Ethereal-dev: Re: [ethereal-dev] SNMP Bug Report

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <gharris@xxxxxxxxxxxx>
Date: Sun, 25 Jun 2000 16:22:16 -0700
On Sun, Jun 25, 2000 at 01:51:20PM -0700, Guy Harris wrote:
> Unfortunately, "sprint_value()" does no length checking, and there's no
> way to figure out how much space it will need, so the only place where
> the variable *could* be variable-length is the code that formats it if
> it's binary; I don't know whether it's worth having *two* variables, a
> fixed-length buffer into which "format_value()" formats the string and
> a pointer to a dynamically-allocated string buffer into which binary
> values are dumped, or not.

It's definitely not worth having *two* variables, because

	1) if the SNMP dissector is linked with "-lsnmp", all the calls
	   that use "vb_display_string" are calls to "format_value()",
	   so it *has* to be a fixed-length string, and no bounds
	   checking can be done on it;

	2) if it's not linked with "-lsnmp", all the code that uses it
	   can use a dynamically-allocated buffer.

It is probably worth dynamically allocating the buffer in the case where
it's not linked with "-lsnmp"; however, *all* we can do when it's linked
with "-lsnmp" is to make the fixed-length buffer longer.