From Peter Wu via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9153 [PATCH trivial] Fix Application Data record parsing for TLS 1.1/1.2 and DTLS 1.0/1.2

Using memcpy on overlapping memory has undefined behaviour (read: on GCC 4.8.1 this destroys the plaintext and invalidates the MAC).

This patch fixes parsing Application Data records for TLS 1.1 and 1.2 (while I am at it, also for DTLS 1.0/1.2) by using memmove instead of memcpy.

svn path=/trunk/; revision=52051

1 files changed, 2 insertions, 2 deletions

diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c
index 3bd74e56cc..3c1b315b3b 100644
--- a/epan/dissectors/packet-ssl-utils.c
+++ b/epan/dissectors/packet-ssl-utils.c
@@ -2807,13 +2807,13 @@ ssl_decrypt_record(SslDecryptSession*ssl,SslDecoder* decoder, gint ct,
     if(ssl->version_netorder==TLSV1DOT1_VERSION || ssl->version_netorder==TLSV1DOT2_VERSION){
         /* if stream cipher used, IV is not contained */
         worklen=worklen-(decoder->cipher_suite->block!=1 ? decoder->cipher_suite->block : 0);
-        memcpy(out_str->data,out_str->data+(decoder->cipher_suite->block!=1 ? decoder->cipher_suite->block : 0),worklen);
+        memmove(out_str->data,out_str->data+(decoder->cipher_suite->block!=1 ? decoder->cipher_suite->block : 0),worklen);
     }
     if(ssl->version_netorder==DTLSV1DOT0_VERSION ||
       ssl->version_netorder==DTLSV1DOT2_VERSION ||
       ssl->version_netorder==DTLSV1DOT0_VERSION_NOT){
         worklen=worklen-decoder->cipher_suite->block;
-        memcpy(out_str->data,out_str->data+decoder->cipher_suite->block,worklen);
+        memmove(out_str->data,out_str->data+decoder->cipher_suite->block,worklen);
     }
     /* Now check the MAC */
     ssl_debug_printf("checking mac (len %d, version %X, ct %d seq %d)\n",