diff options
author | Peter Wu <peter@lekensteyn.nl> | 2014-07-06 15:34:38 +0200 |
---|---|---|
committer | Evan Huus <eapache@gmail.com> | 2014-07-06 23:00:40 +0000 |
commit | f2b4daf4005d60eef7e34e2e6ebf4fe487d3c255 (patch) | |
tree | 1fac15d7bcbc381c5e0a3a6602e7edd20e574e39 /epan/dissectors/packet-q932-ros.c | |
parent | ec6a22dc3ba8e2d438b34d892d6a40e1be2a28f2 (diff) |
Add printf-format annotations, fix garbage
The WRETH dissector showed up some garbage in the column display. Upon
further inspection, it turns out that the format string had a trailing
percent sign which caused (unsigned)-1 to be returned by
g_printf_string_upper_bound (in emem_strdup_vprintf). Then ep_alloc is
called with (unsigned)-1 + 1 = 0 memory, no wonder that garbage shows
up. ASAN could not even catch this error because EP is in charge of
this.
So, start adding G_GNUC_PRINTF annotations in each header that uses
the "fmt" or "format" paramters (grepped + awk). This revealed some
other errors. The NCP2222 dissector was missing a format string (not
a security vuln though).
Many dissectors used val_to_str with a constant (but empty) string,
these have been replaced by val_to_str_const. ASN.1 dissectors
were regenerated for this.
Minor: the mate plugin used "%X" instead of "%p" for a pointer type.
The ncp2222 dissector and wimax plugin gained modelines.
Change-Id: I7f3f6a3136116f9b251719830a39a7b21646f622
Reviewed-on: https://code.wireshark.org/review/2881
Reviewed-by: Evan Huus <eapache@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-q932-ros.c')
-rw-r--r-- | epan/dissectors/packet-q932-ros.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/epan/dissectors/packet-q932-ros.c b/epan/dissectors/packet-q932-ros.c index 59a37a30eb..861278e5c2 100644 --- a/epan/dissectors/packet-q932-ros.c +++ b/epan/dissectors/packet-q932-ros.c @@ -507,7 +507,7 @@ dissect_q932_ros_GeneralProblem(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, in &problem_val); #line 53 "../../asn1/q932-ros/q932-ros.cnf" - g_strlcpy(problem_str, val_to_str(problem_val, VALS(q932_ros_GeneralProblem_vals), ""), 64); + g_strlcpy(problem_str, val_to_str_const(problem_val, VALS(q932_ros_GeneralProblem_vals), ""), 64); return offset; } @@ -532,7 +532,7 @@ dissect_q932_ros_InvokeProblem(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int &problem_val); #line 55 "../../asn1/q932-ros/q932-ros.cnf" - g_strlcpy(problem_str, val_to_str(problem_val, VALS(q932_ros_InvokeProblem_vals), ""), 64); + g_strlcpy(problem_str, val_to_str_const(problem_val, VALS(q932_ros_InvokeProblem_vals), ""), 64); return offset; } @@ -552,7 +552,7 @@ dissect_q932_ros_ReturnResultProblem(gboolean implicit_tag _U_, tvbuff_t *tvb _U &problem_val); #line 57 "../../asn1/q932-ros/q932-ros.cnf" - g_strlcpy(problem_str, val_to_str(problem_val, VALS(q932_ros_ReturnResultProblem_vals), ""), 64); + g_strlcpy(problem_str, val_to_str_const(problem_val, VALS(q932_ros_ReturnResultProblem_vals), ""), 64); return offset; } @@ -574,7 +574,7 @@ dissect_q932_ros_ReturnErrorProblem(gboolean implicit_tag _U_, tvbuff_t *tvb _U_ &problem_val); #line 59 "../../asn1/q932-ros/q932-ros.cnf" - g_strlcpy(problem_str, val_to_str(problem_val, VALS(q932_ros_ReturnErrorProblem_vals), ""), 64); + g_strlcpy(problem_str, val_to_str_const(problem_val, VALS(q932_ros_ReturnErrorProblem_vals), ""), 64); return offset; } |