diff options
author | Aurelien Aptel <aaptel@suse.com> | 2019-01-24 17:31:14 +0100 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2019-01-24 18:38:26 +0000 |
commit | bf208ab000857fe8d89393542ebd963a43b3db91 (patch) | |
tree | e153f4628a00325fa7543adfebce4bbf643ea949 /epan | |
parent | 557607271af98316ac2208a61bee1151e8dad196 (diff) |
smb2: add NULL checks
in incomplete traces, the saved packet data (ssi) might be NULL. This
would trigger segfaults.
Sample problematic capture:
https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=smb-on-windows-10.pcapng
Change-Id: I3e40efa34396d2ffe5bd75fb4250c7ccf0cb6b93
Reviewed-on: https://code.wireshark.org/review/31722
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/packet-smb2.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/epan/dissectors/packet-smb2.c b/epan/dissectors/packet-smb2.c index 5b25900642..4fc803fe42 100644 --- a/epan/dissectors/packet-smb2.c +++ b/epan/dissectors/packet-smb2.c @@ -3152,7 +3152,7 @@ dissect_smb2_session_setup_request(tvbuff_t *tvb, packet_info *pinfo, proto_tree } } - if (!pinfo->fd->visited) { + if (!pinfo->fd->visited && ssi) { /* compute preauth hash on first pass */ /* start from last preauth hash of the connection if 1st request */ @@ -3164,7 +3164,7 @@ dissect_smb2_session_setup_request(tvbuff_t *tvb, packet_info *pinfo, proto_tree memcpy(ssi->preauth_hash_req, si->conv->preauth_hash_current, SMB2_PREAUTH_HASH_SIZE); } - if (ssi->preauth_hash_req) { + if (ssi && ssi->preauth_hash_req) { hash_item = proto_tree_add_bytes_with_length(tree, hf_smb2_preauth_hash, tvb, 0, tvb_captured_length(tvb), ssi->preauth_hash_req, SMB2_PREAUTH_HASH_SIZE); @@ -3359,7 +3359,7 @@ dissect_smb2_session_setup_response(tvbuff_t *tvb, packet_info *pinfo, proto_tre } /* compute preauth hash on first pass */ - if (!pinfo->fd->visited) { + if (!pinfo->fd->visited && ssi) { ssi->preauth_hash_res = (guint8*)wmem_alloc0(wmem_file_scope(), SMB2_PREAUTH_HASH_SIZE); /* * Preauth hash can only be used if the session is @@ -3386,7 +3386,7 @@ dissect_smb2_session_setup_response(tvbuff_t *tvb, packet_info *pinfo, proto_tre memcpy(ssi->preauth_hash_res, si->conv->preauth_hash_current, SMB2_PREAUTH_HASH_SIZE); } - if (ssi->preauth_hash_res) { + if (ssi && ssi->preauth_hash_res) { hash_item = proto_tree_add_bytes_with_length(tree, hf_smb2_preauth_hash, tvb, 0, tvb_captured_length(tvb), ssi->preauth_hash_res, SMB2_PREAUTH_HASH_SIZE); @@ -4514,7 +4514,7 @@ dissect_smb2_negotiate_protocol_request(tvbuff_t *tvb, packet_info *pinfo _U_, p smb2_saved_info_t *ssi = si->saved; /* compute preauth hash on first pass */ - if (!pinfo->fd->visited) { + if (!pinfo->fd->visited && ssi) { ssi->preauth_hash_req = (guint8*)wmem_alloc0(wmem_file_scope(), SMB2_PREAUTH_HASH_SIZE); memset(si->conv->preauth_hash_ses, 0, SMB2_PREAUTH_HASH_SIZE); memset(si->conv->preauth_hash_con, 0, SMB2_PREAUTH_HASH_SIZE); @@ -4523,7 +4523,7 @@ dissect_smb2_negotiate_protocol_request(tvbuff_t *tvb, packet_info *pinfo _U_, p memcpy(ssi->preauth_hash_req, si->conv->preauth_hash_current, SMB2_PREAUTH_HASH_SIZE); } - if (ssi->preauth_hash_req) { + if (ssi && ssi->preauth_hash_req) { hash_item = proto_tree_add_bytes_with_length(tree, hf_smb2_preauth_hash, tvb, 0, tvb_captured_length(tvb), @@ -4613,7 +4613,7 @@ dissect_smb2_negotiate_protocol_response(tvbuff_t *tvb, packet_info *pinfo, prot smb2_saved_info_t *ssi = si->saved; /* compute preauth hash on first pass */ - if (!pinfo->fd->visited) { + if (!pinfo->fd->visited && ssi) { ssi->preauth_hash_res = (guint8*)wmem_alloc0(wmem_file_scope(), SMB2_PREAUTH_HASH_SIZE); update_preauth_hash(si->conv->preauth_hash_current, tvb); memcpy(ssi->preauth_hash_res, si->conv->preauth_hash_current, SMB2_PREAUTH_HASH_SIZE); @@ -4627,7 +4627,7 @@ dissect_smb2_negotiate_protocol_response(tvbuff_t *tvb, packet_info *pinfo, prot si->conv->preauth_hash_current = si->conv->preauth_hash_ses; } - if (ssi->preauth_hash_res) { + if (ssi && ssi->preauth_hash_res) { hash_item = proto_tree_add_bytes_with_length(tree, hf_smb2_preauth_hash, tvb, 0, tvb_captured_length(tvb), |