osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

dissectors: fix uint to int wrong sign promotion. 

The result of guint16 * guint16 can lead to a wrong sign promotion,
when the result is assigned a uint64. Fixed by forcing the operands
to be guint32.

CIDs:
1247713
1111813
1111812
1111811
1111810
1111809
1111808
1111807

Change-Id: Ibca08ee3766f6c79b933c3db7ccd1f8f906cb3fe
Reviewed-on: https://code.wireshark.org/review/27441
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
Dario Lombardo 2018-05-10 12:39:24 +02:00 committed by Anders Broman
parent d7ea76d1e5
commit 2af0e81071
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
epan/dissectors/file-elf.c
View File

@ -674,7 +674,7 @@ get_section_name_offset(tvbuff_t *tvb, guint64 shoff, guint16 shnum, guint16 she
if (shndx > shnum)
return NULL;
offset = value_guard(shoff + shndx * shentsize);
offset = value_guard(shoff + (guint32)shndx * (guint32)shentsize);
sh_name = (machine_encoding == ENC_BIG_ENDIAN) ? tvb_get_ntohl(tvb, offset) : tvb_get_letohl(tvb, offset);
return tvb_get_const_stringz(tvb, value_guard(shstrtab_offset + sh_name), NULL);
}
@ -1305,7 +1305,7 @@ dissect_elf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
if (phoff) {
segment_info[area_counter].offset = phoff;
segment_info[area_counter].size = phnum * phentsize;
segment_info[area_counter].size = (guint32)phnum * (guint32)phentsize;
segment_info[area_counter].name = "ProgramHeader";
area_counter += 1;
}
@ -1511,7 +1511,7 @@ dissect_elf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
}
offset += 4;
length = shoff + shstrndx * shentsize + 2 * 4 + 2 * register_size;
length = shoff + (guint32)shstrndx * (guint32)shentsize + 2 * 4 + 2 * register_size;
if (register_size == REGISTER_32_SIZE) {
shstrtab_offset = (machine_encoding == ENC_BIG_ENDIAN) ?
tvb_get_ntohl(tvb, value_guard(length)) : tvb_get_letohl(tvb, value_guard(length));

2
epan/dissectors/packet-s7comm.c
View File

@ -2258,7 +2258,7 @@ s7comm_get_timestring_from_s7time(tvbuff_t *tvb, guint offset, char *str, gint m
days = tvb_get_ntohs(tvb, offset + 4);
t = 441763200L; /* 1.1.1984 00:00:00 */
t += days * (24*60*60);
t += (guint32)days * (24*60*60);
t += day_msec / 1000;
mt = gmtime(&t);
str[0] = '\0';