diff options
author | Michael Mann <mmann78@netscape.net> | 2015-11-27 20:37:36 -0500 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2015-11-28 09:22:30 +0000 |
commit | 38c53f9800dc49fca3dad9d9cc9cfb0eea8f52b5 (patch) | |
tree | dfce480fa2d36f2a48f76ae84f90e300dae62d54 /wiretap/iseries.c | |
parent | 44d98dafd49f7133569f0d982ddf0746c230322f (diff) |
Sanity check iSeries packet length to prevent heap-based buffer overflow.
Bug: 11798
Change-Id: I7aebe709ef4014a385819835ef6effabbb4f0ca4
Reviewed-on: https://code.wireshark.org/review/12238
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'wiretap/iseries.c')
-rw-r--r-- | wiretap/iseries.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/wiretap/iseries.c b/wiretap/iseries.c index 1b7f812e80..4fb1bab118 100644 --- a/wiretap/iseries.c +++ b/wiretap/iseries.c @@ -588,7 +588,7 @@ iseries_parse_packet (wtap * wth, FILE_T fh, struct wtap_pkthdr *phdr, "%12s%*[ \n\t]%12s%*[ \n\t]ETHV2%*[ \n\t]TYPE:%*[ \n\t]%4s", &pktnum, direction, &pkt_len, &hr, &min, &sec, csec, destmac, srcmac, type); - if (num_items_scanned == 10) + if ((num_items_scanned == 10) && (pkt_len >= 0)) { /* OK! We found the packet header line */ isValid = TRUE; |