Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 12742] New: Possible Null Pointer Dereference in packet-ntlmssp.c

Wireshark-bugs: [Wireshark-bugs] [Bug 12742] New: Possible Null Pointer Dereference in packet-nt

Date: Mon, 15 Aug 2016 02:30:26 +0000

Bug ID	12742
Summary	Possible Null Pointer Dereference in packet-ntlmssp.c
Product	Wireshark
Version	2.0.5
Hardware	x86
OS	Fedora
Status	UNCONFIRMED
Severity	Trivial
Priority	Low
Component	Dissection engine (libwireshark)
Assignee	bugzilla-admin@wireshark.org
Reporter	syntax17@hotmail.com

Build Information:
Wireshark 2.0.5 (Git Rev Unknown from unknown)

Copyright 1998-2016 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 4.8.7, with libpcap, without POSIX capabilities,
without libnl, with libz 1.2.8, with GLib 2.48.1, without SMI, without c-ares,
without ADNS, without Lua, without GnuTLS, without Gcrypt, without Kerberos,
without GeoIP, with QtMultimedia, without AirPcap.

Running on Linux 4.6.5-300.fc24.x86_64, with locale en_US.UTF-8, with libpcap
version 1.7.4, with libz 1.2.8.
       Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz (with SSE4.2)

Built using gcc 6.1.1 20160510 (Red Hat 6.1.1-2).

--
I ran static code analysis (Cppcheck) on the codebase, and there is a null
pointer dereference for pass_list found in
epan/dissectors/packet-ntlmssp.c:583.  An examination of the code shows that
*pass_list is initialized to NULL upon declaration, and is dereferenced in line
583 with pass_list[i].md4.  Now pass_list will get populated in line 553 with
the get_md4pass_list function, but this code is only called if
HAVE_HEIMDAL_KERBEROS or HAVE_MIT_KERBEROS are defined.  A recursive search
revealed that they do get #define in the configure script, but there is an
underlying assumption that these #defines will exist.  At the very least, line
583 should have the same #if defined (HAVE_HEIMDAL_KERBEROS ||
defined(HAVE_MIT_KERBEROS)  statement surrounding it.

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 12742] Possible Null Pointer Dereference in packet-ntlmssp.c
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 12687] SocketCAN dissector does not support CAN FD
Next by Date: [Wireshark-bugs] [Bug 12103] Nordic dll dissector plugin makes Wireshark crash during startup
Previous by thread: [Wireshark-bugs] [Bug 12741] Buildbot crash output: fuzz-2016-08-14-29800.pcap
Next by thread: [Wireshark-bugs] [Bug 12742] Possible Null Pointer Dereference in packet-ntlmssp.c
Index(es):
- Date
- Thread