Wireshark-commits: [Wireshark-commits] master-2.4 38680c4: netscaler: fix multiple out-of-bounds re

From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Tue, 26 Feb 2019 19:52:25 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=38680c4c69f9f4e0f39e29b66fe2b02d88eb629d
Submitter: "Gerald Combs <gerald@xxxxxxxxxxxxx>"
Changed: branch: master-2.4
Repository: wireshark

Commits:

38680c4 by Dario Lombardo (lomato@xxxxxxxxx):

    netscaler: fix multiple out-of-bounds reads.
    
    Multiple bugs have been found in the provided bug. Some of them have
    been fixed in gefe920a, others here. The main problem is when malformed
    files give wrong lenghts to the code, that casts and dereference it
    without checking, causing oob reads. The fix introduces a check function
    that prevents to go beyond the limits, early returning with a malformed
    file message.
    
    Other bugs have been fixed by forcing the string terminator that allows
    the use of strlen() and MIN() that prevent wrong reads.
    
    Conflicts:
    	wiretap/netscaler.c
    
    Bug: 15497
    Change-Id: I8411208b5ea0f1a0720a17b882f704d03296d1c4
    Reviewed-on: https://code.wireshark.org/review/32194
    Petri-Dish: Gerald Combs <gerald@xxxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Gerald Combs <gerald@xxxxxxxxxxxxx>
    (cherry picked from commit 07bb974bcd99467381dddae134f11a6f21cf6ca5)
    Reviewed-on: https://code.wireshark.org/review/32200
    

Actions performed:

    from  cab0cff   netscaler: fix crash when reading malformed packets.
     add  38680c4   netscaler: fix multiple out-of-bounds reads.


Summary of changes:
 wiretap/netscaler.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 60 insertions(+), 6 deletions(-)