Wireshark-bugs: [Wireshark-bugs] [Bug 4300] DTN: Bundle Protocol Control flag length check is in
Date: Mon, 7 Dec 2009 11:02:08 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4300

--- Comment #3 from Mithun Roy <mithunroy13@xxxxxxxxx> 2009-12-07 11:02:00 PST ---
One of the test cases in the capture file that was used in the fuzz test(bug
4274), causes the funtion evaluate_sdnv() to return an error(value -1) when
calculating the rcpt_clm_cnt. So the ep_alloc(sizeof(guint64) * rcpt_clm_cnt)
following that would throw " Memory corrupted " error, becuase the value passed
to ep_alloc() will be negative. 

This problem has already been rectified, by using the check to see if
rcpt_clm_cnt is less than zero. 

The control flag length check has nothing to do with the bug 4274.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.