Wireshark-bugs: [Wireshark-bugs] [Bug 9323] Buildbot crash output: fuzz-2013-10-25-12569.pcap
Comment # 8
on bug 9323
from Jeff Morriss
(In reply to comment #7)
> (In reply to comment #6)
> > I tried to modify the function to use g_strlcpy in order to respect both the
> > length *and* any possible null-terminator but that just moved the source of
> > the error to the g_strlcpy call. That makes me suspect the length being
> > passed in is incorrect, but I cannot track down how.
>
> I didn't try that yet but the length looks OK to me (length is 48 though the
> 'line' is "Accept-Charset" through the end of the packet and into wiretap's
> unused space).
Actually the problem there is in the g_strlcpy() documentation. To quote:
"src must be nul-terminated;"!
Gotta use strncpy. This patch fixes it though of course it needs to be done
properly... Maybe after a game of soccer (football) with the kids...
~~~
@@ -2590,10 +2591,13 @@
/* Set the FT_STRING value */
static void
-proto_tree_set_string(field_info *fi, const char* value)
+proto_tree_set_string(field_info *fi, const char* value, gint length)
{
if (value) {
- fvalue_set(&fi->value, (gpointer) value, FALSE);
+ /*fvalue_set(&fi->value, (gpointer) value, FALSE);*/
+ fi->value.value.string = (gchar *)g_malloc(length+1);
+ strncpy(fi->value.value.string, value, length);
+ fi->value.value.string[length] = 0;
} else {
fvalue_set(&fi->value, (gpointer) "[ Null ]", FALSE);
}
~~~
You are receiving this mail because:
- You are watching all bug changes.