https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5521
--- Comment #4 from Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx> 2010-12-27 13:32:34 MST ---
(In reply to comment #3)
> In fact, I wonder if any change is really warranted here at all.
Thanks for looking into that, Chris.
If we can get someone who knows the protocol to take a look, maybe we could do
a sanity check before the attempted memory allocation. According to the LTP
RFC mentioned in the source file (RFC 5326), the rcpt_clm_count must be the
"Reception claim count" which is a SDNV ("Self-Delimiting Numeric Value").
Under section 9.3, "Implementation Considerations," implementations
"Implementations SHOULD make sanity checks on SDNV length fields and SHOULD
check that no SDNV field is too long when compared with the overall segment
length." -- so it isn't a quick check that I could add without learning more
about the protocol.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
