diff options
author | Michael Mann <mmann78@netscape.net> | 2013-05-01 23:59:16 +0000 |
---|---|---|
committer | Michael Mann <mmann78@netscape.net> | 2013-05-01 23:59:16 +0000 |
commit | 195e87f3ea20457a2b2833e61432cf7d5d4fd7be (patch) | |
tree | 5c31b919322a8c963c0c8aa53b3d3c13df1f3d12 /epan/dissectors/packet-snmp.c | |
parent | 916c1c5c011ac0925327e5b26725f547264407f5 (diff) |
Protect a "divide by zero" operation. Bug 7359 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7359). This seems to have been generated through a corrupted UAT file switching between 1.8 and 1.10, but it's a good check to have regardless.
svn path=/trunk/; revision=49128
Diffstat (limited to 'epan/dissectors/packet-snmp.c')
-rw-r--r-- | epan/dissectors/packet-snmp.c | 36 |
1 files changed, 22 insertions, 14 deletions
diff --git a/epan/dissectors/packet-snmp.c b/epan/dissectors/packet-snmp.c index 7427800945..96e66422c6 100644 --- a/epan/dissectors/packet-snmp.c +++ b/epan/dissectors/packet-snmp.c @@ -3174,12 +3174,16 @@ snmp_usm_password_to_key_md5(const guint8 *password, guint passwordlen, /**********************************************/ while (count < 1048576) { cp = password_buf; - for (i = 0; i < 64; i++) { - /*************************************************/ - /* Take the next octet of the password, wrapping */ - /* to the beginning of the password as necessary.*/ - /*************************************************/ - *cp++ = password[password_index++ % passwordlen]; + if (passwordlen != 0) { + for (i = 0; i < 64; i++) { + /*************************************************/ + /* Take the next octet of the password, wrapping */ + /* to the beginning of the password as necessary.*/ + /*************************************************/ + *cp++ = password[password_index++ % passwordlen]; + } + } else { + *cp = 0; } md5_append(&MD, password_buf, 64); count += 64; @@ -3226,12 +3230,16 @@ snmp_usm_password_to_key_sha1(const guint8 *password, guint passwordlen, /**********************************************/ while (count < 1048576) { cp = password_buf; - for (i = 0; i < 64; i++) { - /*************************************************/ - /* Take the next octet of the password, wrapping */ - /* to the beginning of the password as necessary.*/ - /*************************************************/ - *cp++ = password[password_index++ % passwordlen]; + if (passwordlen != 0) { + for (i = 0; i < 64; i++) { + /*************************************************/ + /* Take the next octet of the password, wrapping */ + /* to the beginning of the password as necessary.*/ + /*************************************************/ + *cp++ = password[password_index++ % passwordlen]; + } + } else { + *cp = 0; } sha1_update (&SH, password_buf, 64); count += 64; @@ -3771,7 +3779,7 @@ void proto_register_snmp(void) { NULL, HFILL }}, /*--- End of included file: packet-snmp-hfarr.c ---*/ -#line 2286 "../../asn1/snmp/packet-snmp-template.c" +#line 2294 "../../asn1/snmp/packet-snmp-template.c" }; /* List of subtrees */ @@ -3811,7 +3819,7 @@ void proto_register_snmp(void) { &ett_snmp_RReqPDU_U, /*--- End of included file: packet-snmp-ettarr.c ---*/ -#line 2302 "../../asn1/snmp/packet-snmp-template.c" +#line 2310 "../../asn1/snmp/packet-snmp-template.c" }; module_t *snmp_module; |