Wireshark · Wireshark-dev: [Wireshark-dev] Segfault when running older Wireshark with capture from CVE-2013-4075

Wireshark-dev: [Wireshark-dev] Segfault when running older Wireshark with capture from CVE-2013

From: Martin Sehnoutka <msehnout@xxxxxxxxxx>

Date: Fri, 11 Nov 2016 10:33:43 +0100

Hi,

I'm running wireshark 1.8 and it sometimes segfaults when I'm repeatedly
executing tshark with capture from this bug:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7664 (CVE-2013-4075).

It seems that the function 'csnStreamDissector' sometimes fails and in
turn causes the segfault.
I can bypass it with this patch:
https://github.com/msehnout/wireshark/commit/103b383db500c6fb00e77b342241ff7475185676

Shouldn't we check the return value of that function?

The newest version is not affected, it seems to add one extra line, but
the return value is still not handled:
https://github.com/msehnout/wireshark/blob/master/epan/dissectors/packet-gmr1_bcch.c#L1091

Thanks for any advice.
Martin

-- 
Martin Sehnoutka | Associate Software Engineer
PGP: 5FD64AF5
UTC+1 (CET)
RED HAT | TRIED. TESTED. TRUSTED.

Follow-Ups:
- Re: [Wireshark-dev] Segfault when running older Wireshark with capture from CVE-2013-4075
  - From: Anders Broman

Prev by Date: [Wireshark-dev] Unable to Build 2.2 Stable from Source on Windows 7
Next by Date: Re: [Wireshark-dev] Segfault when running older Wireshark with capture from CVE-2013-4075
Previous by thread: Re: [Wireshark-dev] Unable to Build 2.2 Stable from Source on Windows 7
Next by thread: Re: [Wireshark-dev] Segfault when running older Wireshark with capture from CVE-2013-4075
Index(es):
- Date
- Thread