https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4300
Gerald Combs <gerald@xxxxxxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |gerald@xxxxxxxxxxxxx
--- Comment #4 from Gerald Combs <gerald@xxxxxxxxxxxxx> 2009-12-07 13:26:25 PST ---
fuzz-2009-11-30-7287.pcap from bug 4277 adds a bundle control flag field with a
zero length. This triggers a dissector error. Since hf_bundle_control_flags is
an FT_UINT8, I assumed that 1 was the only valid length. Technically, 1, 2, 3,
and 4 are all valid lengths for all of the FT_UINT* types, so we might be able
to get away with changing the check from "sdnv_length != 1" to "sdnv_length < 1
|| sdnv_length > 4".
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.