forked from osmocom/wireshark
SCTP: assure size before attempting checksum calculation
When checksum calculations are performed (irrespective of type) the calculation is assumed to be possible on at least a common header and optionally a payload. This assumption was not checked, which could lead to out of bound access of packet buffer data. Simply adding the assurance that enough buffer data is available avoids this out of bound access. CID 1439698 Change-Id: I5fec69b96b1064ffdda11f51b882fe5775844475 Reviewed-on: https://code.wireshark.org/review/33185 Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This commit is contained in:
parent
80920b0855
commit
1573d4ddb2
|
@ -4647,7 +4647,8 @@ dissect_sctp_packet(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolea
|
|||
sctp_info.checksum_zero = (checksum == 0);
|
||||
|
||||
/* Only try to checksum the packet if we have all of it */
|
||||
if (captured_length == reported_length) {
|
||||
if ((captured_length == reported_length) &&
|
||||
(captured_length >= COMMON_HEADER_LENGTH)) {
|
||||
|
||||
switch(sctp_checksum) {
|
||||
case SCTP_CHECKSUM_NONE:
|
||||
|
|
Loading…
Reference in New Issue