Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 4300] DTN: Bundle Protocol Control flag length check is incorrect

Wireshark-bugs: [Wireshark-bugs] [Bug 4300] DTN: Bundle Protocol Control flag length check is in

Date: Mon, 7 Dec 2009 11:02:08 -0800 (PST)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4300

--- Comment #3 from Mithun Roy <mithunroy13@xxxxxxxxx> 2009-12-07 11:02:00 PST ---
One of the test cases in the capture file that was used in the fuzz test(bug
4274), causes the funtion evaluate_sdnv() to return an error(value -1) when
calculating the rcpt_clm_cnt. So the ep_alloc(sizeof(guint64) * rcpt_clm_cnt)
following that would throw " Memory corrupted " error, becuase the value passed
to ep_alloc() will be negative. 

This problem has already been rectified, by using the check to see if
rcpt_clm_cnt is less than zero. 

The control flag length check has nothing to do with the bug 4274.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

References:
- [Wireshark-bugs] [Bug 4300] New: DTN: Bundle Protocol Control flag length check is incorrect
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 4302] ctime() is not thread safe and it's obsolete.
Next by Date: [Wireshark-bugs] [Bug 4299] SocketCAN dissector patch
Previous by thread: [Wireshark-bugs] [Bug 4300] DTN: Bundle Protocol Control flag length check is incorrect
Next by thread: [Wireshark-bugs] [Bug 4300] DTN: Bundle Protocol Control flag length check is incorrect
Index(es):
- Date
- Thread