Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 4975] NFSv4 usability enhancements (Info column summaries, filterable fields)

Wireshark-bugs: [Wireshark-bugs] [Bug 4975] NFSv4 usability enhancements (Info column summaries,

Date: Tue, 6 Jul 2010 07:15:45 -0700 (PDT)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4975

Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jeff.morriss.ws@xxxxxxxxx

--- Comment #7 from Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> 2010-07-06 07:15:41 PDT ---
This code sequence:

        ops = tvb_get_ntohl(tvb, offset+0);

        op_summary=g_malloc(sizeof(nfsv4_operation_summary) * ops);

causes Wireshark to crash on fuzzed capture files (see bug 4976).

Is there some reasonable upper limit to the number of operations in a packet
(to keep us from requesting more memory than is available)?

I have a patch coded for this using 128 as the max number of operations, but I
wanted to check if the number is reasonable or not before checking it in...

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

References:
- [Wireshark-bugs] [Bug 4975] New: NFSv4 usability enhancements (Info column summaries, filterable fields)
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 4972] VoIP Calls Graph Analysis window divider can only be moved to the left
Next by Date: [Wireshark-bugs] [Bug 4983] New: Buildbot crash output: fuzz-2010-07-06-1196.pcap
Previous by thread: [Wireshark-bugs] [Bug 4975] NFSv4 usability enhancements (Info column summaries, filterable fields)
Next by thread: [Wireshark-bugs] [Bug 4975] NFSv4 usability enhancements (Info column summaries, filterable fields)
Index(es):
- Date
- Thread