diff options
| author | Guy Harris <guy@alum.mit.edu> | 2015-07-20 10:02:08 -0700 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2015-07-20 17:02:59 +0000 |
| commit | 170def95113b0cc21fdfc7dc1182fd01b4910832 (patch) | |
| tree | aeed84565bd114bdf88574ce308aa5b9f32718a7 /epan | |
| parent | 09ae055f231ccd5513bde402ad988c49c017a957 (diff) | |
| download | wireshark-170def95113b0cc21fdfc7dc1182fd01b4910832.tar.gz | |
Fix escaping of strings in UATs.
Not only must characters that aren't printable ASCII characters be
escaped, backslashes must be escaped (as backslash is an escape
introducer) and double-quotes must be escaped (as double-quotes
encapsulate strings).
When constructing a string to hand to uat_load_str(), escape pathnames,
as they are likely to contain backslashes on Windows, could contain
backslashes on UN*X, and could contain quotes on UN*X and possibly
Windows. (Arguably, we should escape all the string arguments
Bug: 11372
Change-Id: I594840327fa41895130903c3c612ba97d6c29df3
Reviewed-on: https://code.wireshark.org/review/9716
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'epan')
| -rw-r--r-- | epan/dissectors/packet-dtls.c | 4 | ||||
| -rw-r--r-- | epan/dissectors/packet-ssl.c | 4 | ||||
| -rw-r--r-- | epan/uat.c | 6 |
3 files changed, 9 insertions, 5 deletions
diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c index d2ce36a0d8..2748aa4a97 100644 --- a/epan/dissectors/packet-dtls.c +++ b/epan/dissectors/packet-dtls.c @@ -257,8 +257,10 @@ dtls_parse_old_keys(void) for (i = 0; old_keys[i] != NULL; i++) { parts = wmem_strsplit(NULL, old_keys[i], ",", 4); if (parts[0] && parts[1] && parts[2] && parts[3]) { + gchar *path = uat_esc(parts[3], (guint)strlen(parts[3])); uat_entry = wmem_strdup_printf(NULL, "\"%s\",\"%s\",\"%s\",\"%s\",\"\"", - parts[0], parts[1], parts[2], parts[3]); + parts[0], parts[1], parts[2], path); + g_free(path); if (!uat_load_str(dtlsdecrypt_uat, uat_entry, &err)) { ssl_debug_printf("dtls_parse: Can't load UAT string %s: %s\n", uat_entry, err); diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c index 7699d7e6e8..079e7fbd60 100644 --- a/epan/dissectors/packet-ssl.c +++ b/epan/dissectors/packet-ssl.c @@ -423,9 +423,11 @@ ssl_parse_old_keys(void) for (i = 0; old_keys[i] != NULL; i++) { parts = wmem_strsplit(NULL, old_keys[i], ",", 5); if (parts[0] && parts[1] && parts[2] && parts[3]) { + gchar *path = uat_esc(parts[3], (guint)strlen(parts[3])); const gchar *password = parts[4] ? parts[4] : ""; uat_entry = wmem_strdup_printf(NULL, "\"%s\",\"%s\",\"%s\",\"%s\",\"%s\"", - parts[0], parts[1], parts[2], parts[3], password); + parts[0], parts[1], parts[2], path, password); + g_free(path); if (!uat_load_str(ssldecrypt_uat, uat_entry, &err)) { ssl_debug_printf("ssl_parse_old_keys: Can't load UAT string %s: %s\n", uat_entry, err); diff --git a/epan/uat.c b/epan/uat.c index c285aacae5..73659d57bf 100644 --- a/epan/uat.c +++ b/epan/uat.c @@ -735,11 +735,11 @@ char* uat_esc(const char* buf, guint len) { char* s = out; for (b = (const guint8 *)buf; b < end; b++) { - if (g_ascii_isprint(*b) ) { - *(s++) = (*b); - } else { + if (*b == '"' || *b == '\\' || ! g_ascii_isprint(*b) ) { g_snprintf(s,5,"\\x%.2x",((guint)*b)); s+=4; + } else { + *(s++) = (*b); } } |