Fix a double-free bug which was causing a crash. Our decryption buffer

length doesn't change, so allocate it just once. Add an expert item for
a successful decryption.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@31571 f5534014-38df-0310-8fa8-9805f1628bb7

3 files changed, 15 insertions, 13 deletions

diff --git a/epan/dissectors/packet-kerberos.c b/epan/dissectors/packet-kerberos.c
index 13294ecb5e..6969887f6e 100644
--- a/epan/dissectors/packet-kerberos.c
+++ b/epan/dissectors/packet-kerberos.c
@@ -88,6 +88,7 @@
 #include <epan/conversation.h>
 #include <epan/emem.h>
 #include <epan/asn1.h>
+#include <epan/expert.h>
 #include <epan/dissectors/packet-kerberos.h>
 #include <epan/dissectors/packet-netbios.h>
 #include <epan/dissectors/packet-tcp.h>
@@ -545,13 +546,13 @@ decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
 {
 	krb5_error_code ret;
 	enc_key_t *ek;
-	static krb5_data data = {0,0,NULL};
+	krb5_data data = {0,0,NULL};
 	krb5_keytab_entry key;
 	int length = tvb_length(cryptotvb);
 	const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length);
 
 	/* don't do anything if we are not attempting to decrypt data */
-	if(!krb_decrypt){
+	if(!krb_decrypt || length < 1){
 		return NULL;
 	}
 
@@ -561,6 +562,8 @@ decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
 	}
 
 	read_keytab_file_from_preferences();
+        data.data = g_malloc(length);
+	data.length = length;
 
 	for(ek=enc_key_list;ek;ek=ek->next){
 		krb5_enc_data input;
@@ -574,21 +577,20 @@ decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
 		input.ciphertext.length = length;
 		input.ciphertext.data = (guint8 *)cryptotext;
 
-		data.length = length;
-		g_free(data.data);
-		data.data = g_malloc(length);
-
 		key.key.enctype=ek->keytype;
 		key.key.length=ek->keylength;
 		key.key.contents=ek->keyvalue;
 		ret = krb5_c_decrypt(krb5_ctx, &(key.key), usage, 0, &input, &data);
-		if((ret == 0) && (length>0)){
+		if(ret == 0){
 			char *user_data;
+                        
+                        expert_add_info_format(pinfo, NULL, PI_SECURITY, PI_CHAT,
+                                               "Decrypted keytype %d in frame %u using %s",
+                                               ek->keytype, pinfo->fd->num, ek->key_origin);
 
-printf("woohoo decrypted keytype:%d in frame:%u\n", ek->keytype, pinfo->fd->num);
 			proto_tree_add_text(tree, NULL, 0, 0, "[Decrypted using: %s]", ek->key_origin);
 			/* return a private g_malloced blob to the caller */
-			user_data=g_memdup(data.data, data.length);
+			user_data=data.data;
 			if (datalen) {
 				*datalen = data.length;
 			}
diff --git a/epan/expert.c b/epan/expert.c
index 636b513d5c..0d977ae621 100644
--- a/epan/expert.c
+++ b/epan/expert.c
@@ -56,7 +56,7 @@ const value_string expert_group_vals[] = {
 	{ PI_MALFORMED,		"Malformed" },
 	{ PI_DEBUG,		"Debug" },
 	{ PI_PROTOCOL,          "Protocol" },
-/*	{ PI_SECURITY,		"Security" },*/
+	{ PI_SECURITY,		"Security" },
 	{ 0, NULL }
 };
 
@@ -166,7 +166,7 @@ packet_info *pinfo, proto_item *pi, int group, int severity, const char *format,
 		highest_severity = severity;
 	}
 
-	if(pi != NULL && pi->finfo != NULL) {	
+	if(pi != NULL && pi->finfo != NULL) {
 		expert_set_item_flags(pi, group, severity);
 	}
 
diff --git a/epan/proto.h b/epan/proto.h
index 333bc234bb..a9ce7f29af 100644
--- a/epan/proto.h
+++ b/epan/proto.h
@@ -170,7 +170,7 @@ typedef enum {
 /* For FT_ABSOLUTE_TIME, the display format is ABSOLUTE_TIME_LOCAL if
  * the time is to be displayed as local time in our time zone or
  * ABSOLUTE_TIME_UTC if the time is to be displayed as UTC. */
- 
+
 typedef enum {
 	ABSOLUTE_TIME_LOCAL,
 	ABSOLUTE_TIME_UTC
@@ -334,7 +334,7 @@ typedef proto_node proto_item;
 /** The protocol field violates a protocol specification, usually PI_WARN */
 #define PI_PROTOCOL             0x00080000
 /* The protocol field indicates a security probem (e.g. unsecure implementation) */
-/*#define PI_SECURITY		0x00100000*/
+#define PI_SECURITY		0x00100000
 
 /* add more, see http://wiki.wireshark.org/Development/ExpertInfo */