Ethereal-dev: [Ethereal-dev] Bug in epan/column-utils.c - missing NULL on bounds check ?
Hi,
I had a problem with ethereal crashing with heap errors which I think I've
pinned down to over-filling the COL_INFO. The patch below fixed the crash:
--- ethereal-0.10.4.orig/epan/column-utils.c 2004-04-04 20:53:42.000000000
+0100
+++ ethereal/epan/column-utils.c 2004-08-10 12:23:23.306769800 +0100
@@ -258,6 +258,7 @@
cinfo->col_data[i] = cinfo->col_buf[i];
}
vsnprintf(&cinfo->col_buf[i][fence], max_len - fence, format, ap);
+ cinfo->col_buf[i][max_len - 1] = '\0';
}
}
va_end(ap);
@@ -286,6 +287,7 @@
COL_CHECK_APPEND(cinfo, i, max_len);
len = strlen(cinfo->col_buf[i]);
vsnprintf(&cinfo->col_buf[i][len], max_len - len, format, ap);
+ cinfo->col_buf[i][max_len - 1] = '\0';
}
}
va_end(ap);
@@ -319,6 +321,7 @@
COL_CHECK_APPEND(cinfo, i, max_len);
len = strlen(cinfo->col_buf[i]);
vsnprintf(&cinfo->col_buf[i][len], max_len - len, format, ap);
+ cinfo->col_buf[i][max_len-1] = 0;
}
}
va_end(ap);
Hope this helps!
Any replies to me directly please - I'm not subscribed.
Regards,
Neil Piercy
=================================================
ip.access ltd Tel: 01223 219015 Direct
CPC1, Capital Park Fax: 01223 219099
Fulbourn, Cambridge
Cambs, UK, CB1 5XE
Visit the website at http://www.ipaccess.com
=================================================