File wireshark-1.4.4-CVE-2011-1592.patch of Package wireshark.import4539
Index: wireshark-1.4.4/epan/dissectors/packet-nfs.c
===================================================================
--- wireshark-1.4.4.orig/epan/dissectors/packet-nfs.c
+++ wireshark-1.4.4/epan/dissectors/packet-nfs.c
@@ -7798,7 +7798,7 @@ dissect_nfs_clientaddr4(tvbuff_t *tvb, i
{
char *universal_ip_address = NULL;
char *protocol = NULL;
- guint8 b1, b2, b3, b4, b5, b6, b7, b8, b9, b10;
+ guint b1, b2, b3, b4, b5, b6, b7, b8, b9, b10;
guint16 port;
int addr_offset;
@@ -7807,23 +7807,22 @@ dissect_nfs_clientaddr4(tvbuff_t *tvb, i
offset = dissect_rpc_string(tvb, tree, hf_nfs_r_addr, offset, &universal_ip_address);
if(strlen(protocol) == 3 && strncmp(protocol,"tcp",3) == 0) {
- if (universal_ip_address && sscanf(universal_ip_address, "%hhu.%hhu.%hhu.%hhu.%hhu.%hhu",
+ if (universal_ip_address && sscanf(universal_ip_address, "%u.%u.%u.%u.%u.%u",
&b1, &b2, &b3, &b4, &b5, &b6) == 6) {
/* IPv4: h1.h2.h3.h4.p1.p2 */
port = (b5<<8) | b6;
- proto_tree_add_text(tree, tvb, addr_offset, offset,
+ proto_tree_add_text(tree, tvb, addr_offset, offset,
"[callback IPv4 address %u.%u.%u.%u, protocol=%s, port=%u]",
b1, b2, b3, b4, protocol, port);
- } else if (universal_ip_address && sscanf(universal_ip_address, "%hhu.%hhu",
+ } else if (universal_ip_address && sscanf(universal_ip_address,"%u.%u",
&b1, &b2) == 2) {
/* Some clients (linux) sometimes send only the port. */
port = (b1<<8) | b2;
- proto_tree_add_text(tree, tvb, addr_offset, offset-addr_offset, "[callback ip address NOT SPECIFIED, protocol=%s, port=%u]",
- protocol,
- port);
- } else if (universal_ip_address && sscanf(universal_ip_address, "%2hhx:%2hhx:%2hhx:%2hhx:%2hhx:%2hhx:%2hhx:%2hhx.%hhu.%hhu",
- &b1, &b2, &b3, &b4, &b5, &b6, &b7, &b8, &b9, &b10) == 10) {
-
+ proto_tree_add_text(tree, tvb, addr_offset, offset-addr_offset,
+ "[callback ip address NOT SPECIFIED, protocol=%s, port=%u]", protocol, port);
+ } else if (universal_ip_address && sscanf(universal_ip_address,
+ "%2x:%2x:%2x:%2x:%2x:%2x:%2x:%2x.%u.%u",
+ &b1, &b2, &b3, &b4, &b5, &b6, &b7, &b8, &b9, &b10) == 10) {
port = (b9<<8) | b10;
proto_tree_add_text(tree, tvb, addr_offset, offset,
"[callback IPv6 address %2x:%2x:%2x:%2x:%2x:%2x:%2x:%2x, protocol=%s, port=%u]",
Index: wireshark-1.4.4/epan/dissectors/packet-ssl-utils.c
===================================================================
--- wireshark-1.4.4.orig/epan/dissectors/packet-ssl-utils.c
+++ wireshark-1.4.4/epan/dissectors/packet-ssl-utils.c
@@ -3145,7 +3145,13 @@ ssl_parse_key_list(const gchar * keys_li
ip[2] = 0;
ip[3] = 0;
} else {
- sscanf(addr, "%hhu.%hhu.%hhu.%hhu", &ip[0], &ip[1], &ip[2], &ip[3]);
+ guint tmp0, tmp1, tmp2, tmp3;
+
+ sscanf(addr, "%u.%u.%u.%u", &tmp0, &tmp1, &tmp2, &tmp3);
+ ip[0] = (guchar)tmp0;
+ ip[1] = (guchar)tmp1;
+ ip[2] = (guchar)tmp2;
+ ip[3] = (guchar)tmp3;
}
if(!strcmp("start_tls", port)) {
@@ -3153,7 +3159,7 @@ ssl_parse_key_list(const gchar * keys_li
} else {
service->port = atoi(port);
}
- ssl_debug_printf("ssl_init addr '%hhu.%hhu.%hhu.%hhu' port '%d' filename '%s' password(only for p12 file) '%s'\n",
+ ssl_debug_printf("ssl_init addr '%u.%u.%u.%u' port '%d' filename '%s' password(only for p12 file) '%s'\n",
ip[0], ip[1], ip[2], ip[3], service->port, filename, cert_passwd ? cert_passwd : "(null)");
/* try to load pen or p12 file*/
Index: wireshark-1.4.4/tools/checkAPIs.pl
===================================================================
--- wireshark-1.4.4.orig/tools/checkAPIs.pl
+++ wireshark-1.4.4/tools/checkAPIs.pl
@@ -1001,6 +1001,14 @@ while ($_ = $ARGV[0])
print STDERR "Error: Found %ll in " .$filename."\n";
$errorCount++;
}
+ if ($fileContents =~ m{ %hh }xo)
+ {
+ # %hh is C99 and Windows doesn't like it:
+ # http://connect.microsoft.com/VisualStudio/feedback/details/416843/sscanf-cannot-not-handle-hhd-format
+ # Need to use temporary variables instead.
+ print STDERR "Error: Found %hh in " .$filename."\n";
+ $errorCount++;
+ }
if (! ($fileContents =~ m{ \$Id .* \$ }xo))
{
