Wireshark-bugs: [Wireshark-bugs] [Bug 4970] Wireshark Crashes when invalid subframe information
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4970
Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |martin.r.mathieson@googlema
| |il.com
--- Comment #2 from Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx> 2010-07-04 09:55:56 PDT ---
(In reply to comment #1)
> This problem is seen when decoding LTE-MAC packets.
>
> Sorry for the incomplete details provided earlier. thisData I referred could be
> found in the file packet-lte-mac.c file.
>
> Thanks,
> Madhur
Yes, there is an assumption that the subframe number is in the range 0-9, and
it isn't range-checked. It would write outside of the allocated array if you
had a number outside of that range.
I'll add some range-checking, I guess I never thought it'd be an issue.
Martin
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.