From 505bcefd20501ae0811f6074f2113b52788d78c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Skalski?= <mskalski13@gmail.com>
Date: Tue, 23 Aug 2016 01:12:59 +0200
Subject: isakmp Fix IKEv2 modification UAT crash

Problem is that not all fields of UAT are updated on change (only those
defined in UAT definition with ikev2_uat_flds, specifically pointers to
encr_spec and auth_spec in ike2_decr_data_t were set to NULL.

Fixed by re-setting pointers after update table callback was called.

Also fixed memory leaks after UAT modification.

Bug was partially resolved with change
Ibdab979b5959eb561635cbcb446e17138baca87b
https://code.wireshark.org/review/17078

which eliminated crash, but decryption still didn't work after UAT
modification (DISSECTOR BUG was displayed).

Bug: 12748
Change-Id: I8209edd8e214d62e34b641fdd2e046b9ff4c95eb
Reviewed-on: https://code.wireshark.org/review/17249
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
---
 epan/dissectors/packet-isakmp.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/epan/dissectors/packet-isakmp.c b/epan/dissectors/packet-isakmp.c
index 9ae08a240c..c8e097fb46 100644
--- a/epan/dissectors/packet-isakmp.c
+++ b/epan/dissectors/packet-isakmp.c
@@ -5184,8 +5184,7 @@ dissect_enc(tvbuff_t *tvb,
     /* Need decryption details to know field lengths. */
     key_info = (ikev2_decrypt_data_t*)(decr_info);
 
-    /* BUG: encr/auth specs are not set properly after editing IKEv2 UAT (adding / removing rows).
-     * Key value in key_info->encr_key is set properly */
+    /* Check if encr/auth specs are set properly (if for some case not, wireshark would crash) */
     if (!key_info->encr_spec || !key_info->auth_spec) {
       REPORT_DISSECTOR_BUG(wmem_strdup_printf(wmem_packet_scope(),
         "IKEv2: decryption/integrity specs not set-up properly: encr_spec: %p, auth_spec: %p",
@@ -5643,6 +5642,9 @@ isakmp_init_protocol(void) {
   ikev2_key_hash = g_hash_table_new(ikev2_key_hash_func, ikev2_key_equal_func);
   for (i = 0; i < num_ikev2_uat_data; i++) {
     g_hash_table_insert(ikev2_key_hash, &(ikev2_uat_data[i].key), &(ikev2_uat_data[i]));
+    /* Need find references to algorithms (as UAT table editing looses data not stored in file) */
+    ikev2_uat_data[i].encr_spec = ikev2_decrypt_find_encr_spec(ikev2_uat_data[i].encr_alg);
+    ikev2_uat_data[i].auth_spec = ikev2_decrypt_find_auth_spec(ikev2_uat_data[i].auth_alg);
   }
   defrag_next_payload_hash = g_hash_table_new(g_direct_hash, g_direct_equal);
 #endif /* HAVE_LIBGCRYPT */
@@ -5662,6 +5664,7 @@ isakmp_cleanup_protocol(void) {
 #ifdef HAVE_LIBGCRYPT
 static void
 isakmp_prefs_apply_cb(void) {
+  isakmp_cleanup_protocol();
   isakmp_init_protocol();
 }
 #endif /* HAVE_LIBGCRYPT */
-- 
cgit v1.2.1