[prev in list] [next in list] [prev in thread] [next in thread]
List: wireshark-bugs
Subject: [Wireshark-bugs] [Bug 13862] New: lua Field not updated after 1st tree:add()
From: bugzilla-daemon () wireshark ! org
Date: 2017-06-28 20:05:01
Message-ID: bug-13862-15 () https ! bugs ! wireshark ! org/bugzilla/
[Download RAW message or body]
--14986803010.17BCD.6512
Date: Wed, 28 Jun 2017 20:05:01 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.wireshark.org/bugzilla/
Auto-Submitted: auto-generated
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13862
Bug ID: 13862
Summary: lua Field not updated after 1st tree:add()
Product: Wireshark
Version: Git
Hardware: x86
OS: All
Status: UNCONFIRMED
Severity: Major
Priority: Low
Component: Dissection engine (libwireshark)
Assignee: bugzilla-admin@wireshark.org
Reporter: andrew@lunn.ch
Target Milestone: ---
Created attachment 15662
--> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=15662&action=edit
Patch to illustrate issue.
Build Information:
./tshark -v
TShark (Wireshark) 2.5.0 (v2.5.0rc0-277-g66507b90521f)
Copyright 1998-2017 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.50.3, with zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua
5.2.4, with GnuTLS 3.5.8, with Gcrypt 1.7.7-beta, with MIT Kerberos, with
GeoIP,
with nghttp2 1.23.1, without LZ4, without Snappy, with libxml2 2.9.4.
Running on Linux 4.9.28+, with Intel(R) Core(TM) i7-4771 CPU @ 3.50GHz (with
SSE4.2), with 32039 MB of physical memory, with locale LC_CTYPE=en_US.utf8,
LC_NUMERIC=en_US.utf8, LC_TIME=en_GB.UTF-8, LC_COLLATE=en_US.utf8,
LC_MONETARY=en_US.utf8, LC_MESSAGES=en_US.utf8, LC_PAPER=en_US.utf8,
LC_NAME=en_US.utf8, LC_ADDRESS=en_US.utf8, LC_TELEPHONE=en_US.utf8,
LC_MEASUREMENT=en_US.utf8, LC_IDENTIFICATION=en_US.utf8, with libpcap version
1.8.1, with GnuTLS 3.5.8, with Gcrypt 1.7.7-beta, with zlib 1.2.8.
Built using gcc 6.3.0 20170516.
--
Attached is a patch to lua/tests/dissector.lua to demonstrate a bug. The patch
extends the dissector of DNS to partially decode the answer resource records.
When the test/captures/dns_port.pcap is viewed with this, look at the fourth
frame. Expand the Answers subtree. Note that all the IP addresses are the same:
Answer Length 4, Address 67.129.68.9
Answer Length 4, Address 67.129.68.9
Answer Length 4, Address 67.129.68.9
Answer Length 4, Address 67.129.68.9
Expand a few of these and you will notice the first Answer does have the IP
address 67.129.68.9. However the second is 69.44.57.60, and the third
207.234.209.181, etc...
The code also preforms a dprint() of the address. Again, the output is the same
for all answers.
It appears the answer_ipv4 Field is set once on the first call to
a_tree:add(pf_answer_ipv4, tvbuf(pos + 12, 4))
but not updated on subsequent calls. This is not the behaviour i would expect.
--
You are receiving this mail because:
You are watching all bug changes.
--14986803010.17BCD.6512
Date: Wed, 28 Jun 2017 20:05:01 +0000
MIME-Version: 1.0
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.wireshark.org/bugzilla/
Auto-Submitted: auto-generated
<html>
<head>
<base href="https://bugs.wireshark.org/bugzilla/" />
<style>
body, th, td {
font-size: 12px;
font-family: Arial, Helvetica, sans-serif; }
p, pre { margin-top: 1em; }
pre {
font-family: Bitstream Vera Sans Mono, Consolas, Lucida Console, \
monospace; white-space: pre-wrap;
}
table { border: 0; border-spacing: 0; border-collapse: collapse; }
th, td {
padding: 0.25em;
padding-left: 0.5em;
padding-right: 0.5em;
}
th { background: rgb(240, 240, 240); }
th.th_top { border-bottom: 1px solid rgb(116, 126, 147); }
th.th_left { border-right: 1px solid rgb(116, 126, 147); }
td.removed { background-color: #ffcccc; }
td.added { background-color: #e4ffc7; }
</style>
</head>
<body><table>
<tr>
<th class="th_left">Bug ID</th>
<td><a class="bz_bug_link
bz_status_UNCONFIRMED "
title="UNCONFIRMED - lua Field not updated after 1st tree:add()"
href="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13862">13862</a>
</td>
</tr>
<tr>
<th class="th_left">Summary</th>
<td>lua Field not updated after 1st tree:add()
</td>
</tr>
<tr>
<th class="th_left">Product</th>
<td>Wireshark
</td>
</tr>
<tr>
<th class="th_left">Version</th>
<td>Git
</td>
</tr>
<tr>
<th class="th_left">Hardware</th>
<td>x86
</td>
</tr>
<tr>
<th class="th_left">OS</th>
<td>All
</td>
</tr>
<tr>
<th class="th_left">Status</th>
<td>UNCONFIRMED
</td>
</tr>
<tr>
<th class="th_left">Severity</th>
<td>Major
</td>
</tr>
<tr>
<th class="th_left">Priority</th>
<td>Low
</td>
</tr>
<tr>
<th class="th_left">Component</th>
<td>Dissection engine (libwireshark)
</td>
</tr>
<tr>
<th class="th_left">Assignee</th>
<td>bugzilla-admin@wireshark.org
</td>
</tr>
<tr>
<th class="th_left">Reporter</th>
<td>andrew@lunn.ch
</td>
</tr>
<tr>
<th class="th_left">Target Milestone</th>
<td>---
</td>
</tr></table>
<p>
<div>
<pre>Created <span class=""><a href="attachment.cgi?id=15662" \
name="attach_15662" title="Patch to illustrate issue.">attachment 15662</a> <a \
href="attachment.cgi?id=15662&action=edit" title="Patch to illustrate \
issue.">[details]</a></span> Patch to illustrate issue.
Build Information:
./tshark -v
TShark (Wireshark) 2.5.0 (v2.5.0rc0-277-<a \
href="https://code.wireshark.org/review/#/q/commit:66507b90521f">g66507b90521f</a>)
Copyright 1998-2017 Gerald Combs <<a \
href="mailto:gerald@wireshark.org">gerald@wireshark.org</a>> and \
contributors. License GPLv2+: GNU GPL version 2 or later
<<a href="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html">http://www.gnu.org/licenses/old-licenses/gpl-2.0.html</a>>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.50.3, with zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua
5.2.4, with GnuTLS 3.5.8, with Gcrypt 1.7.7-beta, with MIT Kerberos, with
GeoIP,
with nghttp2 1.23.1, without LZ4, without Snappy, with libxml2 2.9.4.
Running on Linux 4.9.28+, with Intel(R) Core(TM) i7-4771 CPU @ 3.50GHz (with
SSE4.2), with 32039 MB of physical memory, with locale LC_CTYPE=en_US.utf8,
LC_NUMERIC=en_US.utf8, LC_TIME=en_GB.UTF-8, LC_COLLATE=en_US.utf8,
LC_MONETARY=en_US.utf8, LC_MESSAGES=en_US.utf8, LC_PAPER=en_US.utf8,
LC_NAME=en_US.utf8, LC_ADDRESS=en_US.utf8, LC_TELEPHONE=en_US.utf8,
LC_MEASUREMENT=en_US.utf8, LC_IDENTIFICATION=en_US.utf8, with libpcap version
1.8.1, with GnuTLS 3.5.8, with Gcrypt 1.7.7-beta, with zlib 1.2.8.
Built using gcc 6.3.0 20170516.
--
Attached is a patch to lua/tests/dissector.lua to demonstrate a bug. The patch
extends the dissector of DNS to partially decode the answer resource records.
When the test/captures/dns_port.pcap is viewed with this, look at the fourth
frame. Expand the Answers subtree. Note that all the IP addresses are the same:
Answer Length 4, Address 67.129.68.9
Answer Length 4, Address 67.129.68.9
Answer Length 4, Address 67.129.68.9
Answer Length 4, Address 67.129.68.9
Expand a few of these and you will notice the first Answer does have the IP
address 67.129.68.9. However the second is 69.44.57.60, and the third
207.234.209.181, etc...
The code also preforms a dprint() of the address. Again, the output is the same
for all answers.
It appears the answer_ipv4 Field is set once on the first call to
a_tree:add(pf_answer_ipv4, tvbuf(pos + 12, 4))
but not updated on subsequent calls. This is not the behaviour i would expect.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>
--14986803010.17BCD.6512--
[Attachment #3 (text/plain)]
___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-request@wireshark.org?subject=unsubscribe
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic