Wireshark-commits: [Wireshark-commits] master 3c6900f: radius: fix use-after-free after recent meml
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3c6900f31fcfed080d165b581ccef8f022109491
Submitter: Michael Mann (mmann78@xxxxxxxxxxxx)
Changed: branch: master
Repository: wireshark
Commits:
3c6900f by Peter Wu (peter@xxxxxxxxxxxxx):
radius: fix use-after-free after recent memleak fixes
The same data is referenced by the ID-to-name and name-to-ID mapping, so
be make sure that the ID mapping is responsible (as the name mapping is
just used for duplicate detection and while parsing dictionary files).
Still to be done is fixing duplicate attribute numbers (by adding
support for OIDs and changing TLV attribute type IDs to OIDs) and fixing
duplicate attribute names (by prefixing the Vendor Names to them).
Also not handled is fixing Value memleaks.
Reproducers of the crash under ASAN:
tshark -G fields >/dev/null
tshark -r radius-ms-mppe-etrl-bug.cap (from bug 796)
Change-Id: Ifa4055901072bc830e19fe06937af67ce524a3be
Fixes: v2.3.0rc0-2536-gd4cf57100c ("Free radius dissector memory on shutdown")
Reviewed-on: https://code.wireshark.org/review/20307
Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Michael Mann <mmann78@xxxxxxxxxxxx>
Actions performed:
from 87b7242 radius: fix memleaks of value_string
adds 3c6900f radius: fix use-after-free after recent memleak fixes
Summary of changes:
epan/dissectors/packet-radius.c | 19 ++++++++++++-------
epan/dissectors/packet-radius.h | 12 ++++++++++--
epan/radius_dict.l | 6 +++---
3 files changed, 25 insertions(+), 12 deletions(-)