URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f4e1cb1b4ffb0c2a7c5ba84a13b412643ea0252
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master-1.12
Repository: wireshark
Commits:
4f4e1cb by Guy Harris (guy@xxxxxxxxxxxx):
Don't treat the packet length as unsigned.
The scanf family of functions are as annoyingly bad at handling unsigned
numbers as strtoul() is - both of them are perfectly willing to accept a
value beginning with a negative sign as an unsigned value. When using
strtoul(), you can compensate for this by explicitly checking for a '-'
as the first character of the string, but you can't do that with
sscanf().
So revert to having pkt_len be signed, and scanning it with %d, but
check for a negative value and fail if we see a negative value.
Bug: 12396
Change-Id: I54fe8f61f42c32b5ef33da633ece51bbcda8c95f
Reviewed-on: https://code.wireshark.org/review/15220
Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
(cherry picked from commit 11edc83b98a61e890d7bb01855389d40e984ea82)
Reviewed-on: https://code.wireshark.org/review/15222
Actions performed:
from eb8cc59 Don't treat the packet length as unsigned.
adds 4f4e1cb Don't treat the packet length as unsigned.
Summary of changes:
wiretap/netscreen.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)