JPEG: Add a recursion check

Fix ``` /builds/wireshark/wireshark/epan/dissectors/file-jpeg.c:773:1: warning: function 'process_tiff_ifd_chain' is within a recursive call chain [misc-no-recursion] 773 | process_tiff_ifd_chain(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, | ^ /builds/wireshark/wireshark/epan/dissectors/file-jpeg.c:773:1: note: example recursive call chain, starting from function 'process_tiff_ifd_chain' /builds/wireshark/wireshark/epan/dissectors/file-jpeg.c:896:37: note: Frame #1: function 'process_tiff_ifd_chain' calls function 'process_tiff_ifd_chain' here: 896 | process_tiff_ifd_chain(tree, tvb, pinfo, encoding, | ^ /builds/wireshark/wireshark/epan/dissectors/file-jpeg.c:896:37: note: ... which was the starting point of the recursive call chain; there may be other cycles ```
author: Gerald Combs <gerald@wireshark.org> 2024-02-20 14:28:59 -0800
committer: Gerald Combs <gerald@wireshark.org> 2024-02-21 01:00:29 +0000
commit: 46c652102f432577961cac534f20fc88fa6c11cf (patch)
tree: f5114f428a81f94506ae7957c577097920af6af5
parent: ff93425a66fe6ddb83503cc2f679542ff4a9a4f0 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/epan/dissectors/file-jpeg.c b/epan/dissectors/file-jpeg.c
index 4c492edcea..61e4ce5157 100644
--- a/epan/dissectors/file-jpeg.c
+++ b/epan/dissectors/file-jpeg.c
@@ -25,6 +25,7 @@
 #include "config.h"
 
 #include <epan/packet.h>
+#include <epan/proto_data.h>
 #include <epan/expert.h>
 #include <wiretap/wtap.h>
 
@@ -45,6 +46,8 @@ void proto_reg_handoff_jfif(void);
 #define DebugLog(x) ;
 #endif
 
+#define MAX_RECURSION_DEPTH 10 // Arbitrarily chosen.
+
 /************************** Variable declarations **************************/
 
 #define MARKER_TEM      0xFF01
@@ -770,6 +773,7 @@ process_app0_segment(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, guint3
 }
 
 static void
+// NOLINTNEXTLINE(misc-no-recursion)
 process_tiff_ifd_chain(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo,
         guint encoding, guint32 start_ifd_offset,
         int hf_tag, const char *ifd_type_desc)
@@ -893,9 +897,13 @@ process_tiff_ifd_chain(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo,
 
                             if (extension_ifd_type_desc) {
                                 if (extension_ifd_offset < tvb_reported_length(tvb)) {
+                                    unsigned recursion_depth = p_get_proto_depth(pinfo, proto_jfif);
+                                    DISSECTOR_ASSERT(recursion_depth <= MAX_RECURSION_DEPTH);
+                                    p_set_proto_depth(pinfo, proto_jfif, recursion_depth + 1);
                                     process_tiff_ifd_chain(tree, tvb, pinfo, encoding,
                                             extension_ifd_offset, extension_hf_ifd_tag,
                                             extension_ifd_type_desc);
+                                    p_set_proto_depth(pinfo, proto_jfif, recursion_depth);
                                 } else {
                                     expert_add_info_format(pinfo, value_item, &ei_start_ifd_offset,
                                         "bogus, should be < %u", tvb_reported_length(tvb));
author	Gerald Combs <gerald@wireshark.org>	2024-02-20 14:28:59 -0800
committer	Gerald Combs <gerald@wireshark.org>	2024-02-21 01:00:29 +0000
commit	46c652102f432577961cac534f20fc88fa6c11cf (patch)
tree	f5114f428a81f94506ae7957c577097920af6af5
parent	ff93425a66fe6ddb83503cc2f679542ff4a9a4f0 (diff)