Fix use of uninitialized field
ssl_print_string uses out->data_len to determine the length of the printed data, but this was not set. Use ssl_data_set for that and add an additional DISSECTOR_ASSERT just in case we change something here. Reported by Alexis La Goutte, found by Clang static analyzer. Change-Id: I630a9193ff1ece86a0a46924dd86591fedf5c595 Reviewed-on: https://code.wireshark.org/review/3261 Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Reviewed-by: Michael Mann <mmann78@netscape.net>
This commit is contained in:
parent
dcf6d44b7f
commit
9ed85d1de9
|
@ -2265,7 +2265,8 @@ ssl3_generate_export_iv(StringInfo *r1, StringInfo *r2,
|
|||
ssl_md5_final(tmp,&md5);
|
||||
ssl_md5_cleanup(&md5);
|
||||
|
||||
memcpy(out->data, tmp, out_len);
|
||||
DISSECTOR_ASSERT(out_len <= sizeof(tmp));
|
||||
ssl_data_set(out, tmp, out_len);
|
||||
ssl_print_string("export iv", out);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue