Wireshark-bugs: [Wireshark-bugs] [Bug 3290] TRY_TO_FAKE_THIS_ITEM disables bounds errors
Date: Fri, 31 May 2013 13:11:01 +0000

Comment # 27 on bug 3290 from
(In reply to comment #26)
> Hi,
> 
> Found possible integer overflow:
> 
> +       gint size = length;
> /* asume size == 4 */
> 
> +           n = get_uint_value(tree, tvb, start, length, little_endian);
> /* assume n == = 0xFFFFFFFE */
> 
> +           size += n;
> /* size = 2 */

Good catch - I clearly wasn't fully awake when I reviewed this the first time.
Fixed in r49652.


You are receiving this mail because:
  • You are the assignee for the bug.
  • You are watching all bug changes.