On Mon, Dec 13, 1999 at 03:47:33AM -0600, James Coe wrote:
> args1=0xbfffe9fc) at gmessages.c:389
> #4 0x40203df6 in g_log (log_domain=0x0, log_level=G_LOG_LEVEL_ERROR,
> format=0x80ef960 "file %s: line %d (%s): assertion failed: (%s)")
> at gmessages.c:406
> #5 0x806b9a7 in find_hfinfo_record (hfindex=1095523397) at proto.c:227
> #6 0x806bad4 in proto_tree_add_item_value (tree=0x81d0ae8,
> hfindex=1095523397, start=35, length=1, include_format=0, visible=0,
> ap=0xbfffea78) at proto.c:300
> #7 0x806ba12 in proto_tree_add_item_hidden (tree=0x81d0ae8,
> hfindex=1095523397, start=35, length=1) at proto.c:251
> #8 0x80a82c2 in dissect_rsvp (pd=0x814fd3c "\b", offset=34, fd=0x835fdb8,
> tree=0x81d0e1c) at packet-rsvp.c:407
Thanks. Line 407 is packet-rsvp.c uses packet data for calculations w/o
validating the data first. Does the attached patch fix the problem?
--gilbert
Index: packet-rsvp.c
===================================================================
RCS file: /usr/local/cvsroot/ethereal/packet-rsvp.c,v
retrieving revision 1.10
diff -u -r1.10 packet-rsvp.c
--- packet-rsvp.c 1999/11/16 11:42:52 1.10
+++ packet-rsvp.c 1999/12/13 15:38:51
@@ -404,6 +404,9 @@
hdr->ver_flags & 0xf);
proto_tree_add_item(rsvp_header_tree, rsvp_filter[RSVPF_MSG],
offset+1, 1, hdr->message_type);
+ if (hdr->message_type >= RSVPF_MAX) {
+ return;
+ }
proto_tree_add_item_hidden(rsvp_header_tree, rsvp_filter[RSVPF_MSG + hdr->message_type],
offset+1, 1, 1);
/*
