[Wireshark-bugs] [Bug 14385] Decode As port range

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14385

Alexis La Goutte  changed:

   What|Removed |Added

 CC||alexis.lagou...@gmail.com,
   ||mman...@netscape.net

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14385] New: Decode As port range

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14385

Bug ID: 14385
   Summary: Decode As port range
   Product: Wireshark
   Version: 2.4.4
  Hardware: x86-64
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Common utilities (libwsutil)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: tech-...@thephoneguys.co.nz
  Target Milestone: ---

Build Information:
Version 2.4.4 (v2.4.4-0-g90a7be11a4)
--
When wanting to decode a range of ports in "Decode As" doesn't work. For
example if the port range is 41252 to 85543, I would enter 41252-85543. But
this doesn't work.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14380] Buildbot crash output: fuzz-2018-01-31-18564.pcap

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14380

--- Comment #3 from Pascal Quantin  ---
*** Bug 14384 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14384] Buildbot crash output: fuzz-2018-02-01-25854.pcap

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14384

Pascal Quantin  changed:

   What|Removed |Added

 Resolution|--- |DUPLICATE
 CC||pascal.quan...@gmail.com
 Status|CONFIRMED   |RESOLVED

--- Comment #1 from Pascal Quantin  ---


*** This bug has been marked as a duplicate of bug 14380 ***

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14384] New: Buildbot crash output: fuzz-2018-02-01-25854.pcap

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14384

Bug ID: 14384
   Summary: Buildbot crash output: fuzz-2018-02-01-25854.pcap
   Product: Wireshark
   Version: unspecified
  Hardware: x86-64
OS: Ubuntu
Status: CONFIRMED
  Severity: Major
  Priority: High
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: buildbot-do-not-re...@wireshark.org
  Target Milestone: ---

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2018-02-01-25854.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/5750-avdtp_test.cap

Build host information:
Linux wsbb04 4.4.0-112-generic #135-Ubuntu SMP Fri Jan 19 11:48:36 UTC 2018
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description:Ubuntu 16.04.3 LTS
Release:16.04
Codename:   xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-build...@code.wireshark.org:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=4601
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=66af843eb502a16a2428e899b44939cfe3925863

Return value:  0

Dissector bug:  0

Valgrind error count:  4



Git commit
commit 66af843eb502a16a2428e899b44939cfe3925863
Author: Jakub Zawadzki 
Date:   Thu Feb 1 02:25:24 2018 +0100

bacapp: make sure to NUL terminate bf_arr.

bf_arr is used as %s argument to proto_tree_add_subtree_format(), so it
need to be NUL terminated.
Add + 1 to bf_arr size, and use sizeof() in memset() calls.

ASAN report:

ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7ff1b179f150 at pc 0x0044cf31 bp 0x7ffdc7493cf0 sp 0x7ffdc74934a0
READ of size 258 at 0x7ff1b179f150 thread T0
SCARINESS: 41 (multi-byte-read-stack-buffer-overflow)
#0 0x44cf30 in printf_common(void*, char const*, __va_list_tag*)
/src/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_format.inc:548
#1 0x498cfc in __vsnprintf_chk
/src/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc:1558
#2 0x5775cf in proto_tree_set_representation
/src/wireshark/epan/proto.c:5508:9
#3 0x577eb1 in proto_tree_add_text_valist_internal
/src/wireshark/epan/proto.c:1226:2
#4 0x5782d5 in proto_tree_add_subtree_format
/src/wireshark/epan/proto.c:1249:7
#5 0x73c73f in fBitStringTagVS
/src/wireshark/epan/dissectors/packet-bacapp.c:7490:15
#6 0x73ad20 in fApplicationTypesEnumeratedSplit
/src/wireshark/epan/dissectors/packet-bacapp.c:7569:26
#7 0x73a484 in fApplicationTypes
/src/wireshark/epan/dissectors/packet-bacapp.c:7635:12
#8 0x7395db in fIAmRequest
/src/wireshark/epan/dissectors/packet-bacapp.c:13412:14
#9 0x7383e1 in dissect_bacapp
/src/wireshark/epan/dissectors/packet-bacapp.c:14163:9

Found by oss-fuzz/5452.

Change-Id: I57e948904f707c5003a389431b009a37c1212e04
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5452
Reviewed-on: https://code.wireshark.org/review/25544
Petri-Dish: Jakub Zawadzki 
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki 


==16287== Memcheck, a memory error detector
==16287== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==16287== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==16287== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2018-02-01-25854.pcap
==16287== 
==16287== Conditional jump or move depends on uninitialised value(s)
==16287==at 0x72377BA: dissect_rtp (in
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/lib/libwireshark.so.0.0.0)
==16287==by 0x7D3B197: call_dissector_through_handle (in
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/lib/libwireshark.so.0.0.0)
==16287==by 0x7D37019: call_dissector_work (in
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/lib/libwireshark.so.0.0.0)
==16287==by 0x7D39E52: call_dissector_only (in
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/lib/libwireshark.so.0.0.0)
==16287==by 0x7D35AB4: call_dissector_with_data (in
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/lib/libwireshark.so.0.0.0)
==16287==by 0x7D39E91: call_dissector (in
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/lib/libwireshark.so.0.0.0)
==16287==by 0x694ECA4: dissect_bta2dp (in
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/lib/libwireshark.so.0.0.0)
==16287==by 0x7D3B197: call_dissector_through_handle (in
/home/wireshark/builde

[Wireshark-bugs] [Bug 14383] Slow to restart capture when captured a few hundred MB of packets

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14383

--- Comment #1 from Guy Harris  ---
Does it take as long to close a large capture such as that as it does to start
the new capture?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14383] New: Slow to restart capture when captured a few hundred MB of packets

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14383

Bug ID: 14383
   Summary: Slow to restart capture when captured a few hundred MB
of packets
   Product: Wireshark
   Version: 2.4.4
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: pavlov.pa...@gmail.com
  Target Milestone: ---

Build Information:
Version 2.5.0-2567-g5c511d23 (v2.5.0rc0-2567-g5c511d23) 
or 2.4.4
--
When I capture lots of data (a few hundred MB of UDP packets) and then I want
to restart capture it takes long time and wireshark freezes.
Instead, it should move it all to background thread and restart capture
immediately.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14382] New: chunked http transfer causes 100% CPU load

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14382

Bug ID: 14382
   Summary: chunked http transfer causes 100% CPU load
   Product: Wireshark
   Version: 2.4.4
  Hardware: x86-64
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: pavlov.pa...@gmail.com
  Target Milestone: ---

Created attachment 16103
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16103&action=edit
sample chunked http capture

Build Information:
Version 2.5.0-2567-g5c511d23 (v2.5.0rc0-2567-g5c511d23) 
or 2.4.4 release

--
Some simple http traffic makes wireshark incredibly slow to process traffic.
Attached is a simple chunked http transfer that send 1 byte at a time and
wireshark cannot load it (take LOONG time to load the file).

simply opening the attache pcap will take wireshark second to process it at
100% cpu load.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14380] Buildbot crash output: fuzz-2018-01-31-18564.pcap

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14380

Michael Mann  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|CONFIRMED   |RESOLVED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14380] Buildbot crash output: fuzz-2018-01-31-18564.pcap

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14380

--- Comment #2 from Gerrit Code Review  ---
Change 25550 merged by Michael Mann:
RTP: ensure that bta2dp_info and btvdp_info are always initialized

https://code.wireshark.org/review/25550

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14380] Buildbot crash output: fuzz-2018-01-31-18564.pcap

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14380

--- Comment #1 from Gerrit Code Review  ---
Change 25550 had a related patch set uploaded by Pascal Quantin:
RTP: ensure that bta2dp_info and btvdp_info are always initialized

https://code.wireshark.org/review/25550

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14381] cannot find any Mongo Wire Protocol (MONGO) package

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14381

Alexis La Goutte  changed:

   What|Removed |Added

 Status|UNCONFIRMED |INCOMPLETE
 CC||alexis.lagou...@gmail.com
 Ever confirmed|0   |1

--- Comment #1 from Alexis La Goutte  ---
Hi,

What package do you talk ?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14344] Buildbot crash output: fuzz-2018-01-13-26025.pcap

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14344

Pascal Quantin  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 CC||pascal.quan...@gmail.com
 Status|CONFIRMED   |RESOLVED

--- Comment #2 from Pascal Quantin  ---
Fixed by I57e948904f707c5003a389431b009a37c1212e04

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14381] New: cannot find any Mongo Wire Protocol (MONGO) package

2018-02-01 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14381

Bug ID: 14381
   Summary: cannot find any Mongo Wire Protocol (MONGO) package
   Product: Wireshark
   Version: 2.4.3
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Documentation
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: brant4t...@gmail.com
  Target Milestone: ---

Build Information:
Version 2.4.3 (v2.4.3-0-g368ba1ee37)

Copyright 1998-2017 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.3, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua 5.2.4, with GnuTLS
3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP, with nghttp2 1.14.0,
with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia, with AirPcap,
with
SBC, with SpanDSP.

Running on 64-bit Windows 10, build 10586, with Intel(R) Core(TM) i7-6700HQ CPU
@ 2.60GHz (with SSE4.2), with 16264 MB of physical memory, with locale
English_United States.1252, with WinPcap version 4.1.3 (packet.dll version
4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with
GnuTLS 3.4.11, with Gcrypt 1.7.6, without AirPcap.

Built using Microsoft Visual C++ 14.0 build 24215

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--

I'm following this guide, but cannot find any Mongo Wire Protocol (MONGO) in
package.
https://wiki.wireshark.org/Mongo

Any tips? Thanks!

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe