Wireshark-bugs: [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check

Date: Tue, 10 Dec 2013 14:53:04 +0000

Comment # 13 on bug 9512 from
I cannot find the DTLS fix in master-1.10.

Please consider picking the following commits:

9ac2566 (touches cipher_suites)
219d171 (touches cipher_suites)
89244b1 (touches cipher_suites)
eda53fd (obsolete by a87da76 below, can be merged with that commit)
9bde187 (touches cipher_suites)
f4a4271 (touches cipher_suites, removes dig_len and export_cipher members)
cf7f5dd (touches cipher_suites)
a87da76 (this obsoletes the memmove patch above; fixes crash)

2aae7bc Fix CID 280081: ENC_NULL can't be used as an array index into
ciphers[], rather ENC_NULL-0x30 needs to be used.

21ca76a dtls: fix buffer overflow in mac check.  Bug 9512

SVN rev (in the order of git commits above):
52048 52049 52050 52051 52096 52147 52148 52149 52843 53842

The a87da76 patch fixes a crash I had with a DES40 cipher suite.
The 21ca76a patch fixes the buffer overflow reported here.
The other patches are glue (because they touch the cipher_suites array).


You are receiving this mail because:
  • You are watching all bug changes.