DCOM: always NUL-terminate dissect_dcom_BSTR results

All of the six users in plugins/epan/profinet/packet-dcom-cba.c expect the string to be NUL-terminated, so ensure this to avoid reading uninitialized memory for the Info column. Bug: 15130 Change-Id: Ibc922068d14b87ce324af3cec22a5f8343088b40 Reviewed-on: https://code.wireshark.org/review/30128 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
author: Peter Wu <peter@lekensteyn.nl> 2018-10-11 13:04:03 +0200
committer: Anders Broman <a.broman58@gmail.com> 2018-10-12 05:09:00 +0000
commit: ec6ace066ae4c889d4c18a0a38a8c6053483877b (patch)
tree: 437d9e292bd7ebc48af52a8e3aca19fb79f3186e /epan/dissectors/packet-dcom.c
parent: f4be16aa45e76d862ff858e8c36e28a206be3143 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/epan/dissectors/packet-dcom.c b/epan/dissectors/packet-dcom.c
index d12216a767..79cf6a6009 100644
--- a/epan/dissectors/packet-dcom.c
+++ b/epan/dissectors/packet-dcom.c
@@ -1725,8 +1725,10 @@ dissect_dcom_BSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
 	offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, di, drep,
 			&u32ArraySize);
 
-	if ((guint32)offset + u32ArraySize*2 > G_MAXINT)
+	if ((guint32)offset + u32ArraySize*2 > G_MAXINT) {
+		pszStr[0] = 0;
 		return offset;
+	}
 
 	realOffset = offset + u32ArraySize*2;
author	Peter Wu <peter@lekensteyn.nl>	2018-10-11 13:04:03 +0200
committer	Anders Broman <a.broman58@gmail.com>	2018-10-12 05:09:00 +0000
commit	ec6ace066ae4c889d4c18a0a38a8c6053483877b (patch)
tree	437d9e292bd7ebc48af52a8e3aca19fb79f3186e /epan/dissectors/packet-dcom.c
parent	f4be16aa45e76d862ff858e8c36e28a206be3143 (diff)