Ethereal-cvs: [Ethereal-cvs] rev 12707: /releases/ethereal-0.10.8/epan/dissectors/: packet-win

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: gerald@xxxxxxxxxxxx
Date: Thu, 09 Dec 2004 22:19:08 -0000
User: gerald
Date: 2004/12/09 04:18 PM

Log:
 From Brian Caswell:
 
 The ACL parser will attempt to decode as many ACE structures as are
 specified in the ACL structure.  If the number of ACE structures is
 sufficiently large with one of the ACE structures specifying a size of
 0, then the ACL parser will parse that ACE structure repeatedly,
 eventually causing a denial of service to Ethereal.
 
 I've attached a diff against HEAD that corrects the problem.  The diff
 also corrects a few decoding errors in the NT ACL & ACE structures.  A
 pcap is attached that reproduces the problem.
 
 This is a duplicate checkin of r12706 from the main trunk.

Directory: /releases/ethereal-0.10.8/epan/dissectors/
  Changes    Path                       Action
  +16 -16    packet-windows-common.c    Modified

Directory: /releases/ethereal-0.10.8/
  Changes    Path          Action
  +1 -0      AUTHORS       Modified



http://anonsvn.ethereal.com/viewcvs/viewcvs.py?rev=12707&view=rev