osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

wscbor: Ensure skip if errors advances the offset 

wscbor_skip_next_item should not return to the beginning offset
if there are errors, because this makes wscbor_skip_if_errors
do the opposite of what it claims. In the case where the errors
involve having far too many items in a list, this can cause
memory exhaustion or infinite loops.

Fix #18782. Fix #18840.
This commit is contained in:
John Thacker 2023-02-08 15:45:30 -05:00
parent 2031c3278b
commit 0c79fecac3
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
epan/wscbor.c
View File

@ -368,7 +368,6 @@ gboolean wscbor_is_indefinite_break(const wscbor_chunk_t *chunk) {
static gboolean wscbor_skip_next_item_internal(wmem_allocator_t *alloc, tvbuff_t *tvb, gint *offset, gboolean *is_break) {
wscbor_chunk_t *chunk = wscbor_chunk_read(alloc, tvb, offset);
if (wscbor_has_errors(chunk)) {
*offset = chunk->start;
wscbor_chunk_free(chunk);
return FALSE;
}