This patch is probably better.
It makes the while loop even more robust and if pdu boundaries are
exceeded, an exception is thrown.
Am 10.03.2006, 18:09 Uhr, schrieb Lars Roland <Lars.Roland@xxxxxxx>:
Am 10.03.2006, 17:00 Uhr, schrieb Ulf Lamping <ulf.lamping@xxxxxx>:
Use this updated patch instead.
You make things worse than they are.
Don't manipulate data coming from a packet! If the block_length in the
packet is invalid, use it anyway.
Stopping the dissection of a packet because there are not enough data
is a bad idea. Showing Malformed Packet is the way to go here.
You are right. If a dissector requests more bytes than the packet
contains, the packet has to be shown as malformed.
But the question here is, how much data the dissector should request. We
have a length field for the pdu, and a length field for each value.
Should we stop dissection, if a value exceeds the boundaries of the pdu?
What shall we do, if enough bytes are available beyond the pdu boundary?
I agree that we should show it as a "Malformed Packet" in this situation
anyway. But you won't catch wrong pdu lengths by just using the
block_length. This way you would catch only wrong lengths for values.
Regards,
Lars
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
Attachment:
packet-pn-dcp.c.diff
Description: Binary data