diff options
| -rw-r--r-- | docbook/release-notes.xml | 43 | ||||
| -rw-r--r-- | epan/dissectors/packet-gsm_sms.c | 12 |
2 files changed, 34 insertions, 21 deletions
diff --git a/docbook/release-notes.xml b/docbook/release-notes.xml index aa29b5c07f..20cebdbcdc 100644 --- a/docbook/release-notes.xml +++ b/docbook/release-notes.xml @@ -20,7 +20,7 @@ DOCUMENT SECTION <!-- Ethereal Info --> - <!ENTITY EtherealCurrentVersion "0.10.15"> + <!ENTITY EtherealCurrentVersion "0.99.0"> <!ENTITY EtherealWebSite "http://www.ethereal.com"> <!ENTITY EtherealUsersGuidePage "&EtherealWebSite;/docs/#usersguide"> <!ENTITY EtherealDownloadPage "&EtherealWebSite;/download.html"> @@ -67,7 +67,7 @@ Gnu info <section id="WhatsNew"><title>What's New</title> <section><title>Bug Fixes</title> <para> - Three security vulnerabilities have been fixed since the + Many security vulnerabilities have been fixed since the previous release. See the <ulink url="http://www.ethereal.com/appnotes/enpa-sa-00022.html">application advisory</ulink> for more details. @@ -85,25 +85,36 @@ Gnu info <!-- Bug IDs: ??? --> Versions affected: ???. </para></listitem> - <listitem><para> - Win32: Unicode characters in the users profile path causes problems - reading/writing the preferences (and alike) files. - <!-- Fixed in r17024 --> - <!-- Bug IDs: 648 --> - Versions affected: 0.10.14. - </para></listitem> - <listitem><para> - Win32: Unicode characters in filenames given to the Ethereal command - line doesn't work (used e.g. when "double-clicking" in explorer). - <!-- Fixed in r17025 --> - <!-- Bug IDs: 661 --> - Versions affected: 0.10.14. - </para></listitem> <!-- FIX (17235), canary bugs --> + + </itemizedlist> + + Under a grant funded by the U.S. Department of Homeland Security, + <ulink url="http://www.coverity.com">Coverity</a> has uncovered + a number of vulnerabilities in Ethereal: + <itemizedlist> + + <listitem><para> + The GSM SMS dissector could crash Ethereal. + <!-- Fixed in r17506 --> + <!-- Bug IDs: None --> + <!-- Coverity run 12, CID 104 --> + Versions affected: ???. + </para></listitem> + </itemizedlist> </para> + + <para> + Win32: Unicode characters in the users profile path causes problems + reading/writing the preferences (and alike) files. + <!-- Fixed in r17024,r17025 --> + <!-- Bug IDs: 648 --> + Versions affected: 0.10.14. + </para> + </section> <section><title>New and Updated Features</title> diff --git a/epan/dissectors/packet-gsm_sms.c b/epan/dissectors/packet-gsm_sms.c index e10e53b42e..86f4976aa9 100644 --- a/epan/dissectors/packet-gsm_sms.c +++ b/epan/dissectors/packet-gsm_sms.c @@ -1756,17 +1756,19 @@ dis_field_ud_iei(tvbuff_t *tvb, proto_tree *tree, guint32 offset, guint8 length) } /* 9.2.3.24 */ +#define NUM_FILL_BITS_MASKS 6 static void dis_field_ud(tvbuff_t *tvb, proto_tree *tree, guint32 offset, guint32 length, gboolean udhi, guint8 udl, gboolean seven_bit, gboolean eight_bit, gboolean ucs2, gboolean compressed) { - static guint8 fill_bits_mask[] = { 0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc }; + static guint8 fill_bits_mask[NUM_FILL_BITS_MASKS] = + { 0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc }; proto_item *item; proto_item *udh_item; proto_tree *subtree = NULL; proto_tree *udh_subtree = NULL; - guint8 oct; - guint8 fill_bits; + guint oct; + guint fill_bits; guint32 out_len; char *ustr; @@ -1813,7 +1815,7 @@ dis_field_ud(tvbuff_t *tvb, proto_tree *tree, guint32 offset, guint32 length, gb /* step over fill bits ? */ fill_bits = 7 - (((oct + 1) * 8) % 7); - if (fill_bits != 7) + if (fill_bits < NUM_FILL_BITS_MASKS) { oct = tvb_get_guint8(tvb, offset); @@ -2353,7 +2355,7 @@ dis_msg_status_report(tvbuff_t *tvb, proto_tree *tree, guint32 offset) offset++; /* Parameter indicating the presence of any of * the optional parameters which follow - * 4) Mandatory if any of the optional parameters following TP-PI is present, + * 4) Mandatory if any of the optional parameters following TP-PI is present, * otherwise optional. */ if (length <= (offset - saved_offset)) |