diff options
author | George Powers <gpowers@google.com> | 2020-11-05 22:26:49 +0000 |
---|---|---|
committer | AndersBroman <a.broman58@gmail.com> | 2020-12-06 12:38:46 +0000 |
commit | e7ec6739b6bb0bcdbd2937a582635697fa65e524 (patch) | |
tree | d7dd3842ff47ac4a3df1a5914ddb8cfda64169f8 | |
parent | a11e5261e1875b024a0674e657f9cc5b6c7579fc (diff) |
Fix reported_len in Lua framewark when creating tvb from range.
This bug affects Lua plugin dissectors for encapsulation protocols like
GRE. Typically the dissector creates a range for the payload packet, then
calls the next dissector with a tvb derived from the range, using
TvbRange_tvb(). The original version calls
tvb_new_subset_length_caplen() using the remaining capture length for the
reported_len argument. The fix passes -1 as the reported length, and
tvb_new_subset_length_caplen() calculates the new reported_len as required.
The bug only affects large packets captured with a snaplen and
truncated, then decoded with a Lua plugin for the encapsulation header.
Here's the typical bug symptom, gleaned from tshark decode of
an encapsulated IP payload:
[Expert Info (Error/Protocol): IPv4 total length exceeds packet length (114 bytes)]
[IPv4 total length exceeds packet length (114 bytes)]
Closes #15655.
-rw-r--r-- | epan/wslua/wslua_tvb.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/epan/wslua/wslua_tvb.c b/epan/wslua/wslua_tvb.c index 400f6d19d4..2e4a45dab5 100644 --- a/epan/wslua/wslua_tvb.c +++ b/epan/wslua/wslua_tvb.c @@ -399,7 +399,8 @@ WSLUA_METHOD TvbRange_tvb(lua_State *L) { tvb = (Tvb)g_malloc(sizeof(struct _wslua_tvb)); tvb->expired = FALSE; tvb->need_free = FALSE; - tvb->ws_tvb = tvb_new_subset_length_caplen(tvbr->tvb->ws_tvb,tvbr->offset,tvbr->len, tvbr->len); + // -1 means recalculate the reported_len based on the new offset + tvb->ws_tvb = tvb_new_subset_length_caplen(tvbr->tvb->ws_tvb,tvbr->offset,tvbr->len,-1); return push_wsluaTvb(L, tvb); } else { luaL_error(L,"Out Of Bounds"); |