Ethereal-dev: [Ethereal-dev] isakmp parsing

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: newsham@xxxxxxxx (Tim Newsham)
Date: Tue, 3 Apr 2001 12:47:14 -1000 (HST)
There's a bug in isakmp parsing, while parsing packets
generated by linux freeswan's pluto (technically
their packet is malformed, but thats no reason that
ethereal should barf).  This is a generic bug in
ethereal 0.8.16 (all platforms).  The program goes
into an infinite loop when a sub-header specifies
its length as zero.  The patch is simple:

--- packet-isakmp.c.old	Tue Apr  3 15:31:22 2001
+++ packet-isakmp.c	Tue Apr  3 15:30:36 2001
@@ -348,7 +348,10 @@
             proto_tree_add_text(ntree, tvb, offset + 4, payload_length - 4,
                 "Payload");
           }
-        } 
+        } else {
+            /* short header received, should be at least four */
+            payload_length = 4;
+        }
         offset += payload_length;
         len -= payload_length;
       }