diff options
| author | Gerald Combs <gerald@wireshark.org> | 2004-12-09 22:17:50 +0000 |
|---|---|---|
| committer | Gerald Combs <gerald@wireshark.org> | 2004-12-09 22:17:50 +0000 |
| commit | d528c62de1bd5783cd7d5a0eef14726d5dd61e9f (patch) | |
| tree | 24ec17b4c04b8f6913a4b29744d023a0c235e79a /AUTHORS | |
| parent | 5e8af0825f1141546ec6d22f76bd447c4fdfde2a (diff) | |
| download | wireshark-d528c62de1bd5783cd7d5a0eef14726d5dd61e9f.tar.gz wireshark-d528c62de1bd5783cd7d5a0eef14726d5dd61e9f.tar.bz2 wireshark-d528c62de1bd5783cd7d5a0eef14726d5dd61e9f.zip | |
From Brian Caswell:
The ACL parser will attempt to decode as many ACE structures as are
specified in the ACL structure. If the number of ACE structures is
sufficiently large with one of the ACE structures specifying a size of
0, then the ACL parser will parse that ACE structure repeatedly,
eventually causing a denial of service to Ethereal.
I've attached a diff against HEAD that corrects the problem. The diff
also corrects a few decoding errors in the NT ACL & ACE structures. A
pcap is attached that reproduces the problem.
svn path=/trunk/; revision=12706
Diffstat (limited to 'AUTHORS')
| -rw-r--r-- | AUTHORS | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -2325,6 +2325,7 @@ Lane Hu <lane.hu [AT] utstar.com> Marc Poulhiès <marc.poulhies [AT] epfl.ch> Tomasz Mrugalski <thomson [AT] klub.com.pl> Brett Kuskie <mstrprgmmr [AT] chek.com> +Brian Caswell <bmc [AT] sourcefire.com> Alain Magloire <alainm[AT]rcsm.ece.mcgill.ca> was kind enough to give his permission to use his version of snprintf.c. |