[Guy Harris <gharris@xxxxxxxxx>]

ronnie sahlberg wrote:

> In a future phase i would like to eliminate all character arrays that
> are either global variables or stack variables to become either sp or
> ep emem allocated memory.
> In particular i would like to move every one of them off the stack 
> since this would reduce the danger of buffer overflows.

Is it really worth doing that for *all* stack arrays?

With the *possible* exception of strings defined to be fixed-length or 
to have a fixed maximum length (although I'd be inclined to allocate 
those as well), strings fetched from the packet shouldn't be in 
on-the-stack buffers, and constructed display strings shouldn't be on 
the stack either.

However, a buffer for an IPv4 or IPv6 address should be safe - the copy 
to that buffer should use "sizeof", although perhaps we should instead

	1) add a type for IPv4 addresses, similar to the e_in6_addr structure 
for IPv6 addresses

and

	2) have tvbuff routines to extract IPv4 and IPv6 addresses into those 
structures

to enforce that the buffer is big enough and that we don't copy past the 
end of it.

> After that i think it would be nice to go over all loops and verify
> that offset is always increased in each iteration or that the loop
> terminates with an exception.

A lot of the offending loops are in code processing TLVs; a common 
routine to handle TLVs might help here.