Wireshark · Ethereal-dev: Re: [ethereal-dev] Fix: malformed ISAKMP packets cause infinite loop in parse

Ethereal-dev: Re: [ethereal-dev] Fix: malformed ISAKMP packets cause infinite loop in parse

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <gharris@xxxxxxxxxxxx>

Date: Thu, 5 Oct 2000 20:47:50 -0700

The patch was line-wrapped, which meant I had to undo the line-wrapping
in order to get the patch to apply; for example

> Index: packet-isakmp.c
> ===================================================================
> RCS file: /cvsroot/ethereal/packet-isakmp.c,v
> retrieving revision 1.28
> diff -u -r1.28 packet-isakmp.c
> - --- packet-isakmp.c	2000/10/03 22:49:37	1.28
> +++ packet-isakmp.c	2000/10/05 14:13:02
> @@ -552,6 +552,7 @@
>  
>    struct trans_hdr *	hdr	= (struct trans_hdr *)(pd + offset);
>    guint16		length	= pntohs(&hdr->length);
> +  int                   slength;
>    proto_item *		ti	= proto_tree_add_text(tree, NullTVB, offset, length,
> "Transform payload");
>    proto_tree *		ntree;

should have been

> Index: packet-isakmp.c
> ===================================================================
> RCS file: /cvsroot/ethereal/packet-isakmp.c,v
> retrieving revision 1.28
> diff -u -r1.28 packet-isakmp.c
> - --- packet-isakmp.c	2000/10/03 22:49:37	1.28
> +++ packet-isakmp.c	2000/10/05 14:13:02
> @@ -552,6 +552,7 @@
>  
>    struct trans_hdr *	hdr	= (struct trans_hdr *)(pd + offset);
>    guint16		length	= pntohs(&hdr->length);
> +  int                   slength;
>    proto_item *		ti	= proto_tree_add_text(tree, NullTVB, offset, length, "Transform payload");
>    proto_tree *		ntree;


In addition, you change

	length -= sizeof(*hdr);

to

	slength -= sizeof(*hdr);

without having set "slength" first; GCC complains about this:

	packet-isakmp.c: In function `dissect_transform':
	packet-isakmp.c:555: warning: `slength' might be used uninitialized in
	    this function
	packet-isakmp.c: In function `dissect_config':
	packet-isakmp.c:1052: warning: `slength' might be used uninitialized in
	    this function

Follow-Ups:
- Re: [ethereal-dev] Fix: malformed ISAKMP packets cause infinite loop in parse
  - From: Jack Keane

References:
- [ethereal-dev] Fix: malformed ISAKMP packets cause infinite loop in parse
  - From: Jack Keane

Prev by Date: Re: [ethereal-dev] ethereal - IDL - Corba
Next by Date: Re: [ethereal-dev] Fix: malformed ISAKMP packets cause infinite loop in parse
Previous by thread: [ethereal-dev] Fix: malformed ISAKMP packets cause infinite loop in parse
Next by thread: Re: [ethereal-dev] Fix: malformed ISAKMP packets cause infinite loop in parse
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$