| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
When preparing to decompress the encoded tree size is the minimum input
size. When not met the return value (FALSE) would still indicate success,
being value 0. This could lead to NULL pointer dereference later on.
Change the return value to -1 to match the function return type.
Change-Id: Ie81d98f55af33518a34bc0b79c29450064886bc3
Reviewed-on: https://code.wireshark.org/review/34818
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I1e809aa09355a7e7235a41a903c6b4adf7df446a
Reviewed-on: https://code.wireshark.org/review/34174
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Sadly, index() is still defined to be a function in some UN*Xes, for
backwards compatibility with V7, where the function now known as
strchr() was called index(); pick another name for variables named
"index".
wmem_array_get_count() returns a guint; store its value in a guint.
That also means its return value is never negative.
Change-Id: I357dcda9297f242355ef1ad8d2f1f192a0b5bb5f
Reviewed-on: https://code.wireshark.org/review/34132
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Id2b36454e678151ea5948f8e068ef400dd562188
Reviewed-on: https://code.wireshark.org/review/33985
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
clang errs about the stack frame size being too big.
* use indexes instead of pointers
* use guint8 instead of gboolean (== int)
* remplace hard coded 512 with #define
Change-Id: Idae70677f20e88ac8bba93899573e0137b9a3d7e
Fixes: 0db39ae59a ("smb2: add support for decompression")
Reviewed-on: https://code.wireshark.org/review/33965
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Clang 8 emits a false positive when the first subobject of a structure
within another structure is not a signed integer. As workaround, shuffle
the struct member such that the first subobject is not a structure. See
https://bugs.llvm.org/show_bug.cgi?id=39931
Change-Id: Ic49413c202abb60a5782f9dbe99921e766b0153e
Reviewed-on: https://code.wireshark.org/review/33956
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Aurélien Aptel <aaptel@suse.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
The latest iteration of Microsoft updates to SMB3 added compression to
the protocol. This commit implements decompressing and dissecting
compressed payloads.
The compression algorithms that can be used are "Plain LZ77",
"LZ77+Huffman" and "LZNT1" which you can read more about in the
[MS-XCA] documentation. This set of algorithm is sometimes referred to
as XPRESS.
This commit reuses the existing uncompression API scheme already in
place with zlib and brotli and adds 3 tvb_uncompress_*() function
implemented in:
* epan/tvbuff_lz77.c
* epan/tvbuff_lz77huff.c
* epan/tvbuff_lznt1.c
A new function wmem_array_try_index() was added to the wmem_array API
to make bound checked reads that fail gracefully. New tests for it
have been added as well.
Since both reads (tvb) and writes (wmem_array) are bound checked the
risk for buffer overruns is drastically reduced. LZ77+Huffman has
decoding tables and special care was taken to bound check these.
Simplified versions of the implementations were succesfully tested
against AFL (American Fuzzy Lop) for ~150 millions executions each.
The SMB2/3 dissector was changed to deal with the new transform header
for compressed packets (new protocol_id value) and READ request
flags (COMPRESSED). Badly compressed or encrypted packets are now
reported as such, and the decryption test suite was changed to reflect
that.
This commit also adds a test capture with 1 packet compressed with
each algorithm as returned by Windows Server 2019, along with 3
matching tests in test/suite_dissection.py
Change-Id: I2b84f56541f2f4ee7d886152794b993987dd10e7
Reviewed-on: https://code.wireshark.org/review/33855
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
