Don't crash for ERSPAN packets in Linux cooked captures.

Sadly, "cooked" means the GRE header isn't available; the extra data
pointer is null, so we can't dereference it.

Bug: 14548
Change-Id: I51ae67dcc144b7f5ab3c82dd9adf09b342b29ced
Reviewed-on: https://code.wireshark.org/review/26595
Reviewed-by: Guy Harris <guy@alum.mit.edu>

diff --git a/epan/dissectors/packet-cisco-erspan.c b/epan/dissectors/packet-cisco-erspan.c
index 47dcc31c92fd74af2576468d275b3c795befc07e..e39b9d0985ca092a6ac3b44e1b958c75572c70c2 100644 (file)
--- a/epan/dissectors/packet-cisco-erspan.c
+++ b/epan/dissectors/packet-cisco-erspan.c
@@ -133,12 +133,23 @@ dissect_erspan(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
        tvbuff_t *eth_tvb;
        guint32 offset = 0;
        guint16 version;
-       guint16 gre_flags_and_ver = *(guint16 *)data;
 
-       if(gre_flags_and_ver == 0) {
+       if (data == NULL) {
+               /*
+                * We weren't handed the GRE flags or version.
+                *
+                * This can happen if a Linux cooked capture is done and
+                * we get a packet from an "ipgre" interface.
+                */
                version = G_MAXUINT16; /* Possible values are 0...15 */
        } else {
-               version = tvb_get_ntohs(tvb, offset) >> 12;
+               guint16 gre_flags_and_ver = *(guint16 *)data;
+
+               if (gre_flags_and_ver == 0) {
+                       version = G_MAXUINT16; /* Possible values are 0...15 */
+               } else {
+                       version = tvb_get_ntohs(tvb, offset) >> 12;
+               }
        }
 
        ti = proto_tree_add_item(tree, proto_erspan, tvb, offset, -1,

diff --git a/epan/dissectors/packet-sll.c b/epan/dissectors/packet-sll.c
index cd53c9a46762862c447864cd6c2f82f6e1232bc2..c5f560df651c8d65b220efb32c2bc55df4df9970 100644 (file)
--- a/epan/dissectors/packet-sll.c
+++ b/epan/dissectors/packet-sll.c
@@ -347,6 +347,14 @@ dissect_sll(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
        } else {
                switch (hatype) {
                case ARPHRD_IPGRE:
+                       /*
+                        * XXX - the link-layer header appears to consist
+                        * of an IPv4 header followed by a bunch of stuff
+                        * that includes the GRE flags and version, but
+                        * cooked captures strip the link-layer header,
+                        * so we can't provide the flags and version to
+                        * the dissector.
+                        */
                        proto_tree_add_uint(fh_tree, &hfi_sll_gretype, tvb, 14, 2,
                            protocol);
                        dissector_try_uint(gre_dissector_table,