Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 3290] TRY_TO_FAKE_THIS

Wireshark-bugs: [Wireshark-bugs] [Bug 3290] TRY_TO_FAKE_THIS_ITEM disables bounds errors

Date: Thu, 5 Jul 2012 14:51:25 -0700 (PDT)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3290

--- Comment #16 from Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx> 2012-07-05 14:51:25 PDT ---
Created attachment 8729
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=8729
nfs: no exception without tree

Opening attached file takes much more time if there's no tree (without -V).

In dissect_rpc_chanattrs4() there's nice loop:
for (i = 0; i < rdma_ird_len; i++)
  offset = dissect_rpc_uint32(tvb, tree, hf_nfs_rdmachanattrs4, offset);

Which won't be terminated with offset out of bounds when tree == NULL.

(Previously found in bug #7436)


If there's tree but only for display filter (-R tcp), it'll still not throw
exception, but it'll terminate on assert: [Dissector bug, protocol NFS: More
than 1000000 items in the tree -- possible infinite loop]

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.

Prev by Date: [Wireshark-bugs] [Bug 3290] TRY_TO_FAKE_THIS_ITEM disables bounds errors
Next by Date: [Wireshark-bugs] [Bug 7436] Single packet capture takes 10 CPU-seconds to decode (in dissect_rpc_?)
Previous by thread: [Wireshark-bugs] [Bug 3290] TRY_TO_FAKE_THIS_ITEM disables bounds errors
Next by thread: [Wireshark-bugs] [Bug 7440] New: DVB-CI/CI+: dissect the payload of LSC messages
Index(es):
- Date
- Thread