_of(tvbparse_t* tt, const int offset, const tvbparse_wanted_t
     for(i=0; i < wanted->control.elems->len; i++) {
         tvbparse_wanted_t* w = g_ptr_array_index(wanted->control.elems,i);
         tvbparse_elem_t* new = NULL;
         int curr_len;
 
         if ( offset + w->len > tt->end_offset )
-            return -1;
+            continue;
 
         curr_len = w->condition(tt, offset, w,  &new);
 
         if (curr_len >= 0) {
             *tok = new_tok(tt, wanted->id, new->offset, new->len, wanted);
             (*tok)->sub = new;

Prev by Date: Re: [Wireshark-dev] Packet not reaching dissector
Next by Date: Re: [Wireshark-dev] Best way to handle a variable-length NULL-terminated string in a tvb
Previous by thread: Re: [Wireshark-dev] Question regarding the reassembled_key
Next by thread: [Wireshark-dev] Issue with installing Wireshark
Index(es):
- Date
- Thread