Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10115] Dissector bug in JSON protocol

Wireshark-bugs: [Wireshark-bugs] [Bug 10115] Dissector bug in JSON protocol

Date: Sun, 18 May 2014 20:28:16 +0000

What	Removed	Added
CC		darkjames-ws@darkjames.pl

Comment # 3 on bug 10115 from Jakub Zawadzki

(In reply to comment #2)
> Is it fair to question whether tvbparse functionality should use emem?  It
> appears that where this issues lies, but again Content-Length is really to
> blame.

It's not a problem with tvbparse using emem, it's JSON dissector trying to
allocate this memory:

275 static char *json_string_unescape(tvbparse_elem_t *tok)
277         char *str = (char *)wmem_alloc(wmem_packet_scope(), tok->len - 1);

// where tok->len == 3145718 (3.1 MB)

Not sure what can be done - I was thinking about just returning not unescaped
string, but in such way, filtering might not work (like you need to search for
string "xxx", but malware escape it to \u0078\u0078\u0078) - just a sample.

Anyway, allocator should not do abort().

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 10115] New: Dissector bug in JSON protocol
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 6353] Wireshark should respect freedesktop.org XDG Base Directory Specification
Next by Date: [Wireshark-bugs] [Bug 10117] New: Buildbot crash output: fuzz-2014-05-18-2001.pcap
Previous by thread: [Wireshark-bugs] [Bug 10115] Dissector bug in JSON protocol
Next by thread: [Wireshark-bugs] [Bug 10115] Dissector bug in JSON protocol
Index(es):
- Date
- Thread