Wireshark-bugs: [Wireshark-bugs] [Bug 4040] Buildbot crash output: fuzz-2009-09-22-12276.pcap

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 23 Sep 2009 08:28:37 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4040


Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jeff.morriss.ws@xxxxxxxxx




--- Comment #2 from Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>  2009-09-23 08:28:34 PDT ---
The problem is from rev 30075/bug 4039 which added:

+       gchar answer_ps_irat[2][80]={ "PS inter-RAT HO to UTRAN Iu mode not
supported" ,
+                                      "PS inter-RAT HO to UTRAN Iu mode
supported" };

[...]

+        oct = tvb_get_guint8(tvb, curr_offset);
+        curr_len--;
+
+        proto_tree_add_text(tree,
+                            tvb, curr_offset, 1,
+                            "PS inter-RAT HO to UTRAN Iu mode capability: (%u)
%s",
+                            oct,
+                            answer_ps_irat[oct]);


Note how oct is not bounds checked.  All those gchar arrays need to be
rewritten as value_ or true_false_strings.  (There's some outside of this
function too.)

I don't really have time to do this right now; if no one else does, we could
reverse 30075 as a temporary measure.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.