Wireshark · Ethereal-dev: Re: [Ethereal-dev] Security bug in packet-quakeworld.c

Ethereal-dev: Re: [Ethereal-dev] Security bug in packet-quakeworld.c

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <gharris@xxxxxxxxx>

Date: Sun, 9 Jun 2002 14:27:31 -0700

On Mon, Jun 10, 2002 at 12:20:35AM +1000, Peter Hawkins wrote:
> The string is tokenized into a static buffer of size 1024 (com_token) by 
> COM_Parse. 
> 
> No adequate bounds checking is performed.

I've checked in a change to make various buffers the same size, which
should close those particular problems (Ethereal doesn't crash on a
capture from the program in question), although the string-handling code
in the Quakeworld dissector might want to be redone at some point.

Follow-Ups:
- Re: [Ethereal-dev] Security bug in packet-quakeworld.c
  - From: Dr. Uwe Girlich

References:
- [Ethereal-dev] Security bug in packet-quakeworld.c
  - From: Peter Hawkins

Prev by Date: [Ethereal-dev] Security bug in packet-quakeworld.c
Next by Date: [Ethereal-dev] More bounds check problems
Previous by thread: [Ethereal-dev] Security bug in packet-quakeworld.c
Next by thread: Re: [Ethereal-dev] Security bug in packet-quakeworld.c
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$