URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=38680c4c69f9f4e0f39e29b66fe2b02d88eb629d
Submitter: "Gerald Combs <gerald@xxxxxxxxxxxxx>"
Changed: branch: master-2.4
Repository: wireshark
Commits:
38680c4 by Dario Lombardo (lomato@xxxxxxxxx):
netscaler: fix multiple out-of-bounds reads.
Multiple bugs have been found in the provided bug. Some of them have
been fixed in gefe920a, others here. The main problem is when malformed
files give wrong lenghts to the code, that casts and dereference it
without checking, causing oob reads. The fix introduces a check function
that prevents to go beyond the limits, early returning with a malformed
file message.
Other bugs have been fixed by forcing the string terminator that allows
the use of strlen() and MIN() that prevent wrong reads.
Conflicts:
wiretap/netscaler.c
Bug: 15497
Change-Id: I8411208b5ea0f1a0720a17b882f704d03296d1c4
Reviewed-on: https://code.wireshark.org/review/32194
Petri-Dish: Gerald Combs <gerald@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@xxxxxxxxxxxxx>
(cherry picked from commit 07bb974bcd99467381dddae134f11a6f21cf6ca5)
Reviewed-on: https://code.wireshark.org/review/32200
Actions performed:
from cab0cff netscaler: fix crash when reading malformed packets.
add 38680c4 netscaler: fix multiple out-of-bounds reads.
Summary of changes:
wiretap/netscaler.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 60 insertions(+), 6 deletions(-)