Wireshark · Wireshark-commits: [Wireshark-commits] rev 41001: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-mp2t.c

Wireshark-commits: [Wireshark-commits] rev 41001: /trunk/epan/dissectors/ /trunk/epan/dissectors/:

Date: Sun, 12 Feb 2012 20:03:38 GMT

http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=41001

User: guy
Date: 2012/02/12 12:03 PM

Log:
 Don't trust the pointer value in a packet; it could be invalid, and this
 could cause an unsigned length value to be reduced by more than its
 value, turning it into a very large value.
 
 I couldn't exactly reproduce bug 6833, but it was due to an attempt to
 allocate 4294967110 bytes, and this bug caused remaining_len to equal
 4294967110, and it would try to create a reassembled packet tvbuff of
 that size, so I'm guessing this fixes 6833.

Directory: /trunk/epan/dissectors/
  Changes    Path             Action
  +20 -2     packet-mp2t.c    Modified

Prev by Date: [Wireshark-commits] rev 41000: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-infiniband_sdp.c
Next by Date: [Wireshark-commits] rev 41002: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-mp2t.c
Previous by thread: [Wireshark-commits] rev 41000: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-infiniband_sdp.c
Next by thread: [Wireshark-commits] rev 41002: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-mp2t.c
Index(es):
- Date
- Thread