osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Fix use of uninitialized field 

ssl_print_string uses out->data_len to determine the length of the
printed data, but this was not set. Use ssl_data_set for that and add an
additional DISSECTOR_ASSERT just in case we change something here.

Reported by Alexis La Goutte, found by Clang static analyzer.

Change-Id: I630a9193ff1ece86a0a46924dd86591fedf5c595
Reviewed-on: https://code.wireshark.org/review/3261
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This commit is contained in:
Peter Wu 2014-07-30 15:07:24 +02:00 committed by Michael Mann
parent dcf6d44b7f
commit 9ed85d1de9
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
epan/dissectors/packet-ssl-utils.c
View File

@ -2265,7 +2265,8 @@ ssl3_generate_export_iv(StringInfo *r1, StringInfo *r2,
ssl_md5_final(tmp,&md5);
ssl_md5_cleanup(&md5);
memcpy(out->data, tmp, out_len);
DISSECTOR_ASSERT(out_len <= sizeof(tmp));
ssl_data_set(out, tmp, out_len);
ssl_print_string("export iv", out);
}