diff options
author | Peter Wu <peter@lekensteyn.nl> | 2015-11-22 18:16:46 +0100 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2015-11-25 12:35:52 +0000 |
commit | cec0593ae6c3bca65eff65741c2a10f3de3e0afe (patch) | |
tree | 697b6920a0ecc8d50d36e812f8c6e339e7b98d1c /epan/dissectors/packet-symantec.c | |
parent | 9107fb6039260ad2e84f303fd824dc66e62bdd24 (diff) |
Fix buffer overrun in zlib decompression
After updating next_in (to remove the gzip header), avail_in must also
be updated. Failing to do makes zlib read past the input buffer. In
theory this would resukt in a buffer overrun of at most double the input
length, in practice zlib returns as soon as the compression fails (after
reading a few bytes).
Bug: 11548
Change-Id: If71691a2846338f46d866964a77cc4e74a9b61dd
Reviewed-on: https://code.wireshark.org/review/12038
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'epan/dissectors/packet-symantec.c')
0 files changed, 0 insertions, 0 deletions