URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=11edc83b98a61e890d7bb01855389d40e984ea82
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master
Repository: wireshark
Commits:
11edc83 by Guy Harris (guy@xxxxxxxxxxxx):
Don't treat the packet length as unsigned.
The scanf family of functions are as annoyingly bad at handling unsigned
numbers as strtoul() is - both of them are perfectly willing to accept a
value beginning with a negative sign as an unsigned value. When using
strtoul(), you can compensate for this by explicitly checking for a '-'
as the first character of the string, but you can't do that with
sscanf().
So revert to having pkt_len be signed, and scanning it with %d, but
check for a negative value and fail if we see a negative value.
Bug: 12396
Change-Id: I54fe8f61f42c32b5ef33da633ece51bbcda8c95f
Reviewed-on: https://code.wireshark.org/review/15220
Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
Actions performed:
from 29c78db Don't treat the packet length as unsigned.
adds 11edc83 Don't treat the packet length as unsigned.
Summary of changes:
wiretap/netscreen.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)