diff options
author | gerald <gerald@f5534014-38df-0310-8fa8-9805f1628bb7> | 2010-01-19 19:28:30 +0000 |
---|---|---|
committer | gerald <gerald@f5534014-38df-0310-8fa8-9805f1628bb7> | 2010-01-19 19:28:30 +0000 |
commit | 315fa5ca83b7a1d6171c2923eae1f853ec264322 (patch) | |
tree | 56b4aa9c30bcc3396c879fad1a874f5427cae222 /epan | |
parent | fe1d629e39695807ca3a709d549cdfc9ce27867b (diff) |
Fix a double-free bug which was causing a crash. Our decryption buffer
length doesn't change, so allocate it just once. Add an expert item for
a successful decryption.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@31571 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/packet-kerberos.c | 20 | ||||
-rw-r--r-- | epan/expert.c | 4 | ||||
-rw-r--r-- | epan/proto.h | 4 |
3 files changed, 15 insertions, 13 deletions
diff --git a/epan/dissectors/packet-kerberos.c b/epan/dissectors/packet-kerberos.c index 13294ecb5e..6969887f6e 100644 --- a/epan/dissectors/packet-kerberos.c +++ b/epan/dissectors/packet-kerberos.c @@ -88,6 +88,7 @@ #include <epan/conversation.h> #include <epan/emem.h> #include <epan/asn1.h> +#include <epan/expert.h> #include <epan/dissectors/packet-kerberos.h> #include <epan/dissectors/packet-netbios.h> #include <epan/dissectors/packet-tcp.h> @@ -545,13 +546,13 @@ decrypt_krb5_data(proto_tree *tree, packet_info *pinfo, { krb5_error_code ret; enc_key_t *ek; - static krb5_data data = {0,0,NULL}; + krb5_data data = {0,0,NULL}; krb5_keytab_entry key; int length = tvb_length(cryptotvb); const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length); /* don't do anything if we are not attempting to decrypt data */ - if(!krb_decrypt){ + if(!krb_decrypt || length < 1){ return NULL; } @@ -561,6 +562,8 @@ decrypt_krb5_data(proto_tree *tree, packet_info *pinfo, } read_keytab_file_from_preferences(); + data.data = g_malloc(length); + data.length = length; for(ek=enc_key_list;ek;ek=ek->next){ krb5_enc_data input; @@ -574,21 +577,20 @@ decrypt_krb5_data(proto_tree *tree, packet_info *pinfo, input.ciphertext.length = length; input.ciphertext.data = (guint8 *)cryptotext; - data.length = length; - g_free(data.data); - data.data = g_malloc(length); - key.key.enctype=ek->keytype; key.key.length=ek->keylength; key.key.contents=ek->keyvalue; ret = krb5_c_decrypt(krb5_ctx, &(key.key), usage, 0, &input, &data); - if((ret == 0) && (length>0)){ + if(ret == 0){ char *user_data; + + expert_add_info_format(pinfo, NULL, PI_SECURITY, PI_CHAT, + "Decrypted keytype %d in frame %u using %s", + ek->keytype, pinfo->fd->num, ek->key_origin); -printf("woohoo decrypted keytype:%d in frame:%u\n", ek->keytype, pinfo->fd->num); proto_tree_add_text(tree, NULL, 0, 0, "[Decrypted using: %s]", ek->key_origin); /* return a private g_malloced blob to the caller */ - user_data=g_memdup(data.data, data.length); + user_data=data.data; if (datalen) { *datalen = data.length; } diff --git a/epan/expert.c b/epan/expert.c index 636b513d5c..0d977ae621 100644 --- a/epan/expert.c +++ b/epan/expert.c @@ -56,7 +56,7 @@ const value_string expert_group_vals[] = { { PI_MALFORMED, "Malformed" }, { PI_DEBUG, "Debug" }, { PI_PROTOCOL, "Protocol" }, -/* { PI_SECURITY, "Security" },*/ + { PI_SECURITY, "Security" }, { 0, NULL } }; @@ -166,7 +166,7 @@ packet_info *pinfo, proto_item *pi, int group, int severity, const char *format, highest_severity = severity; } - if(pi != NULL && pi->finfo != NULL) { + if(pi != NULL && pi->finfo != NULL) { expert_set_item_flags(pi, group, severity); } diff --git a/epan/proto.h b/epan/proto.h index 333bc234bb..a9ce7f29af 100644 --- a/epan/proto.h +++ b/epan/proto.h @@ -170,7 +170,7 @@ typedef enum { /* For FT_ABSOLUTE_TIME, the display format is ABSOLUTE_TIME_LOCAL if * the time is to be displayed as local time in our time zone or * ABSOLUTE_TIME_UTC if the time is to be displayed as UTC. */ - + typedef enum { ABSOLUTE_TIME_LOCAL, ABSOLUTE_TIME_UTC @@ -334,7 +334,7 @@ typedef proto_node proto_item; /** The protocol field violates a protocol specification, usually PI_WARN */ #define PI_PROTOCOL 0x00080000 /* The protocol field indicates a security probem (e.g. unsecure implementation) */ -/*#define PI_SECURITY 0x00100000*/ +#define PI_SECURITY 0x00100000 /* add more, see http://wiki.wireshark.org/Development/ExpertInfo */ |