[wireshark] fix string overrun in plugins/profinet
Peter Hatina
phatina at fedoraproject.org
Wed Sep 4 09:10:13 UTC 2013
commit 2607a01b28aafb5b9cd78e99a1e243b2d2c659ea
Author: Peter Hatina <phatina at redhat.com>
Date: Wed Sep 4 10:03:57 2013 +0200
fix string overrun in plugins/profinet
wireshark-1.8.x-dcom-string-overrun.patch | 13 +++++++++++++
wireshark.spec | 7 ++++++-
2 files changed, 19 insertions(+), 1 deletions(-)
---
diff --git a/wireshark-1.8.x-dcom-string-overrun.patch b/wireshark-1.8.x-dcom-string-overrun.patch
new file mode 100644
index 0000000..37ba79f
--- /dev/null
+++ b/wireshark-1.8.x-dcom-string-overrun.patch
@@ -0,0 +1,13 @@
+diff --git a/plugins/profinet/packet-dcom-cba.c b/plugins/profinet/packet-dcom-cba.c
+index 967b8e6..cbb628c 100644
+--- a/plugins/profinet/packet-dcom-cba.c
++++ b/plugins/profinet/packet-dcom-cba.c
+@@ -553,7 +553,7 @@ dissect_ICBAPhysicalDevice_get_LogicalDevice_rqst(tvbuff_t *tvb, int offset,
+ packet_info *pinfo, proto_tree *tree, guint8 *drep)
+ {
+ guint32 u32Pointer;
+- gchar szStr[1000];
++ gchar szStr[1000] = "";
+ guint32 u32MaxStr = sizeof(szStr);
+ dcerpc_info *info = (dcerpc_info *) pinfo->private_data;
+ gchar *call;
diff --git a/wireshark.spec b/wireshark.spec
index dede5cd..a489989 100644
--- a/wireshark.spec
+++ b/wireshark.spec
@@ -21,7 +21,7 @@
Summary: Network traffic analyzer
Name: wireshark
Version: 1.10.0
-Release: 7%{?dist}
+Release: 8%{?dist}
License: GPL+
Group: Applications/Internet
Source0: http://wireshark.org/download/src/%{name}-%{version}.tar.bz2
@@ -41,6 +41,7 @@ Patch4: wireshark-1.6.1-group-msg.patch
Patch5: wireshark-1.6.0-soname.patch
Patch6: wireshark-1.8.x-pod2man-encoding.patch
Patch7: wireshark-1.8.x-flow-graph-crash.patch
+Patch8: wireshark-1.8.x-dcom-string-overrun.patch
Url: http://www.wireshark.org/
BuildRequires: libpcap-devel >= 0.9
@@ -141,6 +142,7 @@ and plugins.
%patch5 -p1 -b .soname
%patch6 -p1 -b .pod2man
%patch7 -p1 -b .flow-graph-crash
+%patch8 -p1 -b .dcom-overrun
%build
%ifarch s390 s390x sparcv9 sparc64
@@ -368,6 +370,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%{_datadir}/aclocal/*
%changelog
+* Wed Sep 04 2013 Peter Hatina <phatina at redhat.com> - 1.10.0-8
+- fix string overrun in plugins/profinet
+
* Tue Sep 03 2013 Peter Hatina <phatina at redhat.com> - 1.10.0-7
- fix BuildRequires - libgcrypt-devel
More information about the scm-commits
mailing list