From 36981a653ea60b55f62efea4f1cb07e42687dd37 Mon Sep 17 00:00:00 2001
From: Michael Mann <mmann78@netscape.net>
Date: Sun, 30 Dec 2018 11:37:13 -0500
Subject: KNET: Validate the length field before claiming packet

Heuristic is weak, but length of packet should be non-zero.

Change-Id: I68d6d85092c84d5d421731be3ada008fe7a5b06f
Reviewed-on: https://code.wireshark.org/review/31266
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
---
 epan/dissectors/packet-knet.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/epan/dissectors/packet-knet.c b/epan/dissectors/packet-knet.c
index 05a9d787e9..57842998bf 100644
--- a/epan/dissectors/packet-knet.c
+++ b/epan/dissectors/packet-knet.c
@@ -546,6 +546,14 @@ dissect_knet_tcp_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
 static int
 dissect_knet_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
 {
+    //Sanity check the length field
+    if (tvb_reported_length(tvb) < 2)
+        return 0;
+
+    int offset = 0;
+    if (dissect_content_length_vle(tvb, &offset, NULL) == 0)
+        return 0;
+
     col_clear(pinfo->cinfo, COL_INFO);
     col_set_str(pinfo->cinfo, COL_PROTOCOL, "KNET");
 
-- 
cgit v1.2.3