Wireshark-commits: [Wireshark-commits] lts-1.12.1 6b8c5db: ncp2222: don't overflow buffer construct
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Sun, 16 Nov 2014 17:10:52 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6b8c5dba634cde2fe95fca81668337380f19d641
Submitter: Michael Mann (mmann78@xxxxxxxxxxxx)
Changed: branch: lts-1.12.1
Repository: wireshark

Commits:

6b8c5db by Evan Huus (eapache@xxxxxxxxx):

    ncp2222: don't overflow buffer constructing string
    
    Fixes stack-smashing vuln.
    
    Somehow there was already an XXX in the code about this, but nobody realized at
    the time it was worth fixing... really?
    
    Bug: 10552
    Change-Id: I849068bd6c45146339444f295b72430d3c6e08f2
    Reviewed-on: https://code.wireshark.org/review/4653
    Reviewed-by: Evan Huus <eapache@xxxxxxxxx>
    (cherry picked from commit b9988e2bbfc7c6c41ef82c559bd11a8c19170491)
    Reviewed-on: https://code.wireshark.org/review/4654
    Reviewed-on: https://code.wireshark.org/review/5336
    Reviewed-by: Michael Mann <mmann78@xxxxxxxxxxxx>
    

Actions performed:

    from  5451012   ncp2222: initialize buffer in build_expert_data
    adds  6b8c5db   ncp2222: don't overflow buffer constructing string


Summary of changes:
 epan/dissectors/packet-ncp2222.inc |    3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)