Build Information:
See bug 10408.
--
+++ This bug was initially created as a clone of Bug #10408 +++
This is bug in AX.25 dissector:
Source: 209.223.212.248 (209.223.212.248)
Destination: 209.223.212.188 (209.223.212.188)
AX.25, Src: T)r(-08 (▒8:52:30:␊4:1␍:50:10), D⎽├: ┤ (0␍:␊␉:00:50:66:02:0␊), V␊⎼:
V?.?
D␊⎽├␋┼▒├␋⎺┼: ┤ (0␍:␊␉:00:50:66:02:0␊)
S⎺┤⎼␌␊: T)⎼(-08 (▒8:52:30:␊4:1␍:50:10)
[M▒┌°⎺⎼└␊␍ P▒␌┐␊├: AX.25]
[E│⎻␊⎼├ I┼°⎺ (E⎼⎼⎺⎼/M▒┌°⎺⎼└␊␍): M▒┌°⎺⎼└␊␍ P▒␌┐␊├ (E│␌␊⎻├␋⎺┼ ⎺␌␌┤⎼⎼␊␍)]
[M▒┌°⎺⎼└␊␍ P▒␌┐␊├ (E│␌␊⎻├␋⎺┼ ⎺␌␌┤⎼⎼␊␍)]
[S␊┴␊⎼␋├≤ ┌␊┴␊┌: E⎼⎼⎺⎼]
[G⎼⎺┤⎻: M▒┌°⎺⎼└␊␍]
OK, the bug is in file epan/address_to_str.c
For AX25, it uses the following code:
case AT_AX25:
addrdata = (const guint8 *)addr->data;
g_snprintf(buf, buf_len, "%c%c%c%c%c%c-%02d",
(addrdata[0] >> 1) & 0x7f, (addrdata[1] >> 1) & 0x7f,
(addrdata[2] >> 1) & 0x7f,
(addrdata[3] >> 1) & 0x7f, (addrdata[4] >> 1) & 0x7f,
(addrdata[5] >> 1) & 0x7f,
(addrdata[6] >> 1) & 0x0f );
break;
It means control characters 0x00 to 0x1f as well as 0x7f are being printed
directly to terminal without sanitizing - normally they should be replaced by
something safe like . or ?
You are receiving this mail because:
- You are watching all bug changes.