Wireshark-bugs: [Wireshark-bugs] [Bug 9232] Buildbot crash output: fuzz-2013-10-04-22971.pcap
Date: Sat, 05 Oct 2013 17:56:12 +0000

Comment # 2 on bug 9232 from
Looks like strpos is ending up wrong somewhere, leading to g_snprintf running
past the end of the buffer since (MAX_SDP_LEN - strpos) underflows and provides
no real length check.

Also exists in 1.10, not in 1.8.

Replacing all the manual string buffer calculations with a wmem_strbuf is
probably the simplest approach, but a non-trivial amount of work and not
necessarily easy to backport  (wmem_strbuf exists in 1.10 but is incomplete).


You are receiving this mail because:
  • You are watching all bug changes.