Wireshark-commits: [Wireshark-commits] master 4d800d7: gsm_a_gm: fix potential buffer overrun (read
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Sat, 12 May 2018 17:36:45 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4d800d7b8a83f6aab13558867fbe2118f0228971
Submitter: Anders Broman (a.broman58@xxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

4d800d7 by Peter Wu (peter@xxxxxxxxxxxxx):

    gsm_a_gm: fix potential buffer overrun (read)
    
    When the string "str" is empty, "str+1" is invalid. This function can be
    called from functions using SET_ELEM_VARS in packet-gsm_a_common.c which
    appear to check the length first, but packet-etsi_card_app_toolkit.c and
    packet-camel.c do not. Err on the safe side and do not add the item.
    
    Change-Id: I6bd559593bb10ff0b8bf08a48d828613e3d8ccf5
    Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4311
    Reviewed-on: https://code.wireshark.org/review/27470
    Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Pascal Quantin <pascal.quantin@xxxxxxxxx>
    Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
    

Actions performed:

    from  65754fa   bluecom: remove dead stores/increments (found by clang).
    adds  4d800d7   gsm_a_gm: fix potential buffer overrun (read)


Summary of changes:
 epan/dissectors/packet-gsm_a_gm.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)