URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3b7555d32d11862f0e500ec466ad6bfe54190076
Submitter: "Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>"
Changed: branch: master-2.4
Repository: wireshark
Commits:
3b7555d by Jeff Morriss (jeff.morriss.ws@xxxxxxxxx):
MMSE: catch length overflows to avoid infinite loop.
After fetching a length from the packet ensure those bytes exist to
avoid integer overflows by callers (while avoiding having to ensure
every caller checks for overflows).
Also add a check to ensure the loop in question is progressing through
the TVB; report a dissector bug if it doesn't.
Bug: 15250
Bug: 15246
Change-Id: I9434bfe9d530942fd45342690383df2decacdba1
Reviewed-on: https://code.wireshark.org/review/30560
Petri-Dish: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
(cherry picked from commit 1ddaf1a0944ffe95d69717ac9fdc60824932f676)
Reviewed-on: https://code.wireshark.org/review/30673
Reviewed-by: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>
Actions performed:
from eefec09 LISP: Fix action bits decoding
add 3b7555d MMSE: catch length overflows to avoid infinite loop.
Summary of changes:
epan/dissectors/packet-mmse.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)