Wireshark-commits: [Wireshark-commits] master f6b7857: ssl-utils: add helper for validating Variabl
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f6b7857890bd785f1670193fe896733171071c2d
Submitter: Alexis La Goutte (alexis.lagoutte@xxxxxxxxx)
Changed: branch: master
Repository: wireshark
Commits:
f6b7857 by Peter Wu (peter@xxxxxxxxxxxxx):
ssl-utils: add helper for validating Variable Length Vectors
Currently variable length vectors are mostly unchecked with issues
ignored (see various "XXX - expert info"). In order to detect possible
attacks (and catch dissector issues), add helpers that extract the
vector length and that validate that a vector is correctly terminated.
Further dissection of a vector stops when not enough data is available.
The KeyShare extension and Extension itself are modified as a start,
more should follow. Future work should also ensure that the return value
represents the length after dissection (which should not exceed the
length). Also, the length field needs to be converted to an "offset_end"
value to ease overflow checking (length = offset_end - offset).
Change-Id: I6d757da2eb028f08a7b18661660313a6afd417e0
Reviewed-on: https://code.wireshark.org/review/19926
Petri-Dish: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
Actions performed:
from 4f532f5 Bluetooth: Update Assign Numbers
adds f6b7857 ssl-utils: add helper for validating Variable Length Vectors
Summary of changes:
epan/dissectors/packet-ssl-utils.c | 152 +++++++++++++++++++++++++++++++-----
epan/dissectors/packet-ssl-utils.h | 53 ++++++++++++-
2 files changed, 183 insertions(+), 22 deletions(-)
