Wireshark-bugs: [Wireshark-bugs] [Bug 10491] Buildbot crash output: fuzz-2014-09-20-28834.pcap
Date: Sun, 21 Sep 2014 02:41:25 +0000

changed bug 10491


What Removed Added
CC   eapache@gmail.com, pascal.quantin@gmail.com

Comment # 1 on bug 10491 from
This looks like tvb_get_ts_23_038_7bits_string is legitimately reading past the
end of the TVB - it's a bug in that function, not in the dissector proper.

I don't see any obvious overflows or underflows, so I'm guessing it's some
subtle logic bug in the tvb function or the getter function, where the length
calculation isn't working out to the right value so the ensure_contiguous call
doesn't check enough data?

Make the ensure_contiguous call check for "length+8" is enough to "fix" it,
though obviously the wrong solution.


You are receiving this mail because:
  • You are watching all bug changes.