diff options
author | AndersBroman <anders.broman@ericsson.com> | 2015-11-04 17:45:23 +0100 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2015-11-05 09:50:23 +0000 |
commit | 2eec1545615901e272e1c6474388576abdd94d15 (patch) | |
tree | 1bb1f09126743ca562b046d14af8ce77137d7999 /epan/dissectors/packet-ipsec.c | |
parent | 9c0d550a4afdafa31e76e0eecd14f8721e90e599 (diff) |
[IPsec] Hand the subdissector the payload data only,
not including the padding and auth data.
Change-Id: Ib883fcb44def8d6fbdde19729519b40b32d78577
Reviewed-on: https://code.wireshark.org/review/11563
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ipsec.c')
-rw-r--r-- | epan/dissectors/packet-ipsec.c | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/epan/dissectors/packet-ipsec.c b/epan/dissectors/packet-ipsec.c index 72a3a9628f..61ff6366a2 100644 --- a/epan/dissectors/packet-ipsec.c +++ b/epan/dissectors/packet-ipsec.c @@ -1678,7 +1678,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) crypt_algo_libgcrypt = GCRY_CIPHER_3DES; crypt_mode_libgcrypt = GCRY_CIPHER_MODE_CBC; - decrypted_len = len - (int)sizeof(struct newesp); + decrypted_len = len - 8; if (decrypted_len <= 0) decrypt_ok = FALSE; @@ -1713,7 +1713,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) esp_iv_len = 16; crypt_mode_libgcrypt = GCRY_CIPHER_MODE_CBC; - decrypted_len = len - (int)sizeof(struct newesp); + decrypted_len = len - 8; if (decrypted_len <= 0) decrypt_ok = FALSE; @@ -1761,7 +1761,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) esp_iv_len = 8; crypt_mode_libgcrypt = GCRY_CIPHER_MODE_CBC; - decrypted_len = len - (int)sizeof(struct newesp); + decrypted_len = len - 8; if (decrypted_len <= 0) decrypt_ok = FALSE; @@ -1798,7 +1798,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) esp_iv_len = 8; crypt_algo_libgcrypt = GCRY_CIPHER_DES; crypt_mode_libgcrypt = GCRY_CIPHER_MODE_CBC; - decrypted_len = len - (int)sizeof(struct newesp); + decrypted_len = len - 8; if (decrypted_len <= 0) decrypt_ok = FALSE; @@ -1834,7 +1834,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) esp_iv_len = 8; crypt_mode_libgcrypt = GCRY_CIPHER_MODE_CTR; - decrypted_len = len - (int)sizeof(struct newesp); + decrypted_len = len - 8; if (decrypted_len <= 0) decrypt_ok = FALSE; @@ -1881,7 +1881,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) esp_iv_len = 16; crypt_mode_libgcrypt = GCRY_CIPHER_MODE_CBC; - decrypted_len = len - (int)sizeof(struct newesp); + decrypted_len = len - 8; if (decrypted_len <= 0) decrypt_ok = FALSE; @@ -1927,7 +1927,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) crypt_algo_libgcrypt = GCRY_CIPHER_BLOWFISH; crypt_mode_libgcrypt = GCRY_CIPHER_MODE_CBC; - decrypted_len = len - (int)sizeof(struct newesp); + decrypted_len = len - 8; if (decrypted_len <= 0) decrypt_ok = FALSE; @@ -1953,7 +1953,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) default : /* Fix parameters */ esp_iv_len = 0; - decrypted_len = len - (int)sizeof(struct newesp); + decrypted_len = len - 8; if (decrypted_len <= 0) decrypt_ok = FALSE; @@ -2160,7 +2160,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) */ if(!g_esp_enable_encryption_decode && g_esp_enable_authentication_check && sad_is_present) { - next_tvb = tvb_new_subset(tvb, (int)sizeof(struct newesp), len - (int)sizeof(struct newesp) - esp_auth_len, -1); + next_tvb = tvb_new_subset(tvb, 8, len - 8 - esp_auth_len, -1); export_ipsec_pdu(data_handle, pinfo, next_tvb); call_dissector(data_handle, next_tvb, pinfo, esp_tree); @@ -2189,8 +2189,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) if (dissector_handle) { saved_match_uint = pinfo->match_uint; pinfo->match_uint = encapsulated_protocol; - next_tvb = tvb_new_subset(tvb, (int)sizeof(struct newesp), -1, - len - (int)sizeof(struct newesp) - 14 - esp_pad_len); + next_tvb = tvb_new_subset_length(tvb, 8, len - 8 - 14 - esp_pad_len); export_ipsec_pdu(dissector_handle, pinfo, next_tvb); call_dissector(dissector_handle, next_tvb, pinfo, tree); pinfo->match_uint = saved_match_uint; |