Wireshark-bugs: [Wireshark-bugs] [Bug 6663] Large packet length crashes Wireshark
Date: Mon, 12 Dec 2011 14:14:53 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6663

--- Comment #4 from Chris Maynard <christopher.maynard@xxxxxxxxx> 2011-12-12 14:14:51 PST ---
Created an attachment (id=7577)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7577)
An alternate patch ... but doesn't avoid all possible crashes.

This patch also works, at least for the attached capture file; however, if
someone really wanted to crash Wireshark, then it would be trivial to replace
the packet length with some other large value other than 0xffffffff but still
be greater than WTAP_MAX_PACKET_SIZE.  I tested such a scenario, changing
0xffffffff to 0xfffffffe and Wireshark crashed again.  So, I think either the
1st patch is the way to go, or something else entirely, but I'm not sure what
that something else would be.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.