https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5997
Summary: Modbus/TCP: Calculating the drop-out criteria for
special data dissection fails.
Product: Wireshark
Version: 1.6.0
Platform: x86-64
OS/Version: Ubuntu
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: rknall@xxxxxxxxx
Created an attachment (id=6466)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=6466)
Changes the dropout criteria before other dissectors are being called.
Build Information:
TShark 1.7.0 (SVN Rev 37562 from /trunk)
Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GLib 2.26.1, with libpcap 1.1.1, with libz 1.2.3.4, with
POSIX capabilities (Linux), without libpcre, with SMI 0.4.8, with c-ares 1.7.3,
with Lua 5.1, without Python, with GnuTLS 2.8.6, with Gcrypt 1.4.5, with MIT
Kerberos, with GeoIP.
Running on Linux 2.6.35-28-generic, with libpcap version 1.1.1, with libz
1.2.3.4.
Built using gcc 4.4.5.
--
Using ( ( payload_start + payload_len ) > reported_len ) fails, because, that
will be true most of the time, as payload_len, usually is reported_len.
What the function should catch, are wrongly assigned payload_start and if
(payload_start + payload_len) is 0. Both cases happen usually during
fuzz-testing, and do not normally occur in real life.
The dropout if-statement is reduced to check if the payload_len is not equal
the reported_len.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
