Bug ID |
11545
|
Summary |
Bytes pane set from LUA dissector shows bad data after selecting an item in dissection tree
|
Product |
Wireshark
|
Version |
1.12.7
|
Hardware |
x86
|
OS |
All
|
Status |
UNCONFIRMED
|
Severity |
Major
|
Priority |
Low
|
Component |
Dissection engine (libwireshark)
|
Assignee |
[email protected]
|
Reporter |
[email protected]
|
Build Information:
Version 1.12.7 (Git Rev Unknown from unknown)
Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with Qt 4.8.6 with GLib 2.42.2, with libpcap, with libz
1.2.8,
with POSIX capabilities (Linux), with libnl 3, with SMI 0.4.8, with c-ares
1.10.0, with Lua 5.2, without Python, with GnuTLS 3.2.18, with Gcrypt 1.6.1,
with MIT Kerberos, with GeoIP, without PortAudio, without AirPcap.
Running on Linux 3.16.7-24-desktop, with locale de_DE.UTF-8, with libpcap
version 1.6.2, with libz 1.2.8, GnuTLS 3.2.18, Gcrypt 1.6.1.
Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Built using gcc 4.8.3 20140627 [gcc-4_8-branchrevision 212064].
--
I try generate a ByteArray which contains decrypted data from a packet.
If I select a packet and select the bytes pane with the decrypted message,
correct data is show. When selecting a field from the decrypted message, the
decrypted bytes are garbled - length changes, values are random.
Stripped down dissector:
---
function p_myproto.dissector(tvb, pinfo, tree)
local subtree = tree:add(p_myproto, tvb(), "MyProto")
subtree:add(tvb(), "Raw message")
local b = ByteArray.new()
b.set_size(tvb():len())
for i = 0, tvb():len - 1, 1 do
out:set_index(i, tvb(i,1):uint() + 1) -- fake decrypt
end
local dec = ByteArray.tvb(b, "Decrypted")
local dectree = subtree:add(dec(), "Decrypted message")
dectree:set_generated()
dectree:add(dec(1,1), "First byte")
end
---
As soon as I click on "First byte", the contents in the "Decrypted" pane is
garbled, but the dissection tree still shows the correct value.
You are receiving this mail because:
- You are watching all bug changes.