forked from osmocom/wireshark
gsm-rlcmac: use wmem_new0 for a struct
Fixes "Conditional jump or move depends on uninitialised value" from Valgrind. I couldn't really figure out how this code was supposed to function, it seems to initialize one member of the union and then expect *all* the others to just magically work (which they apparently do in most cases, oddly). The real bug could be in csnStreamDissector or who knows, but this at least turns "garbage data" into "zeros" which makes valgrind happy and turns a potential vuln into at worst a bad decoding. Bug: 10891 Change-Id: Ia29dd625b46b3b76ff521b4203148fe8b0c59ec3 Reviewed-on: https://code.wireshark.org/review/6769 Petri-Dish: Evan Huus <eapache@gmail.com> Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Evan Huus <eapache@gmail.com>
This commit is contained in:
parent
abf5703ddb
commit
d50b27f4ce
|
@ -7864,7 +7864,7 @@ dissect_gsm_rlcmac_downlink(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
|
|||
RlcMacPrivateData_t *rlc_mac = (RlcMacPrivateData_t*)data;
|
||||
|
||||
/* allocate a data structure and guess the coding scheme */
|
||||
rlc_dl = (RlcMacDownlink_t *)wmem_new(wmem_packet_scope(), RlcMacDownlink_t);
|
||||
rlc_dl = wmem_new0(wmem_packet_scope(), RlcMacDownlink_t);
|
||||
|
||||
if ((rlc_mac != NULL) && (rlc_mac->magic == GSM_RLC_MAC_MAGIC_NUMBER))
|
||||
{
|
||||
|
@ -7917,7 +7917,7 @@ dissect_gsm_rlcmac_uplink(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, v
|
|||
RlcMacPrivateData_t *rlc_mac = (RlcMacPrivateData_t*)data;
|
||||
|
||||
/* allocate a data structure and set the coding scheme */
|
||||
rlc_ul = (RlcMacUplink_t*)wmem_new(wmem_packet_scope(), RlcMacUplink_t);
|
||||
rlc_ul = wmem_new0(wmem_packet_scope(), RlcMacUplink_t);
|
||||
|
||||
if ((rlc_mac != NULL) && (rlc_mac->magic == GSM_RLC_MAC_MAGIC_NUMBER))
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue