tools/wireshark - WIP Patches to add a samsung-ipc dissector to Wireshark

diff options

author	Peter Wu <peter@lekensteyn.nl>	2018-07-15 18:06:25 +0200
committer	Anders Broman <a.broman58@gmail.com>	2018-07-16 05:50:05 +0000
commit	4eb5b535ecb9cea390cc3ebad2097400f303b9ba (patch)
tree	a847b26e9ae494afda4a67180524c72621b7b765 /docbook
parent	118017e3e2e0b3a9b8ec4ac83645d3289a2e06f7 (diff)
download	wireshark-4eb5b535ecb9cea390cc3ebad2097400f303b9ba.tar.gz wireshark-4eb5b535ecb9cea390cc3ebad2097400f303b9ba.tar.bz2 wireshark-4eb5b535ecb9cea390cc3ebad2097400f303b9ba.zip

DOCSIS: fix null-pointer crash in OPT-RSP TLVs decoding

"tmp_fh->next" is NULL on the initial visit and thus "tvb_get_guint8(tmp_fh->tvb_data,1)" crashes. It is not entirely clear to me how reassembly should work in this DOCSIS message, but based on the description in "6.4.45 OFDM Downstream Profile Test Response (OPT-RSP)" in the DOCSIS MAC and Upper Layer Protocols Interface Specification (CM-SP-MULPIv3.1-I07-150910), I suppose that it was trying to support decoding of (a sequence of) TLVs where the value is too large for a single frame. Bug: 14954 Change-Id: I2eec91d0ca6356b2af61bfe55381c300c8872039 Fixes: v2.9.0rc0-1171-g738818fe4d ("DOCSIS: Added decoding for OPT (OFDM Downstream Profile Test) messages") Reviewed-on: https://code.wireshark.org/review/28712 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Reviewed-by: Anders Broman <a.broman58@gmail.com>

Diffstat (limited to 'docbook')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: