Wireshark · Ethereal-dev: Re: [ethereal-dev] Patch for OSPF MD5 decode.

Ethereal-dev: Re: [ethereal-dev] Patch for OSPF MD5 decode.

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Gilbert Ramirez <gram@xxxxxxxxxx>

Date: Tue, 19 Oct 1999 08:28:40 -0500

On Tue, Oct 19, 1999 at 12:22:07PM +0000, Tony Hart wrote:
> 
> >     char auth_data[(2 * 16) + 1]="";
> 118a121
> >                  crypto = (e_ospf_crypto *)ospfh.auth_data;
> 120c123,133

> > 		 ospflen = ntohs(ospfh.length);
> > 		 for (i = 0; i < crypto->length; i++)
> > 		     sprintf(&auth_data[i*2],"%02x",pd[offset + ospflen + i]);

The only thing I suggest is to check the sanity of crypto->length
before using it in the loop. It seems that you're using crypto->length
directly from the packet; if that packet is corrupt and you get a really
large value for crypto->length, you'll end up copying past the bounds
of auth_data[].

--gilbert

References:
- [ethereal-dev] Patch for OSPF MD5 decode.
  - From: Tony Hart

Prev by Date: [ethereal-dev] slow capture ?
Next by Date: Re: [ethereal-dev] suggested feature...
Previous by thread: [ethereal-dev] Patch for OSPF MD5 decode.
Next by thread: Re: [ethereal-dev] Patch for OSPF MD5 decode.
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$