Ethereal-cvs: [Ethereal-cvs] cvs commit: ethereal packet-mount.c packet-ppp.c

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Gerald Combs <gerald@xxxxxxxxxxxxxxxxxxx>
Date: Sun, 27 Apr 2003 23:03:26 -0500 (CDT)
gerald      2003/04/27 23:03:25 CDT

  Modified files:
    .                    packet-mount.c packet-ppp.c 
  Log:
  Fix several buffer and integer overflow issues discovered by Timo Sirainen.
  
  tvbuff.c:
  
    Lots of existing code assumes that you can safely do the following:
  
      #define MAX_BUF 64
      guint8 *buf[MAX_BUF];
      ...
  
      tvb_get_nstringz0 (tvb, offset, MAX_BUF, buf, &bytes_copied);
  
    In reality, tvb_get_nstringz*() can potentially write one byte past
    "buf".  Modify _tvb_get_nstringz() not to do that.
  
  packet-ppp.c:
  
    Check for a valid BAP suboption length.
  
  packet-mount.c:
  
    Fix a possible integer overflow in dissect_group().
  
  Revision  Changes    Path
  1.38      +13 -11    ethereal/packet-mount.c
  1.109     +8 -3      ethereal/packet-ppp.c