Wireshark-commits: [Wireshark-commits] lts-1.12.1 e1f3c18: ber: avoid deep recursion for constructe

From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Fri, 4 Mar 2016 16:16:11 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e1f3c188e7f37d698dfcf4c74892b5ee512f520c
Submitter: Balint Reczey (balint@xxxxxxxxxxxxxxx)
Changed: branch: lts-1.12.1
Repository: wireshark

Commits:

e1f3c18 by Peter Wu (peter@xxxxxxxxxxxxx):

    ber: avoid deep recursion for constructed strings
    
    Bound the recursion depth to avoid a stack overflow while parsing a
    deeply nested constructed string.
    
    Call chain before this patch:
    
     - dissect_ber_octet_string
       - dissect_ber_constrained_octet_string
         - reassemble_octet_string (called for constructed types)
           - dissect_ber_octet_string *recursion*
    
    After this patch, the reassemble_octet_string will throw if the maximum
    recursion depth is reached.
    
    Bug: 11822
    Change-Id: I6753e3c9f5dcbfab0e4c174418b2c7eb784d64d2
    Reviewed-on: https://code.wireshark.org/review/14108
    Reviewed-by: Michael Mann <mmann78@xxxxxxxxxxxx>
    Petri-Dish: Michael Mann <mmann78@xxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
    Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
    (cherry picked from commit 9ff932bf5ea554f9e94ee1364284aff9eb3fd619)
    Reviewed-on: https://code.wireshark.org/review/14110
    (cherry picked from commit 307bbd253fc61657935eca992ec9325dbfff3274)
    Reviewed-on: https://code.wireshark.org/review/14111
    (cherry picked from commit 8f7a26e8fcf878bb55601edae5032caf71c2e587)
    Reviewed-on: https://code.wireshark.org/review/14348
    Reviewed-by: Balint Reczey <balint@xxxxxxxxxxxxxxx>
    

Actions performed:

    from  f03f508   ber: fix buffer overrun when handling empty sets
    adds  e1f3c18   ber: avoid deep recursion for constructed strings


Summary of changes:
 epan/dissectors/packet-ber.c |   20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)