Re: Possible misuse of match_strval_idx

[Pascal Quantin <pascal.quantin () gmail com>]

Le 24/03/2013 00:57, Evan Huus a écrit :
> On Sat, Mar 23, 2013 at 6:39 PM, Jaap Keuter <jaap.keuter () xs4all nl> wrote:
> > On 03/23/2013 10:07 PM, Evan Huus wrote:
> > > Am I correct in thinking that in packet-gsm_a_dtap.c around line 6432,
> > > if match_strval_idx doesn't find a match then we will access invalid
> > > memory because idx will be used as an array index with value -1?
> > >
> > > Evan
> > Unless gsm_a_dtap_msg_cc_strings contains 64 entries it seems so yes.
> Filed as bug #8517.

Hi Evan,

actually those wrong array index will never be used thanks to the
following lines 6503 and 6622:
if (msg_str == NULL)
{
   ...
}
else
{
   use ett_tree
}
and
if (msg_str == NULL) return;
...
use dtap_msg_fcn

So the invalid memory accesses will never occur.
I made it a bit more obvious in r48520.

Unless you spotted another place in the source code, I suggest closing
bug 8517.

Regards,
Pascal.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe