Wireshark · Ethereal-dev: [Ethereal-dev] Bounds check problem in packet-smb-common.c

Ethereal-dev: [Ethereal-dev] Bounds check problem in packet-smb-common.c

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Peter Hawkins" <peter@xxxxxxxxxxxxxxxxx>

Date: Fri, 14 Jun 2002 17:44:01 +1000

Hi...

Another bounds check problem:
packet-smb-common.c lines 81-93.
This buffer overflow is not exploitable, because it's impossible to get a
valid value into the hf_index (since you can't stick 0s in a string),
which means the problem will be caught by an assertion in the
proto_tree_add_string routine.

I think the correct fix is to implement a multi-byte string length for
tvbuffs, as suggested in the comment.

=)
Peter

Follow-Ups:
- Re: [Ethereal-dev] Bounds check problem in packet-smb-common.c
  - From: Guy Harris

Prev by Date: Re: [Ethereal-dev] ethereal crash on particular packet
Next by Date: Re: [Ethereal-dev] ethereal crash on particular packet
Previous by thread: Re: [Ethereal-dev] Ethereal works very slowly on Windows 2000.
Next by thread: Re: [Ethereal-dev] Bounds check problem in packet-smb-common.c
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$