Wireshark-commits: [Wireshark-commits] lts-1.8.2 e86b1e9: ber: avoid deep recursion for constructed
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e86b1e9f557e2cd1ae365dd96623226cff974795
Submitter: Balint Reczey (balint@xxxxxxxxxxxxxxx)
Changed: branch: lts-1.8.2
Repository: wireshark
Commits:
e86b1e9 by Peter Wu (peter@xxxxxxxxxxxxx):
ber: avoid deep recursion for constructed strings
Bound the recursion depth to avoid a stack overflow while parsing a
deeply nested constructed string.
Call chain before this patch:
- dissect_ber_octet_string
- dissect_ber_constrained_octet_string
- reassemble_octet_string (called for constructed types)
- dissect_ber_octet_string *recursion*
After this patch, the reassemble_octet_string will throw if the maximum
recursion depth is reached.
Conflicts:
epan/dissectors/packet-ber.c
Bug: 11822
Change-Id: I6753e3c9f5dcbfab0e4c174418b2c7eb784d64d2
Reviewed-on: https://code.wireshark.org/review/14108
Reviewed-by: Michael Mann <mmann78@xxxxxxxxxxxx>
Petri-Dish: Michael Mann <mmann78@xxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
(cherry picked from commit 9ff932bf5ea554f9e94ee1364284aff9eb3fd619)
Reviewed-on: https://code.wireshark.org/review/14110
(cherry picked from commit 307bbd253fc61657935eca992ec9325dbfff3274)
Reviewed-on: https://code.wireshark.org/review/14111
(cherry picked from commit 8f7a26e8fcf878bb55601edae5032caf71c2e587)
Reviewed-on: https://code.wireshark.org/review/14348
Reviewed-by: Balint Reczey <balint@xxxxxxxxxxxxxxx>
Reviewed-on: https://code.wireshark.org/review/14376
Actions performed:
from 512f778 Add boundary check for 802.11 decryption
adds e86b1e9 ber: avoid deep recursion for constructed strings
Summary of changes:
epan/dissectors/packet-ber.c | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)