Comment # 1
on bug 11933
from Stefan Metzmacher
(In reply to Michael Mann from comment #0)
> Build Information:
> Paste the COMPLETE build information from "Help->About Wireshark",
> "wireshark -v", or "tshark -v".
> --
> While investigating bug 11931, I noticed that I couldn't duplicate on master.
> The reason is that the smb2_info_t structure isn't passed down to the MS-WSP
> dissector. The functionality of dissect_smb2_FSCTL_PIPE_TRANSCEIVE()
> changed with Ie6f28fd7, which ends up calling heuristic dissection with no
> "dissector data". Since MS-WSP requires dissector data (smb2_info_t
> structure), it won't hit the crash found by the fuzzbot.
> I think the solution may be as simple as passing the dissector data through
> the heuristic dissection attempt, but I'll let those more familiar with the
> protocols ponder it.
Yes, I think passing 'si' instead of NULL as the last argument
of all dissector_try_heuristic() calls in dissect_file_data_smb2_pipe()
is the correct fix for now.
si might still be NULL in some cases, but it's better than nothing.
You are receiving this mail because:
- You are watching all bug changes.