Wireshark mailing list archives
Re: Possible misuse of match_strval_idx
From: Pascal Quantin <pascal.quantin () gmail com>
Date: Sun, 24 Mar 2013 11:11:39 +0100
Le 24/03/2013 00:57, Evan Huus a écrit :
On Sat, Mar 23, 2013 at 6:39 PM, Jaap Keuter <jaap.keuter () xs4all nl> wrote:On 03/23/2013 10:07 PM, Evan Huus wrote:Am I correct in thinking that in packet-gsm_a_dtap.c around line 6432, if match_strval_idx doesn't find a match then we will access invalid memory because idx will be used as an array index with value -1? EvanUnless gsm_a_dtap_msg_cc_strings contains 64 entries it seems so yes.Filed as bug #8517.
Hi Evan, actually those wrong array index will never be used thanks to the following lines 6503 and 6622: if (msg_str == NULL) { ... } else { use ett_tree } and if (msg_str == NULL) return; ... use dtap_msg_fcn So the invalid memory accesses will never occur. I made it a bit more obvious in r48520. Unless you spotted another place in the source code, I suggest closing bug 8517. Regards, Pascal. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Possible misuse of match_strval_idx Evan Huus (Mar 23)
- Re: Possible misuse of match_strval_idx Jaap Keuter (Mar 23)
- Re: Possible misuse of match_strval_idx Evan Huus (Mar 23)
- Re: Possible misuse of match_strval_idx Pascal Quantin (Mar 24)
- Re: Possible misuse of match_strval_idx Evan Huus (Mar 24)
- Re: Possible misuse of match_strval_idx Evan Huus (Mar 23)
- Re: Possible misuse of match_strval_idx Jaap Keuter (Mar 23)