URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b75179a7c392a134801bf988b1b2d7400d4670b4
Submitter: Balint Reczey (balint@xxxxxxxxxxxxxxx)
Changed: branch: lts-1.8.2
Repository: wireshark
Commits:
b75179a by Evan Huus (eapache@xxxxxxxxx):
ncp2222: don't overflow buffer constructing string
Fixes stack-smashing vuln.
Somehow there was already an XXX in the code about this, but nobody realized at
the time it was worth fixing... really?
Bug: 10552
Change-Id: I849068bd6c45146339444f295b72430d3c6e08f2
Reviewed-on: https://code.wireshark.org/review/4653
Reviewed-by: Evan Huus <eapache@xxxxxxxxx>
(cherry picked from commit b9988e2bbfc7c6c41ef82c559bd11a8c19170491)
Reviewed-on: https://code.wireshark.org/review/4654
Reviewed-on: https://code.wireshark.org/review/5336
Reviewed-by: Michael Mann <mmann78@xxxxxxxxxxxx>
(cherry picked from commit 6b8c5dba634cde2fe95fca81668337380f19d641)
Reviewed-on: https://code.wireshark.org/review/5354
Reviewed-by: Balint Reczey <balint@xxxxxxxxxxxxxxx>
Actions performed:
from 4028d5b ncp2222: initialize buffer in build_expert_data
adds b75179a ncp2222: don't overflow buffer constructing string
Summary of changes:
epan/dissectors/packet-ncp2222.inc | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)