EAP: Remove a couple of string length assumptions.

Don't assume our MNC and MCC string lengths are > 3. Bug: 16397 Change-Id: I0759dcb9d0c5f078cf3a98e9323d9cb741e15dd4 Reviewed-on: https://code.wireshark.org/review/36146 Reviewed-by: Gerald Combs <gerald@wireshark.org> Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
2020-02-21 10:19:35 -08:00 · 2020-02-21 10:19:35 -08:00 · 8bda8642df
parent 8953da8975
commit 8bda8642df
1 changed files with 2 additions and 1 deletions
--- a/epan/dissectors/packet-eap.c
+++ b/epan/dissectors/packet-eap.c
@ -612,7 +612,8 @@ dissect_eap_identity_wlan(tvbuff_t *tvb, packet_info* pinfo, proto_tree* tree, i
  }

  /* guess if we have a 3 bytes mnc by comparing the first bytes with the imsi */
-  if (!sscanf(tokens[2] + 3, "%u", &mnc) || !sscanf(tokens[3] + 3, "%u", &mcc)) {
+  /* XXX Should we force matches on "mnc" and "mmc"? */
+  if (!sscanf(tokens[2], "%*3c%u", &mnc) || !sscanf(tokens[3], "%*3c%u", &mcc)) {
    ret = FALSE;
    goto end;
  }