Fix mis-allocated key size as caught by valgrind.

We have to divide the 'length' field to work with guint32 pointer arithmetic,
but we still want to allocate and memcpy the original length value, since
both of those operate in raw bytes, not blocks of sizeof(guint32).

svn path=/trunk/; revision=43901

epan/dissectors/packet-reload-framing.c

@@ -178,19 +178,24 @@ dissect_reload_framing_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tr
   transaction_id_key[0].length = 1;
   transaction_id_key[0].key = &sequence; /* sequence number */
 
+  /* When the se_tree_* functions iterate through the keys, they
+   * perform pointer arithmetic with guint32s, so we have to divide
+   * our length fields by that to make things work, but we still want
+   * to g_malloc and memcpy the entire amounts, since those both operate
+   * in raw bytes. */
   if (type==DATA) {
     transaction_id_key[1].length = 1;
     transaction_id_key[1].key = &pinfo->srcport;
-    transaction_id_key[2].length = (pinfo->src.len)>>2;
-    transaction_id_key[2].key = g_malloc(transaction_id_key[2].length);
-    memcpy(transaction_id_key[2].key, pinfo->src.data, transaction_id_key[2].length);
+    transaction_id_key[2].length = (pinfo->src.len) / sizeof(guint32);
+    transaction_id_key[2].key = g_malloc(pinfo->src.len);
+    memcpy(transaction_id_key[2].key, pinfo->src.data, pinfo->src.len);
   }
   else {
     transaction_id_key[1].length = 1;
     transaction_id_key[1].key = &pinfo->destport;
-    transaction_id_key[2].length = (pinfo->dst.len)>>2;
-    transaction_id_key[2].key = g_malloc(transaction_id_key[2].length);
-    memcpy(transaction_id_key[2].key, pinfo->dst.data, transaction_id_key[2].length);
+    transaction_id_key[2].length = (pinfo->dst.len) / sizeof(guint32);
+    transaction_id_key[2].key = g_malloc(pinfo->dst.len);
+    memcpy(transaction_id_key[2].key, pinfo->dst.data, pinfo->dst.len);
   }
   transaction_id_key[3].length=0;
   transaction_id_key[3].key=NULL;