Wireshark · Ethereal-dev: Re: [Ethereal-dev] Re: rev 17527: /trunk/plugins/profinet/: packet-pn-dcp.c

["Lars Roland" <Lars.Roland@xxxxxxx>]

This patch is probably better.
It makes the while loop even more robust and if pdu boundaries are  
exceeded, an exception is thrown.

Am 10.03.2006, 18:09 Uhr, schrieb Lars Roland <Lars.Roland@xxxxxxx>:

> Am 10.03.2006, 17:00 Uhr, schrieb Ulf Lamping <ulf.lamping@xxxxxx>:
>
> > > Use this updated patch instead.
> >
> > You make things worse than they are.
> >
> > Don't manipulate data coming from a packet! If the block_length in the  
> > packet is invalid, use it anyway.
> >
> > Stopping the dissection of a packet because there are not enough data  
> > is a bad idea. Showing Malformed Packet is the way to go here.
>
> You are right. If a dissector requests more bytes than the packet  
> contains, the packet has to be shown as malformed.
> But the question here is, how much data the dissector should request. We  
> have a length field for the pdu, and a length field for each value.
> Should we stop dissection, if a value exceeds the boundaries of the pdu?  
> What shall we do, if enough bytes are available beyond the pdu boundary?
> I agree that we should show it as a "Malformed Packet" in this situation  
> anyway. But you won't catch wrong pdu lengths by just using the  
> block_length. This way you would catch only wrong lengths for values.
>
> Regards,
> Lars
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev

Attachment: packet-pn-dcp.c.diff
Description: Binary data