Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 4083] Buildbot crash output: fuzz-2009-10-02-4686.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 4083] Buildbot crash output: fuzz-2009-10-02-4686.pcap

Date: Fri, 2 Oct 2009 20:10:44 -0700 (PDT)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4083


Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED




--- Comment #2 from Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>  2009-10-02 20:10:41 PDT ---
Rev 30233 changed chunk_size in req_resp_hdrs_do_reassembly() to be unsigned. 
In this fuzzed capture, the chunk_size comes out to -10 (signed) which causes
the problem seen here.

Arguably the HTTP chunk size cannot be negative therefore the variable should
be unsigned.  Add a guard to ensure that this unsigned value is not "too big"
(currently 2^31).

Fixed in rev 30260.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

References:
- [Wireshark-bugs] [Bug 4083] New: Buildbot crash output: fuzz-2009-10-02-4686.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 4067] Patch to improve X11 extension dissector
Next by Date: [Wireshark-bugs] [Bug 4084] New: Buildbot crash output: fuzz-2009-10-02-12812.pcap
Previous by thread: [Wireshark-bugs] [Bug 4083] Buildbot crash output: fuzz-2009-10-02-4686.pcap
Next by thread: [Wireshark-bugs] [Bug 3883] Win 7 Ultimate 64 Bit Crash of either WinPcap or Dumpcap,
Index(es):
- Date
- Thread