diff options
| author | Gerald Combs <gerald@wireshark.org> | 2005-09-20 17:23:19 +0000 |
|---|---|---|
| committer | Gerald Combs <gerald@wireshark.org> | 2005-09-20 17:23:19 +0000 |
| commit | ba83bf145fc57c59b16d67ca78a97e8e6716d193 (patch) | |
| tree | a99e20376f4f73f3fc8dd7b460d3c9d8978920b9 /epan | |
| parent | 27a1e92489383b060691fc0e828c464bcff4e30d (diff) | |
Don't try to reassemble a zero-length fragment. Add a comment to
reassemble.c about the handling of zero-length fragments.
svn path=/trunk/; revision=15899
Diffstat (limited to 'epan')
| -rw-r--r-- | epan/dissectors/packet-ber.c | 7 | ||||
| -rw-r--r-- | epan/reassemble.c | 2 |
2 files changed, 8 insertions, 1 deletions
diff --git a/epan/dissectors/packet-ber.c b/epan/dissectors/packet-ber.c index c5a968759f..4b87f0fb26 100644 --- a/epan/dissectors/packet-ber.c +++ b/epan/dissectors/packet-ber.c @@ -511,7 +511,7 @@ reassemble_octet_string(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int static GHashTable *octet_segment_table = NULL; static GHashTable *octet_reassembled_table = NULL; fragment_data *fd_head = NULL; - tvbuff_t *next_tvb; + tvbuff_t *next_tvb = NULL; tvbuff_t *reassembled_tvb = NULL; guint16 dst_ref = 0; int start_offset = offset; @@ -560,6 +560,11 @@ reassemble_octet_string(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int break; } + + if (tvb_length(next_tvb) < 1) { + /* Don't cause an assertion in the reassembly code. */ + THROW(ReportedBoundsError); + } fd_head = fragment_add_seq_next(next_tvb, 0, pinfo, dst_ref, octet_segment_table, octet_reassembled_table, diff --git a/epan/reassemble.c b/epan/reassemble.c index 2c43fd786f..07e6e1c612 100644 --- a/epan/reassemble.c +++ b/epan/reassemble.c @@ -1467,6 +1467,8 @@ fragment_add_dcerpc_dg(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 id * of that (empty) list. * * Otherwise, it returns NULL. + * + * XXX - Should we simply return NULL for zero-length fragments? */ static fragment_data * fragment_add_seq_check_work(tvbuff_t *tvb, int offset, packet_info *pinfo, |