osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

coap: ensure that piv_len matches piv 

In frame 121, piv_len was 1 while piv was NULL. Ensure that both piv and
piv_len are reset to avoid this. Adjust another check to ensure that piv
and piv_len are in sync (probably not necessary, but it seems the
intention).

Bug: 15172
Change-Id: If8636d32f3273d6707749c807bd7d676ca9ab96d
Fixes: v2.5.2rc0-9-g830ea5731a ("CoAP: Hooks to OSCORE")
Reviewed-on: https://code.wireshark.org/review/30100
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
Peter Wu 2018-10-09 19:18:34 +02:00 committed by Anders Broman
parent e1fc60ddae
commit 5a2aafef7a
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
epan/dissectors/packet-coap.c
View File

@ -451,8 +451,11 @@ dissect_coap_opt_object_security(tvbuff_t *tvb, proto_item *head_item, proto_tre
coinfo->object_security = TRUE;
coinfo->oscore_info->piv = NULL;
coinfo->oscore_info->piv_len = 0;
coinfo->oscore_info->kid_context = NULL;
coinfo->oscore_info->kid_context_len = 0;
coinfo->oscore_info->kid = NULL;
coinfo->oscore_info->kid_len = 0;
if (opt_length == 0) { /* option length is zero, means flag byte is 0x00*/
/* add info to the head of the packet detail */
@ -1148,11 +1151,9 @@ dissect_coap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* d
/* Indicate to OSCORE that this response contains its own PIV */
coinfo->oscore_info->piv_in_response = TRUE;
coap_trans->oscore_info->piv_in_response = TRUE;
} else {
if (coap_trans->oscore_info->piv) {
/* Use the PIV from the request */
coinfo->oscore_info->piv = (guint8 *) wmem_memdup(wmem_packet_scope(), coap_trans->oscore_info->piv, coap_trans->oscore_info->piv_len);
}
} else if (coap_trans->oscore_info->piv_len > 0) {
/* Use the PIV from the request */
coinfo->oscore_info->piv = (guint8 *) wmem_memdup(wmem_packet_scope(), coap_trans->oscore_info->piv, coap_trans->oscore_info->piv_len);
coinfo->oscore_info->piv_len = coap_trans->oscore_info->piv_len;
}
coinfo->oscore_info->response = TRUE;