forked from osmocom/wireshark
ber: fix buffer overrun when handling empty sets
When a set is empty, only a terminator (ber_sequence_t with NULL func) is present. In that case, do not try to find more values as that will never succeed. Bug: 12106 Change-Id: I26cd4ba84a9580e92d5921592a27c2af17c0bebf Reviewed-on: https://code.wireshark.org/review/14028 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This commit is contained in:
parent
c31425f9ae
commit
55b5b7caf3
|
@ -2594,6 +2594,10 @@ printf("SET dissect_ber_set(%s) entered\n", name);
|
|||
|
||||
cset = set; /* reset to the beginning */
|
||||
set_idx = 0;
|
||||
/* If the set has no values, there is no point in trying again. */
|
||||
if (!cset->func) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if ((first_pass && ((cset->ber_class == ber_class) && (cset->tag == tag))) ||
|
||||
|
|
Loading…
Reference in New Issue