Wireshark-commits: [Wireshark-commits] master a7c244e: Don't assume an HTTP header doesn't contain
Date Prev · Date Next · Thread Prev · Thread Next
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Thu, 31 May 2018 19:26:39 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a7c244e4f1faa6f7c3d1d438840983725bdd1fb6
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

a7c244e by Guy Harris (guy@xxxxxxxxxxxx):

    Don't assume an HTTP header doesn't contain a NUL.
    
    wmem_ascii_strdown() stops when it sees a NUL, so there's no guarantee
    that the resulting string is as long as the length passed in.  This is
    probably the cause of bug 14779 - the check that tests whether the
    header name is valid scans the result of wmem_ascii_strdown(), assuming
    it has the same length as the supplied header length, but if there's a
    NUL in the header, it will be shorter than the supplied header length.
    
    Check the raw line text in the check for a valid header name; fail if we
    see a NUL (as that's not a valid character in an HTTP header).
    is_token_char() handles both upper-case and lower-case letters, so we
    don't need to wmem_ascii_strdown() the header first.
    
    Once that succeeds, we can safely use wmem_ascii_strdown() to make a
    null-terminated all-lower-case string for the header name.
    
    Bug: 14779
    Change-Id: Id3fa046dd0b1a8bd73fc9ff582e5e1fae535c2e9
    Reviewed-on: https://code.wireshark.org/review/27936
    Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
    

Actions performed:

    from  bbf31d3   CIP Security: Fix Preshared Key parsing
    adds  a7c244e   Don't assume an HTTP header doesn't contain a NUL.


Summary of changes:
 epan/dissectors/packet-http.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)