diff options
| author | Guy Harris <guy@alum.mit.edu> | 2005-09-25 09:32:01 +0000 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2005-09-25 09:32:01 +0000 |
| commit | 0e17a773b9af7e5c3c4b3441036b1801ebd0562c (patch) | |
| tree | 1ef2b8a6de0ca12e26f120872033ecff6873bfa4 /asn1/gsmmap | |
| parent | 2d14a6f4ae621d959e5bfa2134ce97739ad52797 (diff) | |
| download | wireshark-0e17a773b9af7e5c3c4b3441036b1801ebd0562c.tar.gz wireshark-0e17a773b9af7e5c3c4b3441036b1801ebd0562c.tar.bz2 wireshark-0e17a773b9af7e5c3c4b3441036b1801ebd0562c.zip | |
A loop processing all the bytes in a tvbuff from a given offset to the
end of the data in the tvbuff should stop when the offset is >= the
total amount of data in the tvbuff, not when it's > the total amount in
the tvbuff following the starting offset.
In "unpack_digits()", return a null string, not a null pointer, if
there's nothing left in the tvbuff starting at the starting offset, so
that the caller doesn't have to check for a null pointer, and return an
ep_alloc()ed buffer, so the caller doesn't have to worry about freeing
the result.
If we see a filler digit, don't advance the offset in the string buffer;
we want to put the terminating '\0' right after the character we just
put into the string.
Fuzzed against some GSM captures.
svn path=/trunk/; revision=16002
Diffstat (limited to 'asn1/gsmmap')
| -rw-r--r-- | asn1/gsmmap/gsmmap.cnf | 8 | ||||
| -rw-r--r-- | asn1/gsmmap/packet-gsm_map-template.c | 16 |
2 files changed, 7 insertions, 17 deletions
diff --git a/asn1/gsmmap/gsmmap.cnf b/asn1/gsmmap/gsmmap.cnf index aa350cc5ed..e389377c28 100644 --- a/asn1/gsmmap/gsmmap.cnf +++ b/asn1/gsmmap/gsmmap.cnf @@ -133,8 +133,6 @@ ModificationRequestFor-CF-Info/noReplyConditionTime ext-noReplyConditionTime digit_str = unpack_digits(parameter_tvb, 0); proto_tree_add_string(tree, hf_gsm_map_imsi_digits, parameter_tvb, 0, -1, digit_str); - if (digit_str) - g_free(digit_str); @@ -161,8 +159,6 @@ ModificationRequestFor-CF-Info/noReplyConditionTime ext-noReplyConditionTime digit_str = unpack_digits(parameter_tvb, 1); proto_tree_add_string(tree, hf_gsm_map_servicecentreaddress_digits, parameter_tvb, 1, -1, digit_str); - if (digit_str) - g_free(digit_str); pinfo->p2p_dir = P2P_DIR_SENT; #.END @@ -188,8 +184,6 @@ ModificationRequestFor-CF-Info/noReplyConditionTime ext-noReplyConditionTime digit_str = unpack_digits(parameter_tvb, 1); proto_tree_add_string(tree, hf_gsm_map_isdn_address_digits, parameter_tvb, 1, -1, digit_str); - if (digit_str) - g_free(digit_str); pinfo->p2p_dir = P2P_DIR_RECV; @@ -217,8 +211,6 @@ ModificationRequestFor-CF-Info/noReplyConditionTime ext-noReplyConditionTime digit_str = unpack_digits(parameter_tvb, 1); proto_tree_add_string(tree, hf_gsm_map_address_digits, parameter_tvb, 1, -1, digit_str); - if (digit_str) - g_free(digit_str); #---------------------------------------------------------------------------------------- #.FN_PARS SS-Status diff --git a/asn1/gsmmap/packet-gsm_map-template.c b/asn1/gsmmap/packet-gsm_map-template.c index d434f324d9..03fba0c0f7 100644 --- a/asn1/gsmmap/packet-gsm_map-template.c +++ b/asn1/gsmmap/packet-gsm_map-template.c @@ -37,6 +37,7 @@ #include <epan/prefs.h> #include <epan/conversation.h> #include <epan/tap.h> +#include <epan/emem.h> #include <stdio.h> #include <string.h> @@ -131,14 +132,13 @@ unpack_digits(tvbuff_t *tvb, int offset){ length = tvb_length(tvb); if (length < offset) - return NULL; - length = length - offset; - digit_str = g_malloc(length*2+1); + return ""; + digit_str = ep_alloc((length - offset)*2+1); - while ( offset <= length ){ + while ( offset < length ){ octet = tvb_get_guint8(tvb,offset); - digit_str[i] = ((octet & 0x0f) + 0x30); + digit_str[i] = ((octet & 0x0f) + '0'); i++; /* @@ -146,12 +146,10 @@ unpack_digits(tvbuff_t *tvb, int offset){ */ octet = octet >> 4; - if (octet == 0x0f){ /* odd number bytes - hit filler */ - i++; + if (octet == 0x0f) /* odd number bytes - hit filler */ break; - } - digit_str[i] = ((octet & 0x0f) + 0x30); + digit_str[i] = ((octet & 0x0f) + '0'); i++; offset++; |