FC3 contains the following patch for Ethereal. Should it be applied
to Ethereal too?
ciao
Joerg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
--- ethereal-0.10.3/epan/dissectors/packet-smb.c.orig 2004-03-20 07:38:44.000000000 -0700
+++ ethereal-0.10.3/epan/dissectors/packet-smb.c 2004-04-12 12:54:57.942360859 -0600
@@ -5538,9 +5538,13 @@ dissect_write_andx_request(tvbuff_t *tvb
/* XXX we should really only do this in case we have seen LARGE FILE being negotiated */
/* data length high */
- datalen_high = tvb_get_letohs(tvb, offset);
- proto_tree_add_uint(tree, hf_smb_data_len_high, tvb, offset, 2, datalen_high);
- offset += 2;
+ datalen_high = tvb_get_letohl(tvb, offset);
+ if(datalen_high==0xffffffff){
+ datalen_high=0;
+ } else {
+ proto_tree_add_uint(tree, hf_smb_data_len_high, tvb, offset, 4, datalen_high);
+ }
+ offset += 4;
/* data len low */
datalen_low = tvb_get_letohs(tvb, offset);
--- ethereal-0.10.3/epan/dissectors/packet-q931.c.orig 2004-03-25 17:19:16.000000000 -0700
+++ ethereal-0.10.3/epan/dissectors/packet-q931.c 2004-04-12 12:55:07.013732934 -0600
@@ -2485,6 +2485,11 @@ dissect_q931_IEs(tvbuff_t *tvb, packet_i
((info_element & Q931_IE_SO_IDENTIFIER_MASK) == Q931_IE_SHIFT)) {
non_locking_shift = info_element & Q931_IE_SHIFT_NON_LOCKING;
codeset = info_element & Q931_IE_SHIFT_CODESET;
+ if(codeset>=NUM_INFO_ELEMENT_VALS){
+ proto_tree_add_text(q931_tree, tvb, offset, 1,
+ "Invalid codeset: %d", codeset);
+ return;
+ }
if (!non_locking_shift)
locked_codeset = codeset;
if (q931_tree != NULL) {
@@ -2514,6 +2519,11 @@ dissect_q931_IEs(tvbuff_t *tvb, packet_i
dissector_try_port(codeset_dissector_table, codeset, next_tvb, pinfo, q931_tree)) {
offset += 1;
codeset = locked_codeset;
+ if(codeset>=NUM_INFO_ELEMENT_VALS){
+ proto_tree_add_text(q931_tree, tvb, offset, 1,
+ "Invalid codeset: %d", codeset);
+ return;
+ }
continue;
}
}
@@ -2577,6 +2587,11 @@ dissect_q931_IEs(tvbuff_t *tvb, packet_i
}
offset += 1;
codeset = locked_codeset;
+ if(codeset>=NUM_INFO_ELEMENT_VALS){
+ proto_tree_add_text(q931_tree, tvb, offset, 1,
+ "Invalid codeset: %d", codeset);
+ return;
+ }
continue;
}
@@ -2665,6 +2680,11 @@ dissect_q931_IEs(tvbuff_t *tvb, packet_i
dissector_try_port(codeset_dissector_table, codeset, next_tvb, pinfo, q931_tree)) {
offset += 2 + info_element_len;
codeset = locked_codeset;
+ if(codeset>=NUM_INFO_ELEMENT_VALS){
+ proto_tree_add_text(q931_tree, tvb, offset, 1,
+ "Invalid codeset: %d", codeset);
+ return;
+ }
continue;
}
}
@@ -2877,6 +2897,11 @@ dissect_q931_IEs(tvbuff_t *tvb, packet_i
offset += 1 + 1 + info_element_len;
}
codeset = locked_codeset;
+ if(codeset>=NUM_INFO_ELEMENT_VALS){
+ proto_tree_add_text(q931_tree, tvb, offset, 1,
+ "Invalid codeset: %d", codeset);
+ return;
+ }
}
}
