Ethereal-dev: Re: [Ethereal-dev] [PATCH] packet-dcerpc.c: clamp to tvb length and display mult

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <gharris@xxxxxxxxx>
Date: Sat, 27 Nov 2004 16:17:58 -0800
Charles Levert wrote:


When displaying strings inside "UDP/DCE RPC/Microsoft Messenger Service"
packets (such as that lovely spam promoting www.windowspatch.net), the
"actual character count" was taken at face value and not checked against
the total size of the tvb; an intentional overflow (or exception) could
have been provoked by a carefully crafted packet.


Exceptions are *supposed* to be provoked by invalid packets.