Hi,
I think there is a bug in tvb_find_guint8 so that it could return a
wrong value that can even be outside of the tvb len. When recursively
going up through subset tvbs (tvb->ops->tvb_find_guint8) it does not
account for the difference in offset between the subsets.
Attached is a patch I have written that seems to work. However, to be
honest I am fairly new to Wireshark development and do not understand
tvbuff very well. It would be better if somebody who understands the
inner workings of tvbuff looks into this.
Kind regards,
Jan Venekamp
diff --git a/epan/tvbuff.c b/epan/tvbuff.c
index 9d3ca4b..b263ba1 100644
--- a/epan/tvbuff.c
+++ b/epan/tvbuff.c
@@ -2089,8 +2089,8 @@ tvb_find_guint8(tvbuff_t *tvb, const gint offset, const gint maxlength, const gu
}
}
- if (tvb->ops->tvb_find_guint8)
- return tvb->ops->tvb_find_guint8(tvb, abs_offset, limit, needle);
+ if (tvb->ops->tvb_find_guint8 && tvb->ops->tvb_offset)
+ return tvb->ops->tvb_find_guint8(tvb, abs_offset, limit, needle) - tvb->ops->tvb_offset(tvb, 0);
return tvb_find_guint8_generic(tvb, offset, limit, needle);
}