forked from osmocom/wireshark
Fix possible buffer overflow in col_append_sep_fstr()
After appending separator it might happen that len > max_len, in such case g_vsnprintf() will overflow the col_buf buffer. Change-Id: Ic5ff49d30e30509e835165c4cc7e72e31f92fd5f Reviewed-on: https://code.wireshark.org/review/1493 Reviewed-by: Evan Huus <eapache@gmail.com>
This commit is contained in:
parent
f13bbf2707
commit
984e52244f
|
@ -392,9 +392,11 @@ col_append_sep_fstr(column_info *cinfo, const gint el, const gchar *separator,
|
|||
len += sep_len;
|
||||
}
|
||||
}
|
||||
va_start(ap, format);
|
||||
g_vsnprintf(&cinfo->col_buf[i][len], max_len - len, format, ap);
|
||||
va_end(ap);
|
||||
if (len < max_len) {
|
||||
va_start(ap, format);
|
||||
g_vsnprintf(&cinfo->col_buf[i][len], max_len - len, format, ap);
|
||||
va_end(ap);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue