diff options
| author | Evan Huus <eapache@gmail.com> | 2015-01-25 09:18:00 -0500 |
|---|---|---|
| committer | Evan Huus <eapache@gmail.com> | 2015-01-26 15:34:47 +0000 |
| commit | d50b27f4ce310377c7a04d15aebac7d445c075f0 (patch) | |
| tree | 537837e756f20d55785bec473e621940ba1c4806 /epan/dissectors/packet-gsm_rlcmac.c | |
| parent | abf5703ddbfc3b54d6a1a1f695b798f68ef95e2f (diff) | |
gsm-rlcmac: use wmem_new0 for a struct
Fixes "Conditional jump or move depends on uninitialised value" from Valgrind.
I couldn't really figure out how this code was supposed to function, it seems to
initialize one member of the union and then expect *all* the others to just
magically work (which they apparently do in most cases, oddly). The real bug
could be in csnStreamDissector or who knows, but this at least turns "garbage
data" into "zeros" which makes valgrind happy and turns a potential vuln into
at worst a bad decoding.
Bug: 10891
Change-Id: Ia29dd625b46b3b76ff521b4203148fe8b0c59ec3
Reviewed-on: https://code.wireshark.org/review/6769
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-gsm_rlcmac.c')
| -rw-r--r-- | epan/dissectors/packet-gsm_rlcmac.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/epan/dissectors/packet-gsm_rlcmac.c b/epan/dissectors/packet-gsm_rlcmac.c index a4868ec4ea..6eadf6eed8 100644 --- a/epan/dissectors/packet-gsm_rlcmac.c +++ b/epan/dissectors/packet-gsm_rlcmac.c @@ -7864,7 +7864,7 @@ dissect_gsm_rlcmac_downlink(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, RlcMacPrivateData_t *rlc_mac = (RlcMacPrivateData_t*)data; /* allocate a data structure and guess the coding scheme */ - rlc_dl = (RlcMacDownlink_t *)wmem_new(wmem_packet_scope(), RlcMacDownlink_t); + rlc_dl = wmem_new0(wmem_packet_scope(), RlcMacDownlink_t); if ((rlc_mac != NULL) && (rlc_mac->magic == GSM_RLC_MAC_MAGIC_NUMBER)) { @@ -7917,7 +7917,7 @@ dissect_gsm_rlcmac_uplink(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, v RlcMacPrivateData_t *rlc_mac = (RlcMacPrivateData_t*)data; /* allocate a data structure and set the coding scheme */ - rlc_ul = (RlcMacUplink_t*)wmem_new(wmem_packet_scope(), RlcMacUplink_t); + rlc_ul = wmem_new0(wmem_packet_scope(), RlcMacUplink_t); if ((rlc_mac != NULL) && (rlc_mac->magic == GSM_RLC_MAC_MAGIC_NUMBER)) { |