URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1ddaf1a0944ffe95d69717ac9fdc60824932f676
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark
Commits:
1ddaf1a by Jeff Morriss (jeff.morriss.ws@xxxxxxxxx):
MMSE: catch length overflows to avoid infinite loop.
After fetching a length from the packet ensure those bytes exist to
avoid integer overflows by callers (while avoiding having to ensure
every caller checks for overflows).
Also add a check to ensure the loop in question is progressing through
the TVB; report a dissector bug if it doesn't.
Bug: 15250
Change-Id: I9434bfe9d530942fd45342690383df2decacdba1
Reviewed-on: https://code.wireshark.org/review/30560
Petri-Dish: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
Actions performed:
from b058223 UI: Remove Win32 file dialog stuff specific to GTK
add 1ddaf1a MMSE: catch length overflows to avoid infinite loop.
Summary of changes:
epan/dissectors/packet-mmse.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)