diff options
| author | Peter Wu <peter@lekensteyn.nl> | 2018-10-09 19:18:34 +0200 |
|---|---|---|
| committer | Anders Broman <a.broman58@gmail.com> | 2018-10-10 04:57:38 +0000 |
| commit | 5a2aafef7a8ad4b3917823133c2e3534951fc4d3 (patch) | |
| tree | 2c0369e002939e397c17d82e8ac984cd0e21eaba /epan/dissectors/packet-coap.c | |
| parent | e1fc60ddaecaa914e384ae8bc9bf46cca0096df2 (diff) | |
coap: ensure that piv_len matches piv
In frame 121, piv_len was 1 while piv was NULL. Ensure that both piv and
piv_len are reset to avoid this. Adjust another check to ensure that piv
and piv_len are in sync (probably not necessary, but it seems the
intention).
Bug: 15172
Change-Id: If8636d32f3273d6707749c807bd7d676ca9ab96d
Fixes: v2.5.2rc0-9-g830ea5731a ("CoAP: Hooks to OSCORE")
Reviewed-on: https://code.wireshark.org/review/30100
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-coap.c')
| -rw-r--r-- | epan/dissectors/packet-coap.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/epan/dissectors/packet-coap.c b/epan/dissectors/packet-coap.c index b034042c32..40331af9ad 100644 --- a/epan/dissectors/packet-coap.c +++ b/epan/dissectors/packet-coap.c @@ -451,8 +451,11 @@ dissect_coap_opt_object_security(tvbuff_t *tvb, proto_item *head_item, proto_tre coinfo->object_security = TRUE; coinfo->oscore_info->piv = NULL; + coinfo->oscore_info->piv_len = 0; coinfo->oscore_info->kid_context = NULL; + coinfo->oscore_info->kid_context_len = 0; coinfo->oscore_info->kid = NULL; + coinfo->oscore_info->kid_len = 0; if (opt_length == 0) { /* option length is zero, means flag byte is 0x00*/ /* add info to the head of the packet detail */ @@ -1148,11 +1151,9 @@ dissect_coap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* d /* Indicate to OSCORE that this response contains its own PIV */ coinfo->oscore_info->piv_in_response = TRUE; coap_trans->oscore_info->piv_in_response = TRUE; - } else { - if (coap_trans->oscore_info->piv) { - /* Use the PIV from the request */ - coinfo->oscore_info->piv = (guint8 *) wmem_memdup(wmem_packet_scope(), coap_trans->oscore_info->piv, coap_trans->oscore_info->piv_len); - } + } else if (coap_trans->oscore_info->piv_len > 0) { + /* Use the PIV from the request */ + coinfo->oscore_info->piv = (guint8 *) wmem_memdup(wmem_packet_scope(), coap_trans->oscore_info->piv, coap_trans->oscore_info->piv_len); coinfo->oscore_info->piv_len = coap_trans->oscore_info->piv_len; } coinfo->oscore_info->response = TRUE; |