This plugin causes two unexpected test failures in Wireshark's test suite, due to a pointer which can be used uninitialized causing a segmentation fault. Patch incoming.
To reproduce:
Manually follow the steps of wireshark/build-scripts/linux_build.sh 4.2.0, but removing the -DBUILD_wireshark=off from the CMake command line, to build Wireshark 4.2.0 with the ja4 plugin
Notice this warning during the build process:
/.../wireshark-4.2.0/plugins/epan/ja4/packet-ja4.c: In function ‘dissect_ja4’:
/.../wireshark-4.2.0/plugins/epan/ja4/packet-ja4.c:1113:86: warning: ‘packet_time’ may be used uninitialized in this function [-Wmaybe-uninitialized]
From the wireshark-4.2.0/build directory, run cmake --build . --target test-programs
From the same directory, run python3 -m pytest . -k 'not sharkd'
remove run/plugins/4.2/epan/ja4.so and repeat step 4, to see that the removal of the JA4 plugin causes the test suite to pass
(Step 4 needs -k 'not sharkd' because some sharkd-related test appears to hard-code a list of expected plugins, and fails when ja4 appears in the result.)
This plugin causes two unexpected test failures in Wireshark's test suite, due to a pointer which can be used uninitialized causing a segmentation fault. Patch incoming.
To reproduce:
wireshark/build-scripts/linux_build.sh 4.2.0, but removing the-DBUILD_wireshark=offfrom the CMake command line, to build Wireshark 4.2.0 with the ja4 pluginwireshark-4.2.0/builddirectory, runcmake --build . --target test-programspython3 -m pytest . -k 'not sharkd'run/plugins/4.2/epan/ja4.soand repeat step 4, to see that the removal of the JA4 plugin causes the test suite to pass(Step 4 needs
-k 'not sharkd'because some sharkd-related test appears to hard-code a list of expected plugins, and fails when ja4 appears in the result.)