Ethereal-dev: [ethereal-dev] Re: [ethereal-cvs] cvs commit: ethereal packet-aarp.c
> Please, please in new dissector routines, check for
> truncated packets, especially when string operations
> or loop on bytes are used (to avoid display of erroneous
> data and infinite loop or segmentation violation) !
Perhaps we should make it easier to do that check, e.g. by centralizing
it?
For example, if we had "proto_tree_add_...()" routines that took, as
arguments, a starting offset and a length, but *didn't* take the actual
value as an argument, but also took, say, a pointer to the packet data,
and extracted the value *themselves* (and, in the case of
variable-length data types, e.g. '\0'-terminated strings, perhaps didn't
take the length as an argument, or took a maximum length as an argument,
and somehow returned the new offset), we could have those routines to
the checking.
Either they could return a value saying "oops, that one ran past the end
of the packet", or could do a "longjmp()" that jumped back to the
top-level dissector.
There are places in dissectors where the dissector itself needs to know
the value, e.g. packet type fields, and the dissector itself would have
to do the check itself (although we might be able to provide macros or
routines to extract a value and do said check), but, in a lot of cases,
the dissector doesn't need to know the value to decide what to do next,
so the value could be extracted by the "proto_tree_add...()" routine.
