forked from osmocom/wireshark
packet-mq: Fix problem in get_mq_pdu_len
Found during fuzz test that the get_mq_pdu_len can return a 0 length pdu. Fix to at least return tvb_reported_length_remaining Change-Id: I6410f71724a6288fe42a4f600e72a8af787aa7eb Reviewed-on: https://code.wireshark.org/review/25574 Petri-Dish: Martin Kaiser <wireshark@kaiser.cx> Tested-by: Petri Dish Buildbot Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
This commit is contained in:
parent
ffc200ade3
commit
3aff560761
|
@ -3728,17 +3728,16 @@ static int reassemble_mq(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, vo
|
||||||
static guint get_mq_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb,
|
static guint get_mq_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb,
|
||||||
int offset, void *data _U_)
|
int offset, void *data _U_)
|
||||||
{
|
{
|
||||||
if (tvb_reported_length_remaining(tvb, offset) >= 8)
|
guint uLen = tvb_reported_length_remaining(tvb, offset);
|
||||||
|
if (uLen >= 8)
|
||||||
{
|
{
|
||||||
guint32 mq_strucID = tvb_get_ntohl(tvb, offset + 0);
|
guint32 mq_strucID = tvb_get_ntohl(tvb, offset + 0);
|
||||||
if ((mq_strucID & MQ_MASK_TSHx) == MQ_STRUCTID_TSHx || (mq_strucID & MQ_MASK_TSHx) == MQ_STRUCTID_TSHx_EBCDIC)
|
if ((mq_strucID & MQ_MASK_TSHx) == MQ_STRUCTID_TSHx || (mq_strucID & MQ_MASK_TSHx) == MQ_STRUCTID_TSHx_EBCDIC)
|
||||||
{
|
{
|
||||||
return tvb_get_ntohl(tvb, offset + 4);
|
uLen = tvb_get_ntohl(tvb, offset + 4);
|
||||||
}
|
}
|
||||||
else
|
|
||||||
return tvb_reported_length_remaining(tvb, offset);
|
|
||||||
}
|
}
|
||||||
return 0;
|
return uLen;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int dissect_mq_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
|
static int dissect_mq_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
|
||||||
|
|
Loading…
Reference in New Issue