>-----Original Message-----
>From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Martin Sehnoutka
>Sent: den 11 november 2016 10:34
>To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
>Subject: [Wireshark-dev] Segfault when running older Wireshark with capture from CVE-2013-4075
>
>Hi,
>
>I'm running wireshark 1.8 and it sometimes segfaults when I'm repeatedly executing tshark with capture from this bug:
>https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7664 (CVE-2013-4075).
https://wiki.wireshark.org/Development/LifeCycle
Version Stable Release Date End of Life Notes
1.8 June 21, 2012 June 21, 2014 Last release to support OS X on PPC
1.8 vent end-of-life June 21, 2014
>It seems that the function 'csnStreamDissector' sometimes fails and in turn causes the segfault.
>I can bypass it with this patch:
>https://github.com/msehnout/wireshark/commit/103b383db500c6fb00e77b342241ff7475185676
>
>Shouldn't we check the return value of that function?
>
>The newest version is not affected, it seems to add one extra line, but the return value is still not handled:
> https://github.com/msehnout/wireshark/blob/master/epan/dissectors/packet-gmr1_bcch.c#L1091
Thanks for any advice.
Martin
--
Martin Sehnoutka | Associate Software Engineer
PGP: 5FD64AF5
UTC+1 (CET)
RED HAT | TRIED. TESTED. TRUSTED.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
