diff options
author | MichaĆ Skalski <mskalski13@gmail.com> | 2016-08-23 01:12:59 +0200 |
---|---|---|
committer | Pascal Quantin <pascal.quantin@gmail.com> | 2016-08-23 21:31:37 +0000 |
commit | 505bcefd20501ae0811f6074f2113b52788d78c5 (patch) | |
tree | 419446daa085a07a26c0bcdb44613215043e9e07 | |
parent | e11d4a891373c0f47062dd526a1f5ff6baa09ba6 (diff) | |
download | wireshark-505bcefd20501ae0811f6074f2113b52788d78c5.tar.gz |
isakmp Fix IKEv2 modification UAT crash
Problem is that not all fields of UAT are updated on change (only those
defined in UAT definition with ikev2_uat_flds, specifically pointers to
encr_spec and auth_spec in ike2_decr_data_t were set to NULL.
Fixed by re-setting pointers after update table callback was called.
Also fixed memory leaks after UAT modification.
Bug was partially resolved with change
Ibdab979b5959eb561635cbcb446e17138baca87b
https://code.wireshark.org/review/17078
which eliminated crash, but decryption still didn't work after UAT
modification (DISSECTOR BUG was displayed).
Bug: 12748
Change-Id: I8209edd8e214d62e34b641fdd2e046b9ff4c95eb
Reviewed-on: https://code.wireshark.org/review/17249
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
-rw-r--r-- | epan/dissectors/packet-isakmp.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/epan/dissectors/packet-isakmp.c b/epan/dissectors/packet-isakmp.c index 9ae08a240c..c8e097fb46 100644 --- a/epan/dissectors/packet-isakmp.c +++ b/epan/dissectors/packet-isakmp.c @@ -5184,8 +5184,7 @@ dissect_enc(tvbuff_t *tvb, /* Need decryption details to know field lengths. */ key_info = (ikev2_decrypt_data_t*)(decr_info); - /* BUG: encr/auth specs are not set properly after editing IKEv2 UAT (adding / removing rows). - * Key value in key_info->encr_key is set properly */ + /* Check if encr/auth specs are set properly (if for some case not, wireshark would crash) */ if (!key_info->encr_spec || !key_info->auth_spec) { REPORT_DISSECTOR_BUG(wmem_strdup_printf(wmem_packet_scope(), "IKEv2: decryption/integrity specs not set-up properly: encr_spec: %p, auth_spec: %p", @@ -5643,6 +5642,9 @@ isakmp_init_protocol(void) { ikev2_key_hash = g_hash_table_new(ikev2_key_hash_func, ikev2_key_equal_func); for (i = 0; i < num_ikev2_uat_data; i++) { g_hash_table_insert(ikev2_key_hash, &(ikev2_uat_data[i].key), &(ikev2_uat_data[i])); + /* Need find references to algorithms (as UAT table editing looses data not stored in file) */ + ikev2_uat_data[i].encr_spec = ikev2_decrypt_find_encr_spec(ikev2_uat_data[i].encr_alg); + ikev2_uat_data[i].auth_spec = ikev2_decrypt_find_auth_spec(ikev2_uat_data[i].auth_alg); } defrag_next_payload_hash = g_hash_table_new(g_direct_hash, g_direct_equal); #endif /* HAVE_LIBGCRYPT */ @@ -5662,6 +5664,7 @@ isakmp_cleanup_protocol(void) { #ifdef HAVE_LIBGCRYPT static void isakmp_prefs_apply_cb(void) { + isakmp_cleanup_protocol(); isakmp_init_protocol(); } #endif /* HAVE_LIBGCRYPT */ |