Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 5686] New: /epan/emem.c Fails to Check Entire ep_ Canary

Date: Fri, 11 Feb 2011 11:26:36 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5686

           Summary: /epan/emem.c Fails to Check Entire ep_ Canary
           Product: Wireshark
           Version: SVN
          Platform: Other
        OS/Version: Windows 7
            Status: NEW
          Severity: Minor
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: my.hndl@xxxxxxxxx


Build Information:
Appears in SVN 35917
--
emem_canary_next() within /epan/emem.c is responsible for validating ep_ heap
canary values.  It fails to validate the last byte of these values.

line 188:
for (i = 0; i < EMEM_CANARY_SIZE-1; i++)
...

The combination of less than and -1 results in a failure to check the last byte
of the canary.

Suggested fix:
for (i = 0; i < EMEM_CANARY_SIZE; i++)
...

Ref: http://wiki.wireshark.org/Development/Canary

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.