Wireshark-commits: [Wireshark-commits] master 28a7a79: opcua: prevent opcua dissector crash by limi
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Fri, 14 Sep 2018 04:11:29 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28a7a79cac425d1b1ecf06e73add41edd2241e49
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark

Commits:

28a7a79 by Hannes Mezger (hannes.mezger@xxxxxxxxxxx):

    opcua: prevent opcua dissector crash by limiting nesting depth
    
    The OPC UA types DiagnosticInfo, Variant and ExtensionObject can be
    nested, which can lead to stack overflows when parsing specially
    crafted packets. This is fixed by storing the current nesting depth
    as expert info.
    The corresponding CVE is https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12086
    The corresponding security bulletin of the OPC Foundation is https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12086.pdf
    
    Change-Id: I5f6da3a3e269f6db1b690b77470ddf60045bcedd
    Reviewed-on: https://code.wireshark.org/review/29645
    Petri-Dish: Anders Broman <a.broman58@xxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
    

Actions performed:

    from  cd95e19   Start renaming SSL to TLS.
     add  28a7a79   opcua: prevent opcua dissector crash by limiting nesting depth


Summary of changes:
 plugins/epan/opcua/opcua.c             |  2 +-
 plugins/epan/opcua/opcua_simpletypes.c | 36 ++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 1 deletion(-)