Wireshark-commits: [Wireshark-commits] master 63126e2: Always process the "present flags" bitmaps.
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Thu, 09 Aug 2018 01:17:35 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=63126e284bc331123134906f1745703e74999dfd
Submitter: "Guy Harris <guy@xxxxxxxxxxxx>"
Changed: branch: master
Repository: wireshark

Commits:

63126e2 by Guy Harris (guy@xxxxxxxxxxxx):

    Always process the "present flags" bitmaps.
    
    The loop doesn't just add them to the protocol tree, it also does sanity
    checking; we want to do the sanity checking regardless of whether we're
    building the protocol tree or not, so that if we skip processing the
    radiotap header because it's malformed, we do so regardless of whether
    we're building a protocol tree.
    
    This prevents a crash I saw where, on the first pass, we weren't
    building a protocol tree, so we didn't check the bitmaps and proceeded
    to process the bad radiotap header in a fuzzed file and set the
    "zero-length PSDU" flag, and didn't call the 802.11 radio dissector, and
    didn't allocate a "wlan radio information" structure and attach it to
    the packet, but, when I went to the packet, and thus *did* build a
    protocol tree, we *did* check the bitmaps in the process of adding them
    to the protocol tree, skipped the part where we processed the rest of
    the radiotap header, *didn't* set the "zero-length PSDU" flag, and
    *did* call the 802.11 radio dissector, which crashed becaus the "wlan
    radio information" pointer was null.
    
    (No, checking the "wlan radio information" pointer isn't the correct
    fix; the correct fix is to make sure we do the same processing, other
    than adding items to the protocol tree, *regardless* of whether we're
    building the protocol tree.)
    
    Change-Id: If3c16f76981448e4f396a4a9730f1d5dce8f8eba
    Reviewed-on: https://code.wireshark.org/review/29033
    Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
    

Actions performed:

    from  c7764e2   We should be reporting expert infos on invalid radiotap headers.
     add  63126e2   Always process the "present flags" bitmaps.


Summary of changes:
 epan/dissectors/packet-ieee80211-radiotap.c | 160 +++++++++++++++-------------
 1 file changed, 84 insertions(+), 76 deletions(-)