diff options
| author | Jeff Morriss <jeff.morriss@ulticom.com> | 2011-01-12 17:20:52 +0000 |
|---|---|---|
| committer | Jeff Morriss <jeff.morriss@ulticom.com> | 2011-01-12 17:20:52 +0000 |
| commit | 45920c1e15e214bf325d666e62c52f32ba417af4 (patch) | |
| tree | 894380a6fc2231660cdfc364f20ed43e1a249efb /epan/value_string.h | |
| parent | 46f62f1b498d7722b348c0eaf4f8d0d949896f9e (diff) | |
Fix the fuzz failure in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5574 :
The first time a value_string_ext() is accessed, _match_strval_ext_init() is
used before the real match function is called. This function was not expanded
to take an idx parameter (in rev 35451). It compiled only because the function:
a) previously did not match _value_string_match_t
b) and the difference was being cast away when assigning _match_strval to it
(So the fact that the index parameter was not added was also ignored.)
To fix the problem, give _match_strval_ext_init() and index parameter and use
it instead of a dummy variable when calling the real match function. That way
the first call to match_strval_ext_idx() will return an actual (initialized)
index.
To prevent the problem in the future, make the vse argument to
_match_strval_ext_init() const *and then cast away the constness* so the
function can modify the vse.
svn path=/trunk/; revision=35508
Diffstat (limited to 'epan/value_string.h')
| -rw-r--r-- | epan/value_string.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/epan/value_string.h b/epan/value_string.h index 6761ef25e3..bfdc0d6b14 100644 --- a/epan/value_string.h +++ b/epan/value_string.h @@ -109,7 +109,7 @@ extern const gchar* str_to_str(const gchar *val, const string_string *vs, const * * Extended value strings can be created at runtime by calling * value_string_ext_new(<ptr to value_string array>, - * <total number of entries in the value_string_array>, + * <total number of entries in the value_string_array>, * <value_string_name>); * Note: <total number of entries in the value_string_array> should include the {0, NULL} entry */ @@ -136,7 +136,7 @@ gboolean value_string_ext_validate(value_string_ext *vse); gchar *value_string_ext_match_type_str(value_string_ext *vse); /* --- --- */ -extern const gchar *_match_strval_ext_init(const guint32 val, value_string_ext *vse); +extern const gchar *_match_strval_ext_init(const guint32 val, const value_string_ext *vse, gint *idx); #define VALUE_STRING_EXT_INIT(x) { (_value_string_match_t) _match_strval_ext_init, 0, array_length(x)-1, x, #x } /* Create a value_string_ext given a ptr to a value_string array and the total number of entries. */ |