Wireshark-bugs: [Wireshark-bugs] [Bug 9256] Radiotap decode appears broken
Date: Wed, 09 Oct 2013 19:30:49 +0000

Comment # 7 on bug 9256 from
I thought my fix ensured that _arg was at least four bytes from the end of the
buffer, but if it breaks dissection of normal packets then maybe I made a
mistake?

The same issue seems to exist on lines 295-303 of the code you linked: _arg is
checked, but then multiple bytes are accessed.

Perhaps _rtheader or _max_length are adjusted somewhere for this already? But
then why the invalid access?


You are receiving this mail because:
  • You are watching all bug changes.