diff options
| -rw-r--r-- | packet-dns.c | 14 | ||||
| -rw-r--r-- | packet-ieee80211.c | 7 | ||||
| -rw-r--r-- | packet-isakmp.c | 17 | ||||
| -rw-r--r-- | packet-wsp.c | 53 |
4 files changed, 45 insertions, 46 deletions
diff --git a/packet-dns.c b/packet-dns.c index 9a63b31920..c5d355414f 100644 --- a/packet-dns.c +++ b/packet-dns.c @@ -1,7 +1,7 @@ /* packet-dns.c * Routines for DNS packet disassembly * - * $Id: packet-dns.c,v 1.101 2003/05/07 03:00:32 guy Exp $ + * $Id: packet-dns.c,v 1.102 2003/05/24 17:45:10 gerald Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -561,9 +561,9 @@ get_dns_name(tvbuff_t *tvb, int offset, int dns_data_offset, if (maxname > 0) { print_len = snprintf(np, maxname + 1, "\\[x"); - if (print_len != -1) { + if (print_len != -1 && print_len <= maxname) { /* Some versions of snprintf return -1 if they'd truncate - the output. */ + the output. Others return <buf_size> or greater. */ np += print_len; maxname -= print_len; } else { @@ -576,9 +576,9 @@ get_dns_name(tvbuff_t *tvb, int offset, int dns_data_offset, if (maxname > 0) { print_len = snprintf(np, maxname + 1, "%02x", tvb_get_guint8(tvb, offset)); - if (print_len != -1) { + if (print_len != -1 && print_len <= maxname) { /* Some versions of snprintf return -1 if they'd truncate - the output. */ + the output. Others return <buf_size> or greater. */ np += print_len; maxname -= print_len; } else { @@ -591,9 +591,9 @@ get_dns_name(tvbuff_t *tvb, int offset, int dns_data_offset, } if (maxname > 0) { print_len = snprintf(np, maxname + 1, "/%d]", bit_count); - if (print_len != -1) { + if (print_len != -1 && print_len <= maxname) { /* Some versions of snprintf return -1 if they'd truncate - the output. */ + the output. Others return <buf_size> or greater. */ np += print_len; maxname -= print_len; } else { diff --git a/packet-ieee80211.c b/packet-ieee80211.c index 9e3adc0f32..512cd9467d 100644 --- a/packet-ieee80211.c +++ b/packet-ieee80211.c @@ -3,7 +3,7 @@ * Copyright 2000, Axis Communications AB * Inquiries/bugreports should be sent to Johan.Jorgensen@axis.com * - * $Id: packet-ieee80211.c,v 1.86 2003/04/27 20:57:58 deniel Exp $ + * $Id: packet-ieee80211.c,v 1.87 2003/05/24 17:45:10 gerald Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -755,9 +755,9 @@ add_tagged_field (proto_tree * tree, tvbuff_t * tvb, int offset) ret = snprintf (out_buff + n, SHORT_STR - n, "%2.1f%s ", (tag_data_ptr[i] & 0x7F) * 0.5, (tag_data_ptr[i] & 0x80) ? "(B)" : ""); - if (ret == -1) { + if (ret == -1 || ret >= SHORT_STR - n) { /* Some versions of snprintf return -1 if they'd truncate - the output. */ + the output. Others return <buf_size> or greater. */ break; } n += ret; @@ -765,6 +765,7 @@ add_tagged_field (proto_tree * tree, tvbuff_t * tvb, int offset) if (n < SHORT_STR) snprintf (out_buff + n, SHORT_STR - n, "[Mbit/sec]"); + out_buff[SHORT_STR] = '\0'; proto_tree_add_string (tree, tag_interpretation, tvb, offset + 2, tag_len, out_buff); break; diff --git a/packet-isakmp.c b/packet-isakmp.c index 3f421f4440..04f26b3b0e 100644 --- a/packet-isakmp.c +++ b/packet-isakmp.c @@ -4,7 +4,7 @@ * for ISAKMP (RFC 2407) * Brad Robel-Forrest <brad.robel-forrest@watchguard.com> * - * $Id: packet-isakmp.c,v 1.61 2003/04/28 20:03:37 guy Exp $ + * $Id: packet-isakmp.c,v 1.62 2003/05/24 17:45:10 gerald Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -1126,8 +1126,9 @@ situation2str(guint32 type) { if (type & SIT_IDENTITY) { ret = snprintf(msg, SIT_MSG_NUM-n, "%sIDENTITY", sep); - if (ret == -1) { - /* Some versions of snprintf return -1 if they'd truncate the output. */ + if (ret == -1 || ret >= SIT_MSG_NUM-n) { + /* Truncated. */ + msg[SIT_MSG_NUM] = '\0'; return msg; } n += ret; @@ -1139,8 +1140,9 @@ situation2str(guint32 type) { return msg; } ret = snprintf(msg, SIT_MSG_NUM-n, "%sSECRECY", sep); - if (ret == -1) { - /* Some versions of snprintf return -1 if they'd truncate the output. */ + if (ret == -1 || ret >= SIT_MSG_NUM-n) { + /* Truncated. */ + msg[SIT_MSG_NUM] = '\0'; return msg; } n += ret; @@ -1152,8 +1154,9 @@ situation2str(guint32 type) { return msg; } ret = snprintf(msg, SIT_MSG_NUM-n, "%sINTEGRITY", sep); - if (ret == -1) { - /* Some versions of snprintf return -1 if they'd truncate the output. */ + if (ret == -1 || ret >= SIT_MSG_NUM-n) { + /* Truncated. */ + msg[SIT_MSG_NUM] = '\0'; return msg; } n += ret; diff --git a/packet-wsp.c b/packet-wsp.c index dbf8ee4108..3ad5b347a2 100644 --- a/packet-wsp.c +++ b/packet-wsp.c @@ -2,7 +2,7 @@ * * Routines to dissect WSP component of WAP traffic. * - * $Id: packet-wsp.c,v 1.67 2003/05/08 08:36:25 guy Exp $ + * $Id: packet-wsp.c,v 1.68 2003/05/24 17:45:10 gerald Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -977,6 +977,8 @@ enum { PUT = 0x61, /* No sample data */ }; +#define VAL_STRING_SIZE 200 + typedef enum { VALUE_LEN_SUPPLIED, VALUE_IS_TEXT_STRING, @@ -2330,7 +2332,7 @@ add_accept_xxx_header (proto_tree *tree, tvbuff_t *header_buff, int subvalueLen; int subvalueOffset; guint value = 0; - char valString[100]; + char valString[VAL_STRING_SIZE]; const char *valMatch; guint peek; double q_value = 1.0; @@ -2420,13 +2422,14 @@ add_accept_xxx_header (proto_tree *tree, tvbuff_t *header_buff, /* Build string including Q-value if present */ if (q_value == 1.0) /* Default */ { - snprintf (valString, 100, "%s", valMatch); + snprintf (valString, VAL_STRING_SIZE, "%s", valMatch); } else { - snprintf (valString, 100, "%s; Q=%5.3f", valMatch, q_value); + snprintf (valString, VAL_STRING_SIZE, "%s; Q=%5.3f", valMatch, q_value); } /* Add string to tree */ + proto_tree_add_string (tree, hf_string, header_buff, 0, headerLen, valString); } @@ -3064,7 +3067,7 @@ add_capabilities (proto_tree *tree, tvbuff_t *tvb, int type) guint value = 0; guint i; int ret; - char valString[200]; + char valString[VAL_STRING_SIZE]; #ifdef DEBUG fprintf (stderr, "dissect_wsp: Offset is %d, size is %d\n", offset, capabilitiesLen); @@ -3119,12 +3122,10 @@ add_capabilities (proto_tree *tree, tvbuff_t *tvb, int type) valString[0]=0; if (value & 0x80) { - ret = snprintf(valString+i,200-i,"%s","(Confirmed push facility) "); - if (ret == -1) { + ret = snprintf(valString+i,VAL_STRING_SIZE-i,"%s","(Confirmed push facility) "); + if (ret == -1 || ret >= VAL_STRING_SIZE-i) { /* - * Some versions of snprintf - * return -1 if they'd - * truncate the output. + * We've been truncated */ goto add_string; } @@ -3136,12 +3137,10 @@ add_capabilities (proto_tree *tree, tvbuff_t *tvb, int type) /* No more room. */ goto add_string; } - ret = snprintf(valString+i,200-i,"%s","(Push facility) "); - if (ret == -1) { + ret = snprintf(valString+i,VAL_STRING_SIZE-i,"%s","(Push facility) "); + if (ret == -1 || ret >= VAL_STRING_SIZE-i) { /* - * Some versions of snprintf - * return -1 if they'd - * truncate the output. + * We've been truncated */ goto add_string; } @@ -3153,12 +3152,10 @@ add_capabilities (proto_tree *tree, tvbuff_t *tvb, int type) /* No more room. */ goto add_string; } - ret = snprintf(valString+i,200-i,"%s","(Session resume facility) "); - if (ret == -1) { + ret = snprintf(valString+i,VAL_STRING_SIZE-i,"%s","(Session resume facility) "); + if (ret == -1 || ret >= VAL_STRING_SIZE-i) { /* - * Some versions of snprintf - * return -1 if they'd - * truncate the output. + * We've been truncated */ goto add_string; } @@ -3166,22 +3163,21 @@ add_capabilities (proto_tree *tree, tvbuff_t *tvb, int type) } if (value & 0x10) { - if (i >= 200) { + if (i >= VAL_STRING_SIZE) { /* No more room. */ goto add_string; } - ret = snprintf(valString+i,200-i,"%s","(Acknowledgement headers) "); - if (ret == -1) { + ret = snprintf(valString+i,VAL_STRING_SIZE-i,"%s","(Acknowledgement headers) "); + if (ret == -1 || ret >= VAL_STRING_SIZE-i) { /* - * Some versions of snprintf - * return -1 if they'd - * truncate the output. + * We've been truncated */ goto add_string; } i += ret; } add_string: + valString[VAL_STRING_SIZE] = '\0'; proto_tree_add_string(wsp_capabilities, hf_wsp_capabilities_protocol_opt, tvb, capabilitiesStart, length+1, valString); break; case 0x03 : /* Method-MOR */ @@ -3248,10 +3244,9 @@ add_capability_vals(tvbuff_t *tvb, gboolean add_string, int offsetStr, ret = snprintf(valString+i,valStringSize-i,"(0x%02x) ", value); } - if (ret == -1) { + if (ret == -1 || ret >= valStringSize-i) { /* - * Some versions of snprintf return -1 - * if they'd truncate the output. + * We've been truncated. */ break; } |