osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

RF4CE: NULL dereferences in packet-rf4ce_secur.c 

keypair_context_init and rf4ce_addr_table_add_addrs might be called with NULL for IEEE addresses. Check the input arguments for NULL before accessing them
This commit is contained in:
Sergio de Paula 2023-11-06 18:23:42 -03:00 committed by Gerald Combs
parent a5e0be51df
commit 88ce30d51b
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
epan/dissectors/packet-rf4ce-secur.c
View File

@ -46,6 +46,10 @@ guint8 DEFAULT_SECRET[SEC_STR_LEN] =
void keypair_context_init(const guint8 *controller_ieee, const guint8 *target_ieee, guint8 expected_transfer_count)
{
if ((controller_ieee == NULL) || (target_ieee == NULL))
{
return;
}
memset(&keypair_context, 0, sizeof(keypair_context_t));
memcpy(keypair_context.controller_addr, controller_ieee, RF4CE_IEEE_ADDR_LEN);
@ -196,6 +200,11 @@ void rf4ce_addr_table_add_addrs(const void *ieee_addr, guint16 short_addr)
{
guint idx = 0;
if (ieee_addr == NULL)
{
return;
}
/* search for addresses so as not to add duplicates */
while (idx < RF4CE_ADDR_TABLE_SIZE)
{