forked from osmocom/wireshark
epan: Free pointers to deallocated memory
When redissecting packets we call epan_free() which deallocates wmem_file_scope memory. Such memory may be used in proto_data for the currently selected packet (cf->edt) and leaves pointers to deallocated memory (cf->edt->pi.fd->pfd). Free them after epan_free() to avoid unintended usage in packet_list_clear(). Bug: 11740 Change-Id: Ia3bc54f3f34e644a98b8a7eb1addd19b8aeeaab9 Reviewed-on: https://code.wireshark.org/review/11996 Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
parent
e36f987c51
commit
391f11a7ec
6
file.c
6
file.c
|
@ -1624,6 +1624,12 @@ rescan_packets(capture_file *cf, const char *action, const char *action_item, gb
|
|||
|
||||
/* 'reset' dissection session */
|
||||
epan_free(cf->epan);
|
||||
if (cf->edt && cf->edt->pi.fd) {
|
||||
/* All pointers in "per frame proto data" for the currently selected
|
||||
packet are allocated in wmem_file_scope() and deallocated in epan_free().
|
||||
Free them here to avoid unintended usage in packet_list_clear(). */
|
||||
frame_data_destroy(cf->edt->pi.fd);
|
||||
}
|
||||
cf->epan = ws_epan_new(cf);
|
||||
cf->cinfo.epan = cf->epan;
|
||||
|
||||
|
|
Loading…
Reference in New Issue