Wireshark · Ethereal-dev: [Ethereal-dev] Re: possible crashes in packet-asn1.c and packet-ieee80211.c: snprintf return value i

Ethereal-dev: [Ethereal-dev] Re: possible crashes in packet-asn1.c and packet-ieee80211.c: snp

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>

Date: Thu, 18 Aug 2005 04:48:26 -0400

On 8/18/05, ronnie sahlberg <ronniesahlberg@xxxxxxxxx> wrote:
> i added the list of sprintf  callers to the ememification wiki    so
> that people want to chip in can have a stab at files and start picking
> the easy/obvious ones.
> 
> 
> 
> On 8/18/05, Ulf Lamping <ulf.lamping@xxxxxx> wrote:
> > ronnie sahlberg wrote:
> > 
> > >Nice work.
> > >  
> > >
> > :-)
> > 
> > >I think requiring 1.2.3 is fine,   those
> > >such as myself with older versions are very few and can live with
> > suboptimal
> > >stability/broken g_snprintf()
> > >
> > >
> > >If you run   
> > >grep sprintf | sed -e "s/:.*$//" | sort | uniq
> > >in epan and epan/dissectors
> > >you get a lot of hits.
> > >  
> > >
> > Yes, that's the next step.
> > 
> > >Can you update the wiki and add a section that all these files need to
> > >be audited and fixed up?
> > >  
> > >
> > I've added:
> > 
> > http://wiki.ethereal.com/Development/InsecureCalls
> > 
> > I've also placed a note, that we might use static code analysis tools 
> > like flawfinder to find other similar problems.
> > 
> > Regards, ULFL
> > 
> > _______________________________________________
> > Ethereal-dev mailing list
> > Ethereal-dev@xxxxxxxxxxxx
> > http://www.ethereal.com/mailman/listinfo/ethereal-dev
> >
>

References:
- [Ethereal-dev] possible crashes in packet-asn1.c and packet-ieee80211.c: snprintf return value incorrectly used
  - From: Ulf Lamping
- [Ethereal-dev] Re: possible crashes in packet-asn1.c and packet-ieee80211.c: snprintf return value incorrectly used
  - From: ronnie sahlberg
- Re: [Ethereal-dev] Re: possible crashes in packet-asn1.c and packet-ieee80211.c: snprintf return value incorrectly used
  - From: Ulf Lamping
- [Ethereal-dev] Re: possible crashes in packet-asn1.c and packet-ieee80211.c: snprintf return value incorrectly used
  - From: ronnie sahlberg

Prev by Date: [Ethereal-dev] Re: possible crashes in packet-asn1.c and packet-ieee80211.c: snprintf return value incorrectly used
Next by Date: Re: SV: SV: SV: [Ethereal-dev] iax2 dissector patch
Previous by thread: [Ethereal-dev] Re: possible crashes in packet-asn1.c and packet-ieee80211.c: snprintf return value incorrectly used
Next by thread: [Ethereal-dev] Updated JXTA Dissector Patch Enclosed
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$