Wireshark-commits: [Wireshark-commits] lts-1.12.1 6dbf7cc: llrp: limit recursion depth
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Fri, 4 Mar 2016 16:09:18 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6dbf7ccc8e29f34286f6dca74ef6cc5fd15c949f
Submitter: Balint Reczey (balint@xxxxxxxxxxxxxxx)
Changed: branch: lts-1.12.1
Repository: wireshark

Commits:

6dbf7cc by Evan Huus (eapache@xxxxxxxxx):

    llrp: limit recursion depth
    
    LLRP defines fairly complex parameter nesting which we handle via recursion,
    however this means a large crafted packet could cause very deep stacks and
    potentially stack overflows. Limit our recursive depth to an arbitrary, which
    should be more than enough for any legitimate packet (I hope).
    
    Bug: 12048
    Change-Id: I9ac31bddfa4ffd1a79809387d10d2261749b95e7
    Reviewed-on: https://code.wireshark.org/review/13794
    Reviewed-by: Evan Huus <eapache@xxxxxxxxx>
    (cherry picked from commit 4a2cd6c79ecbf2cb21f985f01ce1c1e3030285ec)
    Reviewed-on: https://code.wireshark.org/review/14343
    Reviewed-by: Balint Reczey <balint@xxxxxxxxxxxxxxx>
    

Actions performed:

    from  3bd3e46   rsl: avoid buffer overread
    adds  6dbf7cc   llrp: limit recursion depth


Summary of changes:
 epan/dissectors/packet-llrp.c |   67 +++++++++++++++++++++--------------------
 1 file changed, 35 insertions(+), 32 deletions(-)