Revert "TLS: allow dissectors to set the appdata protocol via the data param"

This reverts commit ede7be3440689cee51489361934704467f2b2ffb.

The TLS dissector can be called via multiple entrypoints. It could be
called directly (the EAP-TTLS/EAP-PEAP case with an explicit dissector
name), but also through dissector tables. The TCP and SCTP dissectors
however pass a data parameter of a different type, resulting in crashes
due to type confusion.

Change-Id: I1d21cb5e31eb09689970ff3bdc7a63c6b7965d49
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16442
Link: https://www.wireshark.org/lists/wireshark-dev/201908/msg00037.html
Reviewed-on: https://code.wireshark.org/review/34310
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

1 files changed, 5 insertions, 15 deletions

diff --git a/epan/dissectors/packet-tls.c b/epan/dissectors/packet-tls.c
index 8142a14472..f33822622b 100644
--- a/epan/dissectors/packet-tls.c
+++ b/epan/dissectors/packet-tls.c
@@ -583,9 +583,9 @@ static gint  ssl_looks_like_valid_v2_handshake(tvbuff_t *tvb,
  * Code to actually dissect the packets
  */
 static int
-dissect_tls(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
+dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
 {
-    const char        *appdata_dissector_name = (const char *)data;
+
     conversation_t    *conversation;
     proto_item        *ti;
     proto_tree        *ssl_tree;
@@ -645,16 +645,6 @@ dissect_tls(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
         return 0;
     }
 
-    /* If the subdissector is provided by the caller, remember it. */
-    if (appdata_dissector_name && !session->app_handle) {
-        session->app_handle = find_dissector(appdata_dissector_name);
-        if (!session->app_handle) {
-            ssl_debug_printf("Requested appdata dissector \"%s\" not found!\n", appdata_dissector_name);
-        } else {
-            ssl_debug_printf("Setting appdata dissector to \"%s\"\n", appdata_dissector_name);
-        }
-    }
-
     /* try decryption only the first time we see this packet
      * (to keep cipher synchronized) */
     if (pinfo->fd->visited)
@@ -971,7 +961,7 @@ is_sslv2_clienthello(tvbuff_t *tvb)
 }
 
 static int
-dissect_ssl_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
+dissect_ssl_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
 {
     conversation_t     *conversation;
 
@@ -981,7 +971,7 @@ dissect_ssl_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data
 
     conversation = find_or_create_conversation(pinfo);
     conversation_set_dissector(conversation, tls_handle);
-    return dissect_tls(tvb, pinfo, tree, NULL);
+    return dissect_ssl(tvb, pinfo, tree, data);
 }
 
 static void
@@ -4536,7 +4526,7 @@ proto_register_tls(void)
         "SSL/TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs",
         proto_tls);
 
-    tls_handle = register_dissector("tls", dissect_tls, proto_tls);
+    tls_handle = register_dissector("tls", dissect_ssl, proto_tls);
     register_dissector("tls13-handshake", dissect_tls13_handshake, proto_tls);
 
     register_init_routine(ssl_init);