URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=db941b25c44cad1738a405f4c5f7fc6ddef49545
Submitter: Balint Reczey (balint@xxxxxxxxxxxxxxx)
Changed: branch: lts-1.12.1
Repository: wireshark
Commits:
db941b2 by Guy Harris (guy@xxxxxxxxxxxx):
Don't treat the packet length as unsigned.
The scanf family of functions are as annoyingly bad at handling unsigned
numbers as strtoul() is - both of them are perfectly willing to accept a
value beginning with a negative sign as an unsigned value. When using
strtoul(), you can compensate for this by explicitly checking for a '-'
as the first character of the string, but you can't do that with
sscanf().
So revert to having pkt_len be signed, and scanning it with %d, but
check for a negative value and fail if we see a negative value.
Bug: 12396
Change-Id: I54fe8f61f42c32b5ef33da633ece51bbcda8c95f
Reviewed-on: https://code.wireshark.org/review/15220
Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
(cherry picked from commit 11edc83b98a61e890d7bb01855389d40e984ea82)
Reviewed-on: https://code.wireshark.org/review/15222
(cherry picked from commit 4f4e1cb1b4ffb0c2a7c5ba84a13b412643ea0252)
Reviewed-on: https://code.wireshark.org/review/16116
Reviewed-by: Balint Reczey <balint@xxxxxxxxxxxxxxx>
Actions performed:
from 5386607 Fix packet length handling.
adds db941b2 Don't treat the packet length as unsigned.
Summary of changes:
wiretap/netscreen.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)