URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=744bfd08b611991ee3e1afb792cf9c11b9845d6f
Submitter: Peter Wu (peter@xxxxxxxxxxxxx)
Changed: branch: master-2.4
Repository: wireshark
Commits:
744bfd0 by Peter Wu (peter@xxxxxxxxxxxxx):
gsm_a_gm: fix potential buffer overrun (read)
When the string "str" is empty, "str+1" is invalid. This function can be
called from functions using SET_ELEM_VARS in packet-gsm_a_common.c which
appear to check the length first, but packet-etsi_card_app_toolkit.c and
packet-camel.c do not. Err on the safe side and do not add the item.
Change-Id: I6bd559593bb10ff0b8bf08a48d828613e3d8ccf5
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4311
Reviewed-on: https://code.wireshark.org/review/27470
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
(cherry picked from commit 4d800d7b8a83f6aab13558867fbe2118f0228971)
Reviewed-on: https://code.wireshark.org/review/27497
Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
Actions performed:
from fce5ee8 [Automatic update for 2018-05-13]
adds 744bfd0 gsm_a_gm: fix potential buffer overrun (read)
Summary of changes:
epan/dissectors/packet-gsm_a_gm.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)