diff options
| author | Guy Harris <guy@alum.mit.edu> | 2019-03-14 03:12:07 -0700 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2019-03-14 10:48:29 +0000 |
| commit | f18bd4bd68e950a22baa9d7d4f1ed9236b410f68 (patch) | |
| tree | 72c2525ffb29e6de3795dbf1cba47401af11a7f3 /wiretap | |
| parent | 3b2b1d571deebae5d070dbf2431be03872a14a9f (diff) | |
Fix the test for a NetScaler trace file.
When testing the signature field against a given version's signature:
we require that the signature field's size (size, not C
null-terminated string length) be at least the size of the
signature string (otherwise, it can't possibly match);
we check to make sure that the first N bytes of the signature
field, where N is the size of the version's signature string
(not including any terminating '\0' in that string), match the
version's signature string.
I.e., we require that the version's signature string is a prefix of the
signature string in the file.
This does not require that the signature string in the file be
null-terminated.
It also doesn't allow the file's signature string to be a substring of
the version's signature string, as that's *NOT* sufficient to identify
the file as a NetScaler trace file, especially if we forcibly
null-terminate the file's signature string and we trucate it to be
zero-length, as, in that case, it's *always* a prefix of the version's
signature string, and the file is incorrectly identified as a NetScaler
trace file.
(While we're at it, we make the nspm_signature_isvXXX() routines return
true if it *is* and false if it *isn't*, rather than the reverse; having
a routine with a name containing "is", and not "isnt", return true if it
*isn't* is confusing.)
Change-Id: I3694773a71b8b63d280e42f146698c82a0f0c332
Ping-Bug: 15601
Reviewed-on: https://code.wireshark.org/review/32403
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'wiretap')
| -rw-r--r-- | wiretap/netscaler.c | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/wiretap/netscaler.c b/wiretap/netscaler.c index 634b091350..82945003dc 100644 --- a/wiretap/netscaler.c +++ b/wiretap/netscaler.c @@ -824,10 +824,24 @@ wtap_open_return_val nstrace_open(wtap *wth, int *err, gchar **err_info) return WTAP_OPEN_MINE; } - +/* +** Generates a function that checks whether the specified signature +** field, with the specified size, matches the signature string for +** the version specified as an argument to the macro. +** +** The function does so by checking whether the signature string for +** the version in question is a prefix of the signature field. +** +** For that to be true, the field must have a size >= to the size (not +** counting the terminating'\0') of the version's signature string, +** and the first N bytes of the field, where N is the length of the +** version string of the version (again, not counting the terminating +** '\0'), are equal to the version's signature string. +*/ #define nspm_signature_func(ver) \ - static guint32 nspm_signature_isv##ver(gchar *sigp) {\ - return strncmp(sigp,NSPR_SIGSTR_V##ver,MIN(strlen(sigp),sizeof(NSPR_SIGSTR_V##ver)-1));\ + static guint32 nspm_signature_isv##ver(gchar *sigp, size_t sigsize) {\ + size_t versiglen = sizeof(NSPR_SIGSTR_V##ver)-1;\ + return sigsize >= versiglen && strncmp(sigp,NSPR_SIGSTR_V##ver,versiglen) == 0;\ } nspm_signature_func(10) @@ -859,7 +873,7 @@ nspm_signature_version(wtap *wth, gchar *nstrace_buf, gint32 len) (pletoh16(&sigv10p->nsprRecordSize) <= len) && (pletoh16(&sigv10p->nsprRecordSize) > 0) && ((gint32)sizeof(NSPR_SIGSTR_V10) <= len) && - (!nspm_signature_isv10(sigv10p->sig_Signature))) + (nspm_signature_isv10(sigv10p->sig_Signature, sizeof sigv10p->sig_Signature))) return WTAP_FILE_TYPE_SUBTYPE_NETSCALER_1_0; #undef sigv10p @@ -869,11 +883,11 @@ nspm_signature_version(wtap *wth, gchar *nstrace_buf, gint32 len) ((gint32)sizeof(NSPR_SIGSTR_V20) <= len)) { sigv20p->sig_Signature[sigv20p->sig_RecordSize] = '\0'; - if (!nspm_signature_isv20(sigv20p->sig_Signature)){ + if (nspm_signature_isv20(sigv20p->sig_Signature, sizeof sigv20p->sig_Signature)){ return WTAP_FILE_TYPE_SUBTYPE_NETSCALER_2_0; - } else if (!nspm_signature_isv30(sigv20p->sig_Signature)){ + } else if (nspm_signature_isv30(sigv20p->sig_Signature, sizeof sigv20p->sig_Signature)){ return WTAP_FILE_TYPE_SUBTYPE_NETSCALER_3_0; - }else if (!nspm_signature_isv35(sigv20p->sig_Signature)){ + }else if (nspm_signature_isv35(sigv20p->sig_Signature, sizeof sigv20p->sig_Signature)){ return WTAP_FILE_TYPE_SUBTYPE_NETSCALER_3_5; } } |