From 035231b534547262b729198590d621ef976afdfd Mon Sep 17 00:00:00 2001
From: Balint Reczey <balint.reczey@ericsson.com>
Date: Sat, 22 Aug 2009 22:46:41 +0000
Subject: [PATCH] From Frederic Peters (made endian-aware by me): fixed
 segfault with some GIOP packets

svn path=/trunk/; revision=29509
---
 epan/dissectors/packet-giop.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/epan/dissectors/packet-giop.c b/epan/dissectors/packet-giop.c
index 0f1514cf46..383d8513e7 100644
--- a/epan/dissectors/packet-giop.c
+++ b/epan/dissectors/packet-giop.c
@@ -1716,7 +1716,7 @@ static void giop_dump_collection(collection_data_t collection_type) {
  * But skip a subdissector if it has been disabled in GUI "edit protocols".
  */
 
-static gboolean try_heuristic_giop_dissector(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int *offset,
+static gboolean try_heuristic_giop_dissector(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 *offset,
 		MessageHeader *header, gchar *operation  ) {
 
   int i,len;
@@ -1728,6 +1728,19 @@ static gboolean try_heuristic_giop_dissector(tvbuff_t *tvb, packet_info *pinfo,
 
   if (len == 0)
     return FALSE;
+  
+  {
+    guint32 message_size;
+    gboolean stream_is_big_endian = is_big_endian (header);
+
+    if (stream_is_big_endian)
+      message_size = pntohl (header->message_size);
+    else
+      message_size = pletohl (header->message_size);
+
+    if (*offset > header->message_size)
+      return FALSE;
+  }
 
   saved_proto = pinfo->current_proto;
   for (i=0; i<len; i++) {