Wireshark-commits: [Wireshark-commits] master-2.6 fc95674: opcua: prevent opcua dissector crash by
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fc956747a139269a6fb4f67c639e12b3f4e9ccd9
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master-2.6
Repository: wireshark
Commits:
fc95674 by Hannes Mezger (hannes.mezger@xxxxxxxxxxx):
opcua: prevent opcua dissector crash by limiting nesting depth
The OPC UA types DiagnosticInfo, Variant and ExtensionObject can be
nested, which can lead to stack overflows when parsing specially
crafted packets. This is fixed by storing the current nesting depth
as expert info.
The corresponding CVE is https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12086
The corresponding security bulletin of the OPC Foundation is https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12086.pdf
Change-Id: I5f6da3a3e269f6db1b690b77470ddf60045bcedd
Reviewed-on: https://code.wireshark.org/review/29645
Petri-Dish: Anders Broman <a.broman58@xxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
(cherry picked from commit 28a7a79cac425d1b1ecf06e73add41edd2241e49)
Reviewed-on: https://code.wireshark.org/review/29654
Actions performed:
from 331a57f MGCP: Ignore case for command header
add fc95674 opcua: prevent opcua dissector crash by limiting nesting depth
Summary of changes:
plugins/epan/opcua/opcua.c | 2 +-
plugins/epan/opcua/opcua_simpletypes.c | 36 ++++++++++++++++++++++++++++++++++
2 files changed, 37 insertions(+), 1 deletion(-)