Re: [Wireshark-commits] rev 50836: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-mongo.c

[Alexis La Goutte <alexis.lagoutte () gmail com>]

On Tue, Jul 23, 2013 at 5:08 PM, Alexis La Goutte <alexis.lagoutte () gmail com
> wrote:

> On Tue, Jul 23, 2013 at 5:03 PM, Maynard, Chris <
> Christopher.Maynard () gtech com> wrote:
>
> > From doc/README.dissector, it seems like passing -1 for the length should
> > work:
>
> It works in 1.8.x...
> I am trying to make a git bisect to find the source of this problem...

Result of bisect :
0e61a0ec05b5ce40172d017e5fca853529d604bc is the first bad commit =>
Revision 49644 (
http://anonsvn.wireshark.org/viewvc?revision=49644&view=revision )

Author: Jeff Morriss <jeff.morriss.ws () gmail com>
Date:   Fri May 31 01:46:28 2013 +0000

    (Finally!) check in part of Didier's patch to fix
    https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3290
    (TRY_TO_FAKE_THIS_ITEM disables bounds errors):

    Before calling TRY_TO_FAKE_THIS_ITEM() check if the length given (or, in
    the case of FT_UINT_{STRING,BYTES}, the length we retrieve from the TVB)
    exceeds what's left in the TVB.

    Do this only for proto_tree_add_item() for now (it's the most commonly
used
    and thus the biggest trouble maker in this area).

    Similar changes for other APIs will come later (if nothing blows up).
Despite
    the fuzz failures this bug has caused I'm not sure about back-porting
it...




> Regards,
>
> >     FT_STRINGZ  A NULL-terminated string of characters.
> >                 The string length is normally the length
> >                 given in the proto_tree_add_item() call.
> >                 However if the length given in the call
> >                 is -1, then the length used is that
> >                 returned by calling tvb_strsize().
> >
> > If not, does the documentation need updating?
> > - Chris
> >
> > -----Original Message-----
> > From: wireshark-commits-bounces () wireshark org [mailto:
> > wireshark-commits-bounces () wireshark org] On Behalf Of
> > jmayer () wireshark org
> > Sent: Tuesday, July 23, 2013 9:39 AM
> > To: wireshark-commits () wireshark org
> > Subject: [Wireshark-commits] rev 50836: /trunk/epan/dissectors/
> > /trunk/epan/dissectors/: packet-mongo.c
> >
> > http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=50836
> >
> > User: jmayer
> > Date: 2013/07/23 06:38 AM
> >
> > Log:
> >  Fix for Bug 8960 - All mongodb query show as [Malformed Packet: MONGO]
> >
> >  proto_tree_add_item doesn't link to be called with FT_STRINGZ and length
> > -1.
> >
> > Directory: /trunk/epan/dissectors/
> >   Changes    Path              Action
> >   +1 -1      packet-mongo.c    Modified
> >
> > --
> >
> > CONFIDENTIALITY NOTICE: The information contained in this email message
> > is intended only for use of the intended recipient. If the reader of this
> > message is not the intended recipient, you are hereby notified that any
> > dissemination, distribution or copying of this communication is strictly
> > prohibited. If you have received this communication in error, please
> > immediately delete it from your system and notify the sender by replying to
> > this email.  Thank you.
> >
> > ___________________________________________________________________________
> > Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> > Archives:    http://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >              mailto:wireshark-dev-request () wireshark org
> > ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe