Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 4217] Integer overflow in ZBEE zdp discovery dissector

Wireshark-bugs: [Wireshark-bugs] [Bug 4217] Integer overflow in ZBEE zdp discovery dissector

Date: Sun, 8 Nov 2009 23:33:01 -0800 (PST)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4217





--- Comment #1 from Jaap Keuter <jaap.keuter@xxxxxxxxx>  2009-11-08 23:32:54 PDT ---
Your observation would be true if the ep_alloc() would take a guint8 as
parameter. Instead it takes size_t, which is larger than that. That means
user_length is promoted first before the addition, with no risk for overflow.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

References:
- [Wireshark-bugs] [Bug 4217] New: Integer overflow in ZBEE zdp discovery dissector
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 4217] New: Integer overflow in ZBEE zdp discovery dissector
Next by Date: [Wireshark-bugs] [Bug 4218] New: Add support for UMTS FP over UDP
Previous by thread: [Wireshark-bugs] [Bug 4217] New: Integer overflow in ZBEE zdp discovery dissector
Next by thread: [Wireshark-bugs] [Bug 4217] Integer overflow in ZBEE zdp discovery dissector
Index(es):
- Date
- Thread