From c18527619e48f8f172d0f30a9617cca2eb8c3901 Mon Sep 17 00:00:00 2001 From: Martin Kaiser Date: Sun, 28 Feb 2016 14:17:00 +0100 Subject: u3v: clean up the heuristic check check for the minimum lenght before dereferencing data add a NULL check for usb_conv_info Change-Id: I91014d5929f57cc9eed2bfc7adef9f89541ece45 Reviewed-on: https://code.wireshark.org/review/14221 Reviewed-by: Martin Kaiser --- epan/dissectors/packet-u3v.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'epan') diff --git a/epan/dissectors/packet-u3v.c b/epan/dissectors/packet-u3v.c index 5b5b46334f..3918da4b85 100644 --- a/epan/dissectors/packet-u3v.c +++ b/epan/dissectors/packet-u3v.c @@ -1882,27 +1882,28 @@ static gboolean dissect_u3v_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) { guint32 prefix; - usb_conv_info_t *usb_conv_info =NULL; - u3v_conv_info_t *u3v_conv_info =NULL; + usb_conv_info_t *usb_conv_info; + u3v_conv_info_t *u3v_conv_info; + + /* all control and meta data packets of U3V contain at least the prefix */ + if (tvb_reported_length(tvb) < 4) + return FALSE; + prefix = tvb_get_letohl(tvb, 0); /* check if stream endpoint has been already set up for this conversation */ usb_conv_info = (usb_conv_info_t *)data; - u3v_conv_info = (u3v_conv_info_t *)usb_conv_info->class_data; - - - /* all control and meta data packets of U3V contain at least the prefix */ - if (tvb_reported_length(tvb) < 4) { + if (!usb_conv_info) return FALSE; - } + u3v_conv_info = (u3v_conv_info_t *)usb_conv_info->class_data; /* either right prefix or the endpoint of the current transfer has been recognized as stream endpoint already */ - prefix = tvb_get_letohl(tvb, 0); if ((U3V_STREAM_LEADER_PREFIX == prefix) || (U3V_STREAM_TRAILER_PREFIX == prefix) || (U3V_CONTROL_PREFIX == prefix) || (U3V_EVENT_PREFIX == prefix) || ( u3v_conv_info && (usb_conv_info->endpoint == u3v_conv_info->ep_stream))) { dissect_u3v(tvb, pinfo, tree, data); return TRUE; } + return FALSE; } -- cgit v1.2.3