Wireshark-bugs: [Wireshark-bugs] [Bug 7880] Buildbot crash output: fuzz-2012-10-19-28735.pcap

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 22 Oct 2012 01:34:57 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7880

Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |darkjames-ws@xxxxxxxxxxxx

--- Comment #2 from Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx> 2012-10-22 01:34:56 PDT ---
Packet #20961, dissect_iphc_crtp_fh:

(gdb) print ip_hdr_len
$1 = 56
(gdb) print length
$2 = 61

ip_packet = tvb_memdup(tvb, 0, length);
...
ip_packet[ip_hdr_len + 5] = (length - ip_hdr_len); <--- ip_hdr_len + 5 >=
length
                                                        buffer overflow.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.