Wireshark-commits: [Wireshark-commits] master 34873a2: tcap: check p_tcap_private before dereferenc
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Thu, 31 Jan 2019 15:38:00 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=34873a20eb489562098c5a58085ae783f869525c
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark

Commits:

34873a2 by Dario Lombardo (lomato@xxxxxxxxx):

    tcap: check p_tcap_private before dereferencing.
    
    This caused a NULL pointer dereference on ASAN builds with
    malformed packets.
    
    AddressSanitizer:DEADLYSIGNAL
    =================================================================
    ==15485==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x7ff49a4281fa bp 0x7ffe5257a4d0 sp 0x7ffe5257a2c0 T0)
    ==15485==The signal is caused by a WRITE memory access.
    ==15485==Hint: address points to the zero page.
        #0 0x7ff49a4281f9 in dissect_tcap_AARQ_application_context_name wireshark/epan/dissectors/./asn1/tcap/tcap.cnf
        #1 0x7ff498e7bab1 in dissect_ber_sequence wireshark/epan/dissectors/packet-ber.c:2425:17
    
    Bug: 15464
    Change-Id: I8fd4f09a1356211acb180e4598a33fce96d98e94
    Reviewed-on: https://code.wireshark.org/review/31840
    Reviewed-by: Pascal Quantin <pascal.quantin@xxxxxxxxx>
    Petri-Dish: Pascal Quantin <pascal.quantin@xxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
    

Actions performed:

    from  afeec6d   NAS-5GS: Dissect more IEs
     add  34873a2   tcap: check p_tcap_private before dereferencing.


Summary of changes:
 epan/dissectors/asn1/tcap/tcap.cnf | 24 +++++++++++++++--------
 epan/dissectors/packet-tcap.c      | 40 +++++++++++++++++++++++---------------
 2 files changed, 40 insertions(+), 24 deletions(-)