diff options
author | Stephen Fisher <steve@stephen-fisher.com> | 2007-04-14 19:04:19 +0000 |
---|---|---|
committer | Stephen Fisher <steve@stephen-fisher.com> | 2007-04-14 19:04:19 +0000 |
commit | a3a02dd82e3095d411c3944ef0bb6ea44ae4ac31 (patch) | |
tree | 4adcac88da2b948b7c78b97d7243621d135a13fb /epan/dissectors/packet-ssl.c | |
parent | 7d89f5bf5f0066229f20073034e7837c4ad9dacd (diff) |
From Sake Blok:
Fix false malformed SSL handshake messages
svn path=/trunk/; revision=21438
Diffstat (limited to 'epan/dissectors/packet-ssl.c')
-rw-r--r-- | epan/dissectors/packet-ssl.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c index b7a1c3bad8..46726a7ce0 100644 --- a/epan/dissectors/packet-ssl.c +++ b/epan/dissectors/packet-ssl.c @@ -1681,9 +1681,19 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, while (offset < record_length) { msg_type = tvb_get_guint8(tvb, offset); - msg_type_str = match_strval(msg_type, ssl_31_handshake_type); length = tvb_get_ntoh24(tvb, offset + 1); + /* Check the length in the handshake message. Assume it's an + * encrypted handshake message if the message would pass + * the record_length boundary. This is a workaround for the + * situation where the first octet of the encrypted handshake + * message is actually a known handshake message type. + */ + if ( offset + length <= record_length ) + msg_type_str = match_strval(msg_type, ssl_31_handshake_type); + else + msg_type_str = NULL; + ssl_debug_printf("dissect_ssl3_handshake iteration %d type %d offset %d length %d " "bytes, remaining %d \n", first_iteration, msg_type, offset, length, record_length); if (!msg_type_str && !first_iteration) |