Wireshark-bugs: [Wireshark-bugs] [Bug 8717] Buildbot crash output: fuzz-2013-05-25-10691.pcap

Date: Mon, 27 May 2013 23:41:05 +0000

Comment # 2 on bug 8717 from
Somehow we're reassembling 256 frames of 257 bytes each (256*257 = 65792) but
the resulting TVB is only 65786 bytes long (6 bytes too short).

The dissector does some dangerous work with tvb_get_ptr, and is running past
the end of the buffer.

It's easy enough to DISSECTOR_ASSERT the tvb length against the expected value,
but that doesn't answer why reassembly is giving us the wrong length back in
the first place...


You are receiving this mail because:
  • You are watching all bug changes.