From 74501b2874a4e4fe55905d592e9553e8dee3f4c1 Mon Sep 17 00:00:00 2001
From: Evan Huus <eapache@gmail.com>
Date: Tue, 8 Oct 2013 23:16:53 +0000
Subject: Hacky fix for
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9248 Just break out of
 the loop if offset doesn't go up.

There's almost certainly a better fix - the dissector is weird, and I'm not sure
if all the _length_remaining() checks are important or legacy, and what affect
they have on this issue.

At the very least this will pacify the fuzzbots until somebody has time to
figure it out properly.

svn path=/trunk/; revision=52458
---
 epan/dissectors/packet-openwire.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'epan/dissectors/packet-openwire.c')

diff --git a/epan/dissectors/packet-openwire.c b/epan/dissectors/packet-openwire.c
index b6e77d4652..819955ba50 100644
--- a/epan/dissectors/packet-openwire.c
+++ b/epan/dissectors/packet-openwire.c
@@ -946,6 +946,9 @@ dissect_openwire_type(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int o
                         /* Value */
                         offset += dissect_openwire_type(tvb, pinfo, entry_tree, offset, hf_openwire_none, OPENWIRE_TYPE_NESTED, type, FALSE);
                         proto_item_set_len(map_entry, offset - entryStartOffset);
+                        if (offset - entryStartOffset <= 0) {
+                            break;
+                        }
                     }
                 }
             }
-- 
cgit v1.2.3