forked from osmocom/wireshark
c67c6e8f30
proto_item_get_len() is *not* guaranteed to return a correct value. Even if there's a non-null tree item, it might be pointing to a "faked" item; it really shouldn't be used. So add proto_tree_add_item_ret_length() and proto_tree_add_item_new_ret_length(), which calculate the real length themselves and return it through a pointer. Fix as many places as we straightforwardly can to use them rather than to use proto_item_get_len(). (There's a Lua API for proto_item_get_len(), so we keep it around, but we should add Lua APIs for the new routines, and deprecate the old API.) Fix ptvcursor_add() to do the same thing that proto_tree_add_item_ret_length() and proto_tree_add_item_new_ret_length() do. Split the TRY_TO_FAKE_THIS_ITEM macros into a macro to check for the tree being null and to try to fake the item. We don't always use the former macro, as we might need to do more than just return NULL if the incoming tree is null (for example, calculating the item's real length and using it...). new_field_info() never returns NULL; remove checks for it. The check for a null tree is done before the calls to new_field_info(). Change-Id: I002a218d1f810c73e0de837e0ac6ebcde21bacec Reviewed-on: https://code.wireshark.org/review/13139 Reviewed-by: Guy Harris <guy@alum.mit.edu> |
||
---|---|---|
.. | ||
patches | ||
po | ||
source | ||
README.Debian | ||
README.Debian.security | ||
changelog | ||
compat | ||
control | ||
copyright | ||
dirs | ||
ethereal-common.NEWS | ||
geoip_db_paths | ||
headers-check.c | ||
libwireshark-data.install | ||
libwireshark-dev.install | ||
libwireshark0.install | ||
libwireshark0.symbols | ||
libwiretap-dev.install | ||
libwiretap0.docs | ||
libwiretap0.install | ||
libwiretap0.symbols | ||
libwscodecs0.install | ||
libwscodecs0.symbols | ||
libwsutil-dev.install | ||
libwsutil0.install | ||
libwsutil0.symbols | ||
license-text-about-dialog | ||
postinst | ||
rules | ||
templates | ||
tshark.docs | ||
tshark.install | ||
tshark.manpages | ||
wireshark-common.config | ||
wireshark-common.install | ||
wireshark-common.manpages | ||
wireshark-common.postinst | ||
wireshark-common.postrm | ||
wireshark-dev.docs | ||
wireshark-dev.install | ||
wireshark-dev.manpages | ||
wireshark-dev.prerm | ||
wireshark-doc.docs | ||
wireshark-gtk.docs | ||
wireshark-gtk.install | ||
wireshark-qt.docs | ||
wireshark-qt.install | ||
wireshark-qt.manpages |
README.Debian.security
Handling security fixes in source package wireshark Wireshark is a network protocol analyzer and it's ability to perform deep packet inspection in live traffic may encourage users to use Wireshark/Tshark as a part of an intrusion detection or traffic monitoring system. In that case, please note that Wireshark/Tshark may contain remotely triggerable bugs causing crashes or allowing code injection. Bugs allowing code injection will be fixed in regular Debian Security Advisories, but fixes for pure crash bugs may be delayed. -- Balint Reczey <balint@balintreczey.hu> Fri, 10 Jul 2009 15:38:33 +0200