From ad097385c05c370440fb810e67f811398efc0ea0 Mon Sep 17 00:00:00 2001 From: Jaap Keuter Date: Wed, 30 Mar 2016 23:52:26 +0200 Subject: replace dangerous tvb_get_ptr with safer string function. Using tvb_get_ptr to get a string is always dangerous in the face of malformed packets. Instead using string functions allow for safe handling of these. Bug: 12242 Change-Id: I059c186032492aae9c90a69858ea3fc59e21313f Reviewed-on: https://code.wireshark.org/review/14714 Reviewed-by: Michael Mann Petri-Dish: Michael Mann Tested-by: Petri Dish Buildbot Reviewed-by: Alexis La Goutte --- epan/dissectors/packet-pktc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/epan/dissectors/packet-pktc.c b/epan/dissectors/packet-pktc.c index 2d1e5202c6..26550e4b9c 100644 --- a/epan/dissectors/packet-pktc.c +++ b/epan/dissectors/packet-pktc.c @@ -435,7 +435,7 @@ dissect_pktc_rekey(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offs /* Timestamp: YYMMDDhhmmssZ */ /* They really came up with a two-digit year in late 1990s! =8o */ - timestr=tvb_get_ptr(tvb, offset, 13); + timestr=tvb_get_string_enc(wmem_packet_scope(), tvb, offset, 13, ENC_ASCII); proto_tree_add_string_format_value(tree, hf_pktc_timestamp, tvb, offset, 13, timestr, "%.2s-%.2s-%.2s %.2s:%.2s:%.2s", timestr, timestr+2, timestr+4, timestr+6, timestr+8, timestr+10); @@ -672,7 +672,7 @@ proto_register_pktc(void) "Server Kerberos Principal Identifier", "pktc.server_principal", FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL }}, { &hf_pktc_timestamp, { - "Timestamp", "pktc.timestamp", FT_STRING, BASE_NONE, + "Timestamp", "pktc.timestamp", FT_STRING, STR_UNICODE, NULL, 0, "Timestamp (UTC)", HFILL }}, { &hf_pktc_app_spec_data, { "Application Specific Data", "pktc.asd", FT_NONE, BASE_NONE, -- cgit v1.2.3