URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=acb406ff345e0d3ace4be715b220c45af07b2b20
Submitter: "Dario Lombardo <lomato@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark
Commits:
acb406f by Uwe Kleine-König (uwe@xxxxxxxxxxxxxxxxx):
DHCPv6: catch the NTP server suboptions being longer than the whole packet
A router here sends the type and length of suboptions of the NTP Server
option in dhcpv6 replies in little endian. So the NTP Server option
looks like:
01:00:10:00:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:ff:fe:xx:xx:xx
instead of
00:01:00:10:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:ff:fe:xx:xx:xx
. This makes the dissector throw an exception "Malformed Packet" which
results in the following options not being dissected.
So check the suboption's length before adding the subtree. This improves
diagnostics ("suboption too long" instead of "Malformed Packet") and
results in the suboptions after the bogus one being parsed.
Bug: 15542
Change-Id: Ifbafc23b3dbb7ca389b89936e9d1d15ecc82396e
Reviewed-on: https://code.wireshark.org/review/32223
Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@xxxxxxxxx>
Actions performed:
from 1cbcc57 Put a fake "FCS OK" value into the tree if we don't have FCS information.
add acb406f DHCPv6: catch the NTP server suboptions being longer than the whole packet
Summary of changes:
epan/dissectors/packet-dhcpv6.c | 4 ++++
1 file changed, 4 insertions(+)