diff options
author | Stig Bjørlykke <stig@bjorlykke.org> | 2018-09-05 15:41:46 +0200 |
---|---|---|
committer | Stig Bjørlykke <stig@bjorlykke.org> | 2018-09-05 17:19:42 +0000 |
commit | 0b80a4218788284332a1fabef057d7c2b818f792 (patch) | |
tree | 46a00d8dfb63e8dfbf3f06eabc02d17789a4d499 /epan/dissectors/packet-http.c | |
parent | c15ada34b17b614230194ba8f22dad76b51c30fa (diff) |
epan: Guard g_base64_decode_inplace() against zero length string
The g_base64_decode_inplace() does not handle zero length string
so add a guard for this before calling.
Bug: 15113
Change-Id: I89fa17dd62af238f4282835c317e5c8be6e0c8a1
Reviewed-on: https://code.wireshark.org/review/29428
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Diffstat (limited to 'epan/dissectors/packet-http.c')
-rw-r--r-- | epan/dissectors/packet-http.c | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/epan/dissectors/packet-http.c b/epan/dissectors/packet-http.c index b481c86713..4b80bf5c92 100644 --- a/epan/dissectors/packet-http.c +++ b/epan/dissectors/packet-http.c @@ -3322,8 +3322,10 @@ check_auth_basic(proto_item *hdr_item, tvbuff_t *tvb, gchar *value) hdr_tree = NULL; value += hdrlen; - g_base64_decode_inplace(value, &len); - value[len] = 0; + if (strlen(value) > 1) { + g_base64_decode_inplace(value, &len); + value[len] = 0; + } proto_tree_add_string(hdr_tree, hf_http_basic, tvb, 0, 0, value); @@ -3374,8 +3376,10 @@ check_auth_citrixbasic(proto_item *hdr_item, tvbuff_t *tvb, gchar *value, int of if ( ch_ptr != NULL ) { data_len = (int)(ch_ptr - value + 1); data_val = wmem_strndup(wmem_packet_scope(), value, data_len); - g_base64_decode_inplace(data_val, &len); - data_val[len] = 0; + if (data_len > 1) { + g_base64_decode_inplace(data_val, &len); + data_val[len] = 0; + } pi = proto_tree_add_string(hdr_tree, hf_http_citrix_user, tvb, offset , data_len - 1, data_val); PROTO_ITEM_SET_GENERATED(pi); @@ -3390,8 +3394,10 @@ check_auth_citrixbasic(proto_item *hdr_item, tvbuff_t *tvb, gchar *value, int of if ( ch_ptr != NULL ) { data_len = (int)(ch_ptr - value + 1); data_val = wmem_strndup(wmem_packet_scope(), value, data_len); - g_base64_decode_inplace(data_val, &len); - data_val[len] = 0; + if (data_len > 1) { + g_base64_decode_inplace(data_val, &len); + data_val[len] = 0; + } pi = proto_tree_add_string(hdr_tree, hf_http_citrix_domain, tvb, offset, data_len - 1, data_val); PROTO_ITEM_SET_GENERATED(pi); @@ -3406,8 +3412,10 @@ check_auth_citrixbasic(proto_item *hdr_item, tvbuff_t *tvb, gchar *value, int of if ( ch_ptr != NULL ) { data_len = (int)(ch_ptr - value + 1); data_val = wmem_strndup(wmem_packet_scope(), value, data_len); - g_base64_decode_inplace(data_val, &len); - data_val[len] = 0; + if (data_len > 1) { + g_base64_decode_inplace(data_val, &len); + data_val[len] = 0; + } pi = proto_tree_add_string(hdr_tree, hf_http_citrix_passwd, tvb, offset, data_len - 1, data_val); PROTO_ITEM_SET_GENERATED(pi); @@ -3422,8 +3430,10 @@ check_auth_citrixbasic(proto_item *hdr_item, tvbuff_t *tvb, gchar *value, int of if ( ch_ptr != NULL ) { data_len = (int)(ch_ptr - value + 1); data_val = wmem_strndup(wmem_packet_scope(), value, data_len); - g_base64_decode_inplace(data_val, &len); - data_val[len] = 0; + if (data_len > 1) { + g_base64_decode_inplace(data_val, &len); + data_val[len] = 0; + } pi = proto_tree_add_string(hdr_tree, hf_http_citrix_session, tvb, offset, data_len - 1, data_val); PROTO_ITEM_SET_GENERATED(pi); |