diff options
author | guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7> | 2005-03-11 02:01:17 +0000 |
---|---|---|
committer | guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7> | 2005-03-11 02:01:17 +0000 |
commit | 933a4f5ea9012630edde8faa33f97976e8c876bc (patch) | |
tree | 6b0474728f4a7a7584f81e548c20b19c3d33d1cf /doc | |
parent | b7037b2557821f9643714f531dbb68afa4d58b16 (diff) |
Add one more reason to use "tvb_get_string()", as we've had a recent
vulnerability due to somebody fetching a string into a fixed-length
buffer.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13708 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'doc')
-rw-r--r-- | doc/README.developer | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/README.developer b/doc/README.developer index dfea3e1ece..cdcb7f4ddd 100644 --- a/doc/README.developer +++ b/doc/README.developer @@ -356,6 +356,17 @@ Otherwise, you can check whether the data is present by using the pointer from "tvb_get_ptr()" (see the item on this in the Portability section above, and the next item below). +Note also that you should only fetch string data into a fixed-length +buffer if the code ensures that no more bytes than will fit into the +buffer are fetched ("the protocol ensures" isn't good enough, as +protocol specifications can't ensure only packets that conform to the +specification will be transmitted or that only packets for the protocol +in question will be interpreted as packets for that protocol by +Ethereal). If there's no maximum length of string data to be fetched, +routines such as "tvb_get_string()" are safer, as they allocate a buffer +large enough to hold the string. (Note that you should free the string +once you're finished with it.) + If you have gotten a pointer using "tvb_get_ptr()", you must make sure that you do not refer to any data past the length passed as the last argument to "tvb_get_ptr()"; while the various "tvb_get" routines |