> Until all dissectors are re-coded with the 'testy buffers' it maybe possible
> to crash ethereal or tethereal with malformed packets, it is dependent
> upon how each dissector was written.
Even *after* all dissectors are recoded with testy buffers it may be
possible to crash Ethereal or Tethereal with malformed packets; all that
tvbuffs do for you is bounds-checking to make sure you don't go past the
end of the packet, they don't keep you from, for example, calling a
routine to look something up in a table, and not bothering to check
whether the routine returned a null pointer if it doesn't find it.
The same, of course, applies to any other packet analyzer program;
tcpdump's equivalent to tvbuffs is the TTEST/TTEST/TCHECK/TCHECK2
macros, but
1) somebody might not bother using them to do bounds-checking
and might not do any other bounds-checking (I just checked
some additional bounds checking into the tcpdump SMB
dissector; it was crashing without the bounds checking);
2) dissectors might fail to do other sanity checks (I checked
some sanity checks into the tcpdump RADIUS dissector, the
lack of which was causing crashes).
