Wireshark-bugs: [Wireshark-bugs] [Bug 11545] New: Bytes pane set from LUA dissector shows bad da

Date: Thu, 24 Sep 2015 21:51:38 +0000
Bug ID 11545
Summary Bytes pane set from LUA dissector shows bad data after selecting an item in dissection tree
Product Wireshark
Version 1.12.7
Hardware x86
OS All
Status UNCONFIRMED
Severity Major
Priority Low
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected]

Build Information:
Version 1.12.7 (Git Rev Unknown from unknown)

Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 4.8.6 with GLib 2.42.2, with libpcap, with libz
1.2.8,
with POSIX capabilities (Linux), with libnl 3, with SMI 0.4.8, with c-ares
1.10.0, with Lua 5.2, without Python, with GnuTLS 3.2.18, with Gcrypt 1.6.1,
with MIT Kerberos, with GeoIP, without PortAudio, without AirPcap.

Running on Linux 3.16.7-24-desktop, with locale de_DE.UTF-8, with libpcap
version 1.6.2, with libz 1.2.8, GnuTLS 3.2.18, Gcrypt 1.6.1.
Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz

Built using gcc 4.8.3 20140627 [gcc-4_8-branchrevision 212064].
--
I try generate a ByteArray which contains decrypted data from a packet.

If I select a packet and select the bytes pane with the decrypted message,
correct data is show. When selecting a field from the decrypted message, the
decrypted bytes are garbled - length changes, values are random.

Stripped down dissector:
---
function p_myproto.dissector(tvb, pinfo, tree)
    local subtree = tree:add(p_myproto, tvb(), "MyProto")
    subtree:add(tvb(), "Raw message")

    local b = ByteArray.new()
    b.set_size(tvb():len())

    for i = 0, tvb():len - 1, 1 do
        out:set_index(i, tvb(i,1):uint() + 1) -- fake decrypt
    end

    local dec = ByteArray.tvb(b, "Decrypted")
    local dectree = subtree:add(dec(), "Decrypted message")
    dectree:set_generated()
    dectree:add(dec(1,1), "First byte")
end
---

As soon as I click on "First byte", the contents in the "Decrypted" pane is
garbled, but the dissection tree still shows the correct value.


You are receiving this mail because:
  • You are watching all bug changes.