[Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>]

URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=85eea345861c3a911b358c2f06b39e7ac52b294f
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master-2.4
Repository: wireshark

Commits:

85eea34 by Guy Harris (guy@xxxxxxxxxxxx):

    Do bounds checking of the offset and length in proto_tree_add_string().
    
    Throw an exception if they don't correspond to data available in the
    packet - and do so even if the protocol tree argument is null, so that
    we catch very long strings that could cause the offset to overflow.
    
    Ask why we try to handle a null pointer passed as the string argument,
    while we're at it.
    
    Bug: 14738
    Change-Id: I2fa79ad0dcd1f41608844a573e045197ac60aa62
    Reviewed-on: https://code.wireshark.org/review/28179
    Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
    (cherry picked from commit 0fbb5f84d00426040bd37dd89d74e2ecda5b598e)
    Reviewed-on: https://code.wireshark.org/review/28181
    

Actions performed:

    from  67fee7e   Use FT_NONE, not FT_STRINGZ, for the field that covers the packet.
    adds  85eea34   Do bounds checking of the offset and length in proto_tree_add_string().


Summary of changes:
 epan/proto.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)