From 75f64580532cdffca7b6b1a248a74750da454280 Mon Sep 17 00:00:00 2001
From: Bill Meier <wmeier@newsguy.com>
Date: Wed, 9 May 2012 20:39:21 +0000
Subject: From Martin Kaiser:  "attached is a simple fix for CID281213.
 Although the bug can't crash wireshark,  dissect_si_string() is not really
 fit for handling negative string lengths (and  doesn't need to)."

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7243

svn path=/trunk/; revision=42523
---
 epan/dissectors/packet-dvbci.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'epan/dissectors/packet-dvbci.c')

diff --git a/epan/dissectors/packet-dvbci.c b/epan/dissectors/packet-dvbci.c
index abb07ce1e2..7da99ef795 100644
--- a/epan/dissectors/packet-dvbci.c
+++ b/epan/dissectors/packet-dvbci.c
@@ -1969,7 +1969,8 @@ dissect_si_string(tvbuff_t *tvb, gint offset, gint str_len,
 
     if (!title)  /* we always have a title for our strings */
         return;
-    if (str_len==0)
+    /* str_len==-1 is not supported, we need an actual length */
+    if (str_len<=0)
         return;
 
     byte0 = tvb_get_guint8(tvb, offset);
-- 
cgit v1.2.3