forked from osmocom/wireshark
giop: fix uninitialized use of request id
Move the req_id field to the "message-dependent data" section of the header struct, since in the spec I found it is not specified in the common GIOP header (even though it appears to be present in all message types). Regardless, this better reflects the fact that it is not initialized by the primary tvb_memcpy, only the independent fields are. Initialize it and use it rather than creating a local for no reason; fixes the possibility of using it uninitialized. Bug: 11123 Change-Id: I3bae1df5123fbb1f2b86f7c42cee392b5b045c4f Reviewed-on: https://code.wireshark.org/review/8087 Reviewed-by: Evan Huus <eapache@gmail.com>
This commit is contained in:
parent
32bbe0af23
commit
8825b55303
|
@ -4830,17 +4830,16 @@ static int dissect_giop_common (tvbuff_t * tvb, packet_info * pinfo, proto_tree
|
|||
fragment_head *fd_head = NULL;
|
||||
tvbuff_t *reassembled_tvb;
|
||||
guint frag_offset = 0;
|
||||
int request_id;
|
||||
|
||||
/* request id is the first 4 bytes */
|
||||
request_id = get_CDR_ulong(payload_tvb, &frag_offset, stream_is_big_endian, GIOP_HEADER_SIZE);
|
||||
header.req_id = get_CDR_ulong(payload_tvb, &frag_offset, stream_is_big_endian, GIOP_HEADER_SIZE);
|
||||
|
||||
if(header.message_type != Fragment)
|
||||
frag_offset = 0; /* Maintain the request id for everything but fragments */
|
||||
|
||||
fd_head = fragment_add_seq_next(&giop_reassembly_table,
|
||||
payload_tvb, frag_offset, pinfo,
|
||||
request_id, NULL,
|
||||
header.req_id, NULL,
|
||||
tvb_captured_length_remaining(payload_tvb, frag_offset),
|
||||
header.flags & GIOP_MESSAGE_FLAGS_FRAGMENT);
|
||||
|
||||
|
|
|
@ -56,10 +56,10 @@ typedef struct MessageHeader {
|
|||
guint8 flags; /* byte_order in 1.0 */
|
||||
guint8 message_type;
|
||||
guint32 message_size;
|
||||
guint32 req_id; /* request id in MSG */
|
||||
|
||||
/* MSG dependant data */
|
||||
|
||||
guint32 req_id; /* request id in MSG */
|
||||
guint32 rep_status; /* reply status in MSG if available */
|
||||
gchar *exception_id; /* exception string if a USER EXCEPTION occurs */
|
||||
|
||||
|
|
Loading…
Reference in New Issue