Wireshark-commits: [Wireshark-commits] master-2.4 d8df848: opcua: prevent opcua dissector crash by
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d8df84879b3c78e8b29507757ba8ea1eb5a1ad55
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master-2.4
Repository: wireshark
Commits:
d8df848 by Hannes Mezger (hannes.mezger@xxxxxxxxxxx):
opcua: prevent opcua dissector crash by limiting nesting depth
The OPC UA types DiagnosticInfo, Variant and ExtensionObject can be
nested, which can lead to stack overflows when parsing specially
crafted packets. This is fixed by storing the current nesting depth
as expert info.
The corresponding CVE is https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12086
The corresponding security bulletin of the OPC Foundation is https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12086.pdf
Change-Id: I5f6da3a3e269f6db1b690b77470ddf60045bcedd
Reviewed-on: https://code.wireshark.org/review/29645
Petri-Dish: Anders Broman <a.broman58@xxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
(cherry picked from commit 28a7a79cac425d1b1ecf06e73add41edd2241e49)
Reviewed-on: https://code.wireshark.org/review/29655
Actions performed:
from 815b901 MGCP: Ignore case for command header
add d8df848 opcua: prevent opcua dissector crash by limiting nesting depth
Summary of changes:
plugins/opcua/opcua.c | 2 +-
plugins/opcua/opcua_simpletypes.c | 36 ++++++++++++++++++++++++++++++++++++
2 files changed, 37 insertions(+), 1 deletion(-)