Wireshark-bugs: [Wireshark-bugs] [Bug 7046] Enhancement to LDP dissector to support changes prop
Date: Tue, 5 Jun 2012 07:59:58 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7046

Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
                 CC|                            |jeff.morriss.ws@xxxxxxxxx
         Resolution|FIXED                       |

--- Comment #5 from Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> 2012-06-05 07:59:57 PDT ---
These changes introduced (or made worse) a static overrun (detected as Coverty
ID 703472): there are two places where dissect_subtlv_interface_parameters() is
called with 2 different interface_params_header_fields[] parameters but this
patch only added the flow label changes to the first.  In the 2nd case if a
flow label parameter is detected it could access entries 36, 37, and 38 of the
passed in interface_params_header_fields[] (which don't exist):

2871    case FEC_VC_INTERFACEPARAM_FLOWLABEL:
2872        proto_item_append_text(ti,": Flow Label for Pseudowire");
2873        proto_tree_add_item(vcintparam_tree, *interface_parameters_hf[36],
tvb, offset+2, 1, ENC_BIG_ENDIAN);
2874        proto_tree_add_item(vcintparam_tree, *interface_parameters_hf[37],
tvb, offset+2, 1, ENC_BIG_ENDIAN);
2875        proto_tree_add_item(vcintparam_tree, *interface_parameters_hf[38],
tvb, offset+2, 2, ENC_BIG_ENDIAN);

I could mechanically add a few entries, but do you know this protocol well
enough to make a more informed fix?

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.