2013-09-10 10:16:03 +00:00
|
|
|
From: Peter Hatina <phatina@redhat.com>
|
|
|
|
Date: Wed, 4 Sep 2013 10:03:57 +0200
|
2013-11-13 11:53:53 +00:00
|
|
|
Subject: [PATCH] fix string overrun in plugins/profinet
|
2013-09-10 10:16:03 +00:00
|
|
|
|
|
|
|
|
New version 2.6.0
Fix for CVE-2018-9256, CVE-2018-9257, CVE-2018-9258, CVE-2018-9259, CVE-2018-9260, CVE-2018-9261, CVE-2018-9262, CVE-2018-9263, CVE-2018-9264, CVE-2018-9265, CVE-2018-9266, CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270, CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274
Switch from autotools to cmake
Removed python2-devel(#1560284) and libssh2-devel from dependencies
Removed python scripts
2018-05-02 11:34:24 +00:00
|
|
|
diff --git a/plugins/epan/profinet/packet-dcom-cba.c b/plugins/epan/profinet/packet-dcom-cba.c
|
2014-08-07 14:35:19 +00:00
|
|
|
index 0f1658a..f7fd322 100644
|
New version 2.6.0
Fix for CVE-2018-9256, CVE-2018-9257, CVE-2018-9258, CVE-2018-9259, CVE-2018-9260, CVE-2018-9261, CVE-2018-9262, CVE-2018-9263, CVE-2018-9264, CVE-2018-9265, CVE-2018-9266, CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270, CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274
Switch from autotools to cmake
Removed python2-devel(#1560284) and libssh2-devel from dependencies
Removed python scripts
2018-05-02 11:34:24 +00:00
|
|
|
--- a/plugins/epan/profinet/packet-dcom-cba.c
|
|
|
|
+++ b/plugins/epan/profinet/packet-dcom-cba.c
|
2016-01-14 10:56:55 +00:00
|
|
|
@@ -555,7 +555,7 @@ dissect_ICBAPhysicalDevice_get_LogicalDevice_rqst(tvbuff_t *tvb, int offset,
|
2014-08-07 14:35:19 +00:00
|
|
|
packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep)
|
2013-09-04 08:03:57 +00:00
|
|
|
{
|
|
|
|
guint32 u32Pointer;
|
|
|
|
- gchar szStr[1000];
|
|
|
|
+ gchar szStr[1000] = "";
|
|
|
|
guint32 u32MaxStr = sizeof(szStr);
|
|
|
|
gchar *call;
|
2014-08-07 14:35:19 +00:00
|
|
|
|