Wireshark-bugs: [Wireshark-bugs] [Bug 3170] New plugin to dissect collectd network packets
Date: Mon, 5 Jan 2009 08:32:11 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3170


Florian Forster <wireshark.org@xxxxxxxxxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
Attachment #2623 is|0                           |1
           obsolete|                            |




--- Comment #6 from Florian Forster <wireshark.org@xxxxxxxxxxxxxxxxxxx>  2009-01-05 08:32:10 PDT ---
Created an attachment (id=2630)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2630)
Revised patch against revision 27156.

Hi,

I found a bug in `dissect_time_format' using fuzz testing: If localtime(3)
failed
the returned NULL pointer was dereferenced.

Also in the same function: If the `buf' argument was a NULL pointer, something
would have been written to it using g_snprintf. (Not sure if that handles NULL
pointers gracefully, but it's nonsense nonetheless.)

I changed the patch to:

- Check if `buf' is NULL and return immediately if so.

- Use localtime_r instead of localtime. Should that be changed to strptime
  from ./strptime.c?

- Write something like
  "Invalid time: 12345"
  to the buffer if localtime_r fails.

Regards,
-octo


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.