Wireshark-bugs: [Wireshark-bugs] [Bug 4040] Buildbot crash output: fuzz-2009-09-22-12276.pcap
Date: Wed, 23 Sep 2009 08:28:37 -0700 (PDT)

Jeff Morriss <[email protected]> changed:

           What    |Removed                     |Added
                 CC|                            |[email protected]

--- Comment #2 from Jeff Morriss <[email protected]>  2009-09-23 08:28:34 PDT ---
The problem is from rev 30075/bug 4039 which added:

+       gchar answer_ps_irat[2][80]={ "PS inter-RAT HO to UTRAN Iu mode not
supported" ,
+                                      "PS inter-RAT HO to UTRAN Iu mode
supported" };


+        oct = tvb_get_guint8(tvb, curr_offset);
+        curr_len--;
+        proto_tree_add_text(tree,
+                            tvb, curr_offset, 1,
+                            "PS inter-RAT HO to UTRAN Iu mode capability: (%u)
+                            oct,
+                            answer_ps_irat[oct]);

Note how oct is not bounds checked.  All those gchar arrays need to be
rewritten as value_ or true_false_strings.  (There's some outside of this
function too.)

I don't really have time to do this right now; if no one else does, we could
reverse 30075 as a temporary measure.

Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.