[Wireshark-bugs] [Bug 12681] New: Buildbot crash output: fuzz-2016-07-28-14141.pcap

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12681

Bug ID: 12681
   Summary: Buildbot crash output: fuzz-2016-07-28-14141.pcap
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
   URL: https://www.wireshark.org/download/automated/captures/
fuzz-2016-07-28-14141.pcap
OS: Ubuntu
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: buildbot-do-not-re...@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-07-28-14141.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/.cap

Build host information:
Linux wsbb04 3.13.0-92-generic #139-Ubuntu SMP Tue Jun 28 20:42:26 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:Ubuntu
Description:Ubuntu 14.04.4 LTS
Release:14.04
Codename:trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=12
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-2.2/
BUILDBOT_BUILDERNAME=Fuzz Test
BUILDBOT_SLAVENAME=fuzz-test
BUILDBOT_GOT_REVISION=6eebb5aa8b8590233d625a9a8e2f0012579c79fe

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Git commit
commit 6eebb5aa8b8590233d625a9a8e2f0012579c79fe
Author: Peter Wu 
Date:   Tue Jul 26 00:14:40 2016 +0200

ssl-utils: ensure that the cipher suite matches decoder

When the cipher suite for the current decryption session is changed via
a Server Hello, it should not change the cipher suite field of the
decoder. Otherwise there is a mismatch between the cipher suite and the
capabilities of the decoder.

Fix this issue by making the decoder hold a pointer to the (constant)
SslCipherSuite structure rather than making a copy (and have the decoder
point to that data).

I also considered resetting the decoder once the cipher suite changes in
the Server Hello, but that breaks renegotiation.

Bug: 12665
Change-Id: Ieff38a535cd111d95933ec383378643b6fbab7bf
Reviewed-on: https://code.wireshark.org/review/16674
Reviewed-by: Pascal Quantin 
Petri-Dish: Pascal Quantin 
Tested-by: Petri Dish Buildbot 
Reviewed-by: Peter Wu 
(cherry picked from commit ae0f130582c36978908a965aed32e446ba8d40db)
Reviewed-on: https://code.wireshark.org/review/16716


==14196== Memcheck, a memory error detector
==14196== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==14196== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==14196== Command:
/home/wireshark/builders/wireshark-2.2-fuzz/fuzztest/install/bin/tshark -nr
/fuzz/buildbot/fuzztest/valgrind-fuzz-2.2/fuzz-2016-07-28-14141.pcap
==14196== 
==14196== 
==14196== HEAP SUMMARY:
==14196== in use at exit: 1,511,676 bytes in 39,714 blocks
==14196==   total heap usage: 264,741 allocs, 225,027 frees, 30,438,535 bytes
allocated
==14196== 
==14196== LEAK SUMMARY:
==14196==definitely lost: 332,918 bytes in 148 blocks
==14196==indirectly lost: 725,246 bytes in 29,927 blocks
==14196==  possibly lost: 0 bytes in 0 blocks
==14196==still reachable: 453,512 bytes in 9,639 blocks
==14196== suppressed: 0 bytes in 0 blocks
==14196== Rerun with --leak-check=full to see details of leaked memory
==14196== 
==14196== For counts of detected and suppressed errors, rerun with: -v
==14196== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12676] Dissector bug, protocol CIP: C:\buildbot\wireshark

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12676

Michael Mann  changed:

   What|Removed |Added

 Status|UNCONFIRMED |CONFIRMED
 CC||mman...@netscape.net
 Ever confirmed|0   |1

--- Comment #1 from Michael Mann  ---
Yes, I've run into this as well (on master)

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12680] packet-ssl-utils compile error without HAVE_LIBGCRYPT

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12680

--- Comment #1 from Gerrit Code Review  ---
Change 16742 had a related patch set uploaded by Kim Kempf:
Fixed compile error in packet-ssl-utils.c when HAVE_LIBCRYPT not defined

https://code.wireshark.org/review/16742

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12680] New: packet-ssl-utils compile error without HAVE_LIBGCRYPT

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12680

Bug ID: 12680
   Summary: packet-ssl-utils compile error without HAVE_LIBGCRYPT
   Product: Wireshark
   Version: Git
  Hardware: All
OS: All
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: kkapcon...@gmail.com

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
commit 62eb42:

compile error due to undeclared variable

ssl_find_cipher() 'cs' undeclared if ! HAVE_LIBCRYPT

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12679] New: Pop up toolbars have inconsistent responses to using Enter to select default button

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12679

Bug ID: 12679
   Summary: Pop up toolbars have inconsistent responses to using
Enter to select default button
   Product: Wireshark
   Version: 2.1.x (Experimental)
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Trivial
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: be...@netdetect.co

Build Information:
Version 2.1.1 (v2.1.1-0-g06ba81b from master)

Copyright 1998-2016 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.1, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.11.0, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 10, build 10586, with locale English_United
States.1252, with WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based
on libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with
Gcrypt 1.6.2, with AirPcap 4.1.3 build 3348.
Intel(R) Core(TM) i7-4650U CPU @ 1.70GHz (with SSE4.2), with 3071MB of physical
memory.


Built using Microsoft Visual C++ 12.0 build 40629

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
Ctrl-f and Ctrl-g bring up temporary toolbars. When you input your
filter/string/packet number and hit Enter, the default button (Go to Packet,
for example) is selected. ie, you can complete the selection without leaving
the keyboard.

The save filter expression toolbar does not work in the same manner.  When you
use the + button to save a filter, and you type in the label, the instinct is
to hit Enter to complete - you're already on the keyboard.  But even though the
OK button is outlined in blue (designating it as the default) nothing happens
when you hit Enter.

It would save time to not have to leave the keyboard and use the mouse to click
OK.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12678] Compress with gzip by default

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12678

Guy Harris  changed:

   What|Removed |Added

   Hardware|x86 |All
 OS|Windows 10  |All
   Severity|Trivial |Enhancement

--- Comment #1 from Guy Harris  ---
Not all software that can read pcap files can transparently uncompress them,
and not all pcap files are large enough that they really *need* to be
compressed.

Perhaps providing a preference, or defaulting to the individual user's last
choice, would make sense, but I don't think making *everybody's* default
compressed the right choice.

(And what if we end up supporting multiple forms of compression, such as bzip2
and xz?)

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12522] Double escaping of backslash in Regex required

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12522

Betty DuBois  changed:

   What|Removed |Added

 CC||be...@netdetect.co

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12677] "Print | Output to file:" does not exist in the QT version

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12677

Gerald Combs  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 Resolution|--- |FIXED

--- Comment #1 from Gerald Combs  ---
You should be able to use "File→Export Packet Dissections→As Plain Text…" in
both the Qt and GTK+ interfaces. The fact that you can export to a file from
the GTK+ print dialog is mostly an accident of us having to write a custom
print dialog many years ago. 

However, it looks like we've somehow managed to generate slightly different
output using the three methods. Using a test capture here, "File→Export" in the
GTK+ UI adds an extra space to the end of the summary line. "File→Export" in
the Qt UI prints the "Coloring Rule" lines for all packets, whereas the GTK+ UI
doesn't. I'm marking this as "fixed" since the original issue should be taken
care of. We can open a separate bug for the differences in output if it's a
significant issue.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12678] New: Compress with gzip by default

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12678

Bug ID: 12678
   Summary: Compress with gzip by default
   Product: Wireshark
   Version: 2.1.x (Experimental)
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Trivial
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: be...@netdetect.co

Build Information:
Version 2.1.1 (v2.1.1-0-g06ba81b from master)

Copyright 1998-2016 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.12.16, with Pango 1.36.8,
with
WinPcap (4_1_3), with GLib 2.42.0, with zlib 1.2.8, with SMI 0.4.8, with c-ares
1.11.0, with Lua 5.2, with GnuTLS 3.2.15, with Gcrypt 1.6.2, with MIT Kerberos,
with GeoIP, with PortAudio V19-devel (built Jul 14 2016), with AirPcap.

Running on 64-bit Windows 10, build 10586, with locale English_United
States.1252, with WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based
on libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with
Gcrypt 1.6.2, with AirPcap 4.1.3 build 3348.
Intel(R) Core(TM) i7-4650U CPU @ 1.70GHz (with SSE4.2), with 3071MB of physical
memory.


Built using Microsoft Visual C++ 12.0 build 40629

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
File | Save, and File | Export Specified Packets have a checkbox option to
compress the new file with gzip.  I think it should be checked by default.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12677] New: "Print | Output to file:" does not exist in the QT version

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12677

Bug ID: 12677
   Summary: "Print | Output to file:" does not exist in the QT
version
   Product: Wireshark
   Version: 2.1.x (Experimental)
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Enhancement
  Priority: Low
 Component: Qt UI
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: be...@netdetect.co

Build Information:
Version 2.1.1 (v2.1.1-0-g06ba81b from master)

Copyright 1998-2016 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.12.16, with Pango 1.36.8,
with
WinPcap (4_1_3), with GLib 2.42.0, with zlib 1.2.8, with SMI 0.4.8, with c-ares
1.11.0, with Lua 5.2, with GnuTLS 3.2.15, with Gcrypt 1.6.2, with MIT Kerberos,
with GeoIP, with PortAudio V19-devel (built Jul 14 2016), with AirPcap.

Running on 64-bit Windows 10, build 10586, with locale English_United
States.1252, with WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based
on libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with
Gcrypt 1.6.2, with AirPcap 4.1.3 build 3348.
Intel(R) Core(TM) i7-4650U CPU @ 1.70GHz (with SSE4.2), with 3071MB of physical
memory.


Built using Microsoft Visual C++ 12.0 build 40629

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
In the GTK version, you can print the packet list (or details, or hex). This is
great when you want to export the data to a file and either bring it into Excel
or a script, and do data manipulation.

Qt only offers to print with the OS options, and importing into Excel from a
PDF is not as easy/intuitive.

Please add Output to file to the Qt version.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12676] New: Dissector bug, protocol CIP: C:\buildbot\wireshark

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12676

Bug ID: 12676
   Summary: Dissector bug, protocol CIP: C:\buildbot\wireshark
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
OS: Windows 7
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: tims...@gmail.com

Created attachment 14770
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=14770&action=edit
pcap with error

Build Information:
Version 2.0.5 (v2.0.5-0-ga3be9c6 from master-2.0)

Copyright 1998-2016 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with WinPcap (4_1_3), with libz 1.2.8, with
GLib 2.42.0, with SMI 0.4.8, with c-ares 1.11.0, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with locale
English_United States.1252, with WinPcap version 4.1.3 (packet.dll version
4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with
GnuTLS 3.2.15, with Gcrypt 1.6.2, without AirPcap.
   Intel(R) Xeon(R) CPU E5-1620 0 @ 3.60GHz (with SSE4.2), with 8149MB of
physical memory.


Built using Microsoft Visual C++ 12.0 build 40629

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
I was using 2.0.2 earlier today and was dissecting CIP ETHERNET/IP industrial
protocol without issue.  I upgraded to 2.0.5 and the same pcap is now showing:

[Dissector bug, protocol CIP:
C:\buildbot\wireshark\wireshark-2.0-64\windows-2012r2-x64\build\epan\tvbuff.c:532:
failed assertion "tvb && tvb->initialized"]

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12671] IPsec ESP decryption fails (regression)

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12671

--- Comment #7 from Gerrit Code Review  ---
Change 16733 had a related patch set uploaded by Gerald Combs:
Add an ESP decryption test.

https://code.wireshark.org/review/16733

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12675] New: PMKID is incorrectly decoded under RSN Vendor specific IE in EAPOL packet 1

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12675

Bug ID: 12675
   Summary: PMKID is incorrectly decoded under RSN Vendor specific
IE in EAPOL packet 1
   Product: Wireshark
   Version: 2.1.x (Experimental)
  Hardware: x86
OS: Windows 7
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: padmaja...@gmail.com

Created attachment 14769
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=14769&action=edit
Packet capture

Build Information:
Version 2.1.1 (v2.1.1-0-g06ba81b from master)

Copyright 1998-2016 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.1, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.11.0, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with locale
English_United States.1252, with WinPcap version 4.1.3 (packet.dll version
4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with
GnuTLS 3.2.15, with Gcrypt 1.6.2, without AirPcap.
Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz (with SSE4.2), with 7888MB of physical
memory.


Built using Microsoft Visual C++ 12.0 build 40629

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
Summary:
===
PMKID is incorrectly decoded under RSN Vendor specific IE in EAPOL packet 1

Attachments:

PFA packet capture

Issue:
==
PMKID is supposed to be "4c44fef26cdc56ce0b37abc632024f11", but is decoded as
"044c44fef26cdc56ce0b37abc632024f".

*** It prepeends the length byte and excludes last byte.

Reassoc req:

Tag: RSN Information
Tag Number: RSN Information (48)
Tag length: 38
RSN Version: 1
Group Cipher Suite: 00-0f-ac AES (CCM)
Pairwise Cipher Suite Count: 1
Pairwise Cipher Suite List 00-0f-ac AES (CCM)
Auth Key Management (AKM) Suite Count: 1
Auth Key Management (AKM) List 00-0f-ac WPA
RSN Capabilities: 0x
PMKID Count: 1
PMKID List
PMKID: 4c44fef26cdc56ce0b37abc632024f11
Tag: Extended Supported Rates 6, 9, 12, 48, [Mbit/sec]
Tag: Extended Capabilities (8 octets)
Tag: Vendor Specific: Broadcom

EAPOL Frame1:

Tag: Vendor Specific: Ieee8021: RSN
Tag Number: Vendor Specific (221)
Tag length: 20
OUI: 00-0f-ac
Vendor Specific OUI Type: 4
RSN PMKID: 044c44fef26cdc56ce0b37abc632024f

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12525] Filter for field name tcp.options.wscale.multiplier cannot exceed 255

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12525

Gerald Combs  changed:

   What|Removed |Added

Summary|filter for fieldname|Filter for field name
   |tcp.options.wscale.multipli |tcp.options.wscale.multipli
   |er cannot exceed 255|er cannot exceed 255

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 9014] TShark crashes with option "-z io, stat, ..." in the presence of negative relative packet timestamps

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9014

Gerald Combs  changed:

   What|Removed |Added

Summary|crashes with option "-z |TShark crashes with option
   |io,stat,..." in the |"-z io,stat,..." in the
   |presence of negative|presence of negative
   |relative packet timestamps  |relative packet timestamps

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12582] (Qt5) app menus won't pull down

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12582

--- Comment #3 from Gerald Combs  ---
We currently call the main window's show() function at line 503 in
wireshark-qt.cpp. We might need to add calls to activateWindow() and raise() as
well.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12067] Unable to resize the packet list pane, packet details pane

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12067

--- Comment #16 from Gerald Combs  ---
(In reply to Matt Day from comment #15)
> (In reply to Gerald Combs from comment #12)

> > - It uses --with-qt and --with-qt4 instead of --with-qt5 and --with-qt to
> > install with Qt5 and Qt4 respectively.
> 
> Could you please clarify this point? Are you saying that it's necessary to
> specify BOTH --with-qt and --with-qt{4,5} when running Wireshark's configure?

I'm saying that the unversioned --with-qt option should build with Qt5. That
is, the options

  --with-qt  (builds with Qt4)
  --with-qt5 (builds with Qt5)

should be changed to

  --with-qt  (builds with Qt5)
  --with-qt4 (builds with Qt4)

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12671] IPsec ESP decryption fails (regression)

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12671

Gerald Combs  changed:

   What|Removed |Added

 Status|RESOLVED|INCOMPLETE
 Resolution|FIXED   |---
 Ever confirmed|0   |1

--- Comment #6 from Gerald Combs  ---
Marking as INCOMPLETE since the attached capture+keys would be a good candidate
for test/suite-decryption.sh.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12674] ISUP: add dissection of "Carrier Identification" (0xc5) parameter

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12674

--- Comment #5 from Pavel Sindelka  ---
> If this is a wrongly decoded information element, it should be a "normal" bug.

It seemed first to be this case but after re-reading the standard it came out
to be a bug between the screen and the chair. Forget it.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12674] ISUP: add dissection of "Carrier Identification" (0xc5) parameter

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12674

Pascal Quantin  changed:

   What|Removed |Added

 Status|UNCONFIRMED |CONFIRMED
 Ever confirmed|0   |1

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12674] ISUP: add dissection of "Carrier Identification" (0xc5) parameter

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12674

--- Comment #4 from Pascal Quantin  ---
(In reply to Pavel Sindelka from comment #3)
> OK, so an EOF or even LF are not nice enough. Understood, but I'd still
> prefer to see the code fixed rather than the documentation extended.

Well, one might consider this as a bug but what I'm describing is the expected
format for all text2pcap inputs since years (AFAIK). The sample on text2pcap
manpage adds another line offset which is also a way to manage this.

> There is another bug in the same dissector regarding dissection of
> Jurisdiction Information - should I extend this one or file a separate one?

You do not give details about the issue, but it probably deserves a new bug. if
this is an information element that is not dissected yet, it should be an
enhancement bug. If this is a wrongly decoded information element, it should be
a "normal" bug.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12674] ISUP: add dissection of "Carrier Identification" (0xc5) parameter

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12674

--- Comment #3 from Pavel Sindelka  ---
> Would have been easier to attach the pcapng file directly :)

Not always, e.g. not if you already have the dump open in an editor so that you
could play around with bit values to check whether the dissector doesn't like
some of them more than others :)

> This is due to a missing space at the end of the previous packet dump
OK, so an EOF or even LF are not nice enough. Understood, but I'd still prefer
to see the code fixed rather than the documentation extended.

There is another bug in the same dissector regarding dissection of Jurisdiction
Information - should I extend this one or file a separate one?

P.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12674] ISUP: add dissection of "Carrier Identification" (0xc5) parameter

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12674

--- Comment #2 from Pascal Quantin  ---
Created attachment 14768
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=14768&action=edit
Pcapng file

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12674] ISUP: add dissection of "Carrier Identification" (0xc5) parameter

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12674

Pascal Quantin  changed:

   What|Removed |Added

Summary|ISUP dissector does not |ISUP: add dissection of
   |handle the "Carrier |"Carrier Identification"
   |Identification" (0xc5)  |(0xc5) parameter
   |parameter properly  |
   Severity|Normal  |Enhancement

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12674] ISUP dissector does not handle the "Carrier Identification" (0xc5) parameter properly

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12674

Pascal Quantin  changed:

   What|Removed |Added

 CC||pascal.quan...@gmail.com

--- Comment #1 from Pascal Quantin  ---
(In reply to Pavel Sindelka from comment #0)
> Build Information:
> Version 2.0.4 (v2.0.4-0-gdd7746e from master-2.0)
> 
> Copyright 1998-2016 Gerald Combs  and contributors.
> License GPLv2+: GNU GPL version 2 or later
> 
> This is free software; see the source for copying conditions. There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
> 
> Compiled (64-bit) with Qt 5.3.2, with WinPcap (4_1_3), with libz 1.2.8, with
> GLib 2.42.0, with SMI 0.4.8, with c-ares 1.11.0, with Lua 5.2, with GnuTLS
> 3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
> with AirPcap.
> 
> Running on 64-bit Windows 10, build 10586, with locale C, with Npcap version
> 0.07, based on WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based
> on
> libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with
> Gcrypt
> 1.6.2, without AirPcap.
>Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz (with SSE4.2), with 8141MB of
> physical memory.
> 
> 
> Built using Microsoft Visual C++ 12.0 build 40629
> 
> Wireshark is Open Source Software released under the GNU General Public
> License.
> 
> --
> Hi,
> 
> in particular, the parameter c5 03 22 40 23 gets dissected as:
> --
> Parameter Type unknown/reserved (3 Bytes)
> Optional Parameter: Carrier identification (197)
> Parameter Length: 3
> --
> So nothing about the value in the dissection pane, and the text item in the
> tree reads "unknown/reserved" although the parameter name is identified
> properly as "Carrier Identification" in the subtree item.
> 
> The missing dissection of the parameter value is
> 0...  = spare
> .010  = Type of Network: National
>  0010 = Network Identification Plan: 4-digit carrier identification
> Carrier Identification: 0432
>   = Address signal digit: 0 (0)
> 0100  = Address signal digit: 4 (4)
>  0011 = Address signal digit: 3 (3)
> 0010  = Address signal digit: 2 (2)
> Carrier Identfication digits: 0432
> 
> The reference is available here:
> ftp://ftp.3gpp2.org/Archive/TSGN%20(inactive)/Working/2001/2001_02_Chandler/
> Opening_Plenary/fyi%20T1%20Ballots/T1.113Ballot.pdf
> 
> A hex dump (to be imported using encapsulation type "Wireshark Upper PDU
> export") of an example frame follows:

Would have been easier to attach the pcapng file directly :)

> 
> (the last line, 00 00, is a workaround of the bug of import from hex
> which causes the last octet of the last frame to be omitted during import).

This is due to a missing space at the end of the previous packet dump

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12674] New: ISUP dissector does not handle the "Carrier Identification" (0xc5) parameter properly

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12674

Bug ID: 12674
   Summary: ISUP dissector does not handle the "Carrier
Identification" (0xc5) parameter properly
   Product: Wireshark
   Version: 2.0.4
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Normal
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: sinde...@marconi.ttc.cz

Build Information:
Version 2.0.4 (v2.0.4-0-gdd7746e from master-2.0)

Copyright 1998-2016 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with WinPcap (4_1_3), with libz 1.2.8, with
GLib 2.42.0, with SMI 0.4.8, with c-ares 1.11.0, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 10, build 10586, with locale C, with Npcap version
0.07, based on WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based on
libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with
Gcrypt
1.6.2, without AirPcap.
   Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz (with SSE4.2), with 8141MB of
physical memory.


Built using Microsoft Visual C++ 12.0 build 40629

Wireshark is Open Source Software released under the GNU General Public
License.

--
Hi,

in particular, the parameter c5 03 22 40 23 gets dissected as:
--
Parameter Type unknown/reserved (3 Bytes)
Optional Parameter: Carrier identification (197)
Parameter Length: 3
--
So nothing about the value in the dissection pane, and the text item in the
tree reads "unknown/reserved" although the parameter name is identified
properly as "Carrier Identification" in the subtree item.

The missing dissection of the parameter value is
0...  = spare
.010  = Type of Network: National
 0010 = Network Identification Plan: 4-digit carrier identification
Carrier Identification: 0432
  = Address signal digit: 0 (0)
0100  = Address signal digit: 4 (4)
 0011 = Address signal digit: 3 (3)
0010  = Address signal digit: 2 (2)
Carrier Identfication digits: 0432

The reference is available here:
ftp://ftp.3gpp2.org/Archive/TSGN%20(inactive)/Working/2001/2001_02_Chandler/Opening_Plenary/fyi%20T1%20Ballots/T1.113Ballot.pdf

A hex dump (to be imported using encapsulation type "Wireshark Upper PDU
export") of an example frame follows:

00  00 0c 00 04 6d 33 75 61 00 14 00 04 c0 a8 7d 44
10  00 15 00 04 c0 a8 7b 24 00 18 00 04 00 00 00 01
20  00 19 00 04 00 00 6e 29 00 1a 00 04 00 00 0b 5a
30  00 1e 00 04 00 00 4d 81 00 00 00 00 01 00 01 01
40  00 00 00 4c 02 00 00 08 00 00 00 08 02 10 00 3b
50  00 fa 84 01 00 05 5c 2e 05 02 00 0b 92 01 01 00
60  60 10 0a 03 06 0d 03 90 90 a2 07 03 10 12 57 40
70  01 86 0a 07 03 13 12 47 79 82 27 ea 01 00 c5 03
80  22 04 32 c7 01 20 00 00

00  00

(the last line, 00 00, is a workaround of the bug of import from hex which
causes the last octet of the last frame to be omitted during import).

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12671] IPsec ESP decryption fails (regression)

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12671

--- Comment #4 from Gerrit Code Review  ---
Change 16723 had a related patch set uploaded by Pascal Quantin:
IPSec: fix decryption broken in g8cd167a

https://code.wireshark.org/review/16723

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12671] IPsec ESP decryption fails (regression)

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12671

--- Comment #3 from Gerrit Code Review  ---
Change 16711 merged by Michael Mann:
IPSec: fix decryption broken in g8cd167a

https://code.wireshark.org/review/16711

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12671] IPsec ESP decryption fails (regression)

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12671

Gerrit Code Review  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 Resolution|--- |FIXED

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12665] Fuzzed PCAP causing segmentation fault in ssl_decrypt_record

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12665

--- Comment #9 from Gerrit Code Review  ---
Change 16716 merged by Peter Wu:
ssl-utils: ensure that the cipher suite matches decoder

https://code.wireshark.org/review/16716

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12665] Fuzzed PCAP causing segmentation fault in ssl_decrypt_record

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12665

--- Comment #8 from Gerrit Code Review  ---
Change 16716 had a related patch set uploaded by Peter Wu:
ssl-utils: ensure that the cipher suite matches decoder

https://code.wireshark.org/review/16716

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12665] Fuzzed PCAP causing segmentation fault in ssl_decrypt_record

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12665

Gerrit Code Review  changed:

   What|Removed |Added

 Status|IN_PROGRESS |RESOLVED
 Resolution|--- |FIXED

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12665] Fuzzed PCAP causing segmentation fault in ssl_decrypt_record

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12665

--- Comment #7 from Gerrit Code Review  ---
Change 16674 merged by Peter Wu:
ssl-utils: ensure that the cipher suite matches decoder

https://code.wireshark.org/review/16674

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12673] Register IPv6 extension header dissectors to "ip.proto" table

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12673

--- Comment #3 from João Valverde  ---
Patch submitted to https://code.wireshark.org/review/16681.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12673] Register IPv6 extension header dissectors to "ip.proto" table

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12673

--- Comment #2 from João Valverde  ---
Created attachment 14767
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=14767&action=edit
IPv4 with 3 extension headers

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12673] Register IPv6 extension header dissectors to "ip.proto" table

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12673

--- Comment #1 from João Valverde  ---
Created attachment 14766
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=14766&action=edit
IPv6 with 3 extension headers

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12673] New: Register IPv6 extension header dissectors to "ip.proto" table

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12673

Bug ID: 12673
   Summary: Register IPv6 extension header dissectors to
"ip.proto" table
   Product: Wireshark
   Version: Git
  Hardware: All
OS: All
Status: UNCONFIRMED
  Severity: Enhancement
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: joao.valve...@tecnico.ulisboa.pt

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
Placeholder to attach some captures.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12672] Buildbot crash output: fuzz-2016-07-27-10615.pcap

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12672

Pascal Quantin  changed:

   What|Removed |Added

 Status|CONFIRMED   |RESOLVED
 CC||pascal.quan...@gmail.com
 Resolution|--- |DUPLICATE

--- Comment #1 from Pascal Quantin  ---


*** This bug has been marked as a duplicate of bug 12665 ***

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12665] Fuzzed PCAP causing segmentation fault in ssl_decrypt_record

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12665

--- Comment #6 from Pascal Quantin  ---
*** Bug 12672 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12672] New: Buildbot crash output: fuzz-2016-07-27-10615.pcap

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12672

Bug ID: 12672
   Summary: Buildbot crash output: fuzz-2016-07-27-10615.pcap
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
   URL: https://www.wireshark.org/download/automated/captures/
fuzz-2016-07-27-10615.pcap
OS: Ubuntu
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: buildbot-do-not-re...@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-07-27-10615.pcap

stderr:
Input file:
/home/wireshark/menagerie/menagerie/14763-406a6309991c3d2b13ee78de241b2d3afe4fa1d3fda356c2962b7e3c6ad7f4cd.pcap

Build host information:
Linux wsbb04 3.13.0-92-generic #139-Ubuntu SMP Tue Jun 28 20:42:26 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:Ubuntu
Description:Ubuntu 14.04.4 LTS
Release:14.04
Codename:trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=11
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-2.2/
BUILDBOT_BUILDERNAME=Fuzz Test
BUILDBOT_SLAVENAME=fuzz-test
BUILDBOT_GOT_REVISION=9b2ec33fb179469d17f1742b777216dd36a0d1e1

Return value:  139

Dissector bug:  0

Valgrind error count:  0



Git commit
commit 9b2ec33fb179469d17f1742b777216dd36a0d1e1
Author: Alexis La Goutte 
Date:   Tue Jul 26 11:28:28 2016 +0200

Transifex: Add master-22 branch

Change-Id: I5c5c1294f6f7491cf800a9f854e0fa9c7f989b27
Reviewed-on: https://code.wireshark.org/review/16690
Reviewed-by: Anders Broman 



[ no debug trace ]

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 3303] Problem with fragmentation at the SSL record layer

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3303

Derek Harper  changed:

   What|Removed |Added

 CC||de...@shadowhaven.co.uk

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 12671] IPsec ESP decryption fails (regression)

2016-07-27 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12671

--- Comment #2 from Gerrit Code Review  ---
Change 16711 had a related patch set uploaded by Pascal Quantin:
IPSec: fix decryption broken in g8cd167a

https://code.wireshark.org/review/16711

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe