fix string overrun in plugins/profinet

2013-09-04 10:03:57 +02:00 · 2013-09-04 10:03:57 +02:00 · 2607a01b28
commit 2607a01b28
parent b22cb924ca
2 changed files with 19 additions and 1 deletions
--- a/wireshark-1.8.x-dcom-string-overrun.patch
+++ b/wireshark-1.8.x-dcom-string-overrun.patch
@ -0,0 +1,13 @@
+diff --git a/plugins/profinet/packet-dcom-cba.c b/plugins/profinet/packet-dcom-cba.c
+index 967b8e6..cbb628c 100644
+--- a/plugins/profinet/packet-dcom-cba.c
+++ b/plugins/profinet/packet-dcom-cba.c
+@@ -553,7 +553,7 @@ dissect_ICBAPhysicalDevice_get_LogicalDevice_rqst(tvbuff_t *tvb, int offset,
+     packet_info *pinfo, proto_tree *tree, guint8 *drep)
+ {
+     guint32      u32Pointer;
+-    gchar        szStr[1000];
+    gchar        szStr[1000] = "";
+     guint32      u32MaxStr = sizeof(szStr);
+     dcerpc_info *info      = (dcerpc_info *) pinfo->private_data;
+     gchar       *call;
--- a/wireshark.spec
+++ b/wireshark.spec
@ -21,7 +21,7 @@
 Summary:	Network traffic analyzer
 Name:		wireshark
 Version:	1.10.0
-Release:	7%{?dist}
+Release:	8%{?dist}
 License:	GPL+
 Group:		Applications/Internet
 Source0:	http://wireshark.org/download/src/%{name}-%{version}.tar.bz2
@ -41,6 +41,7 @@ Patch4:		wireshark-1.6.1-group-msg.patch
 Patch5:		wireshark-1.6.0-soname.patch
 Patch6:		wireshark-1.8.x-pod2man-encoding.patch
 Patch7:		wireshark-1.8.x-flow-graph-crash.patch
+Patch8:		wireshark-1.8.x-dcom-string-overrun.patch

 Url:		http://www.wireshark.org/
 BuildRequires:	libpcap-devel >= 0.9
@ -141,6 +142,7 @@ and plugins.
 %patch5 -p1 -b .soname
 %patch6 -p1 -b .pod2man
 %patch7 -p1 -b .flow-graph-crash
+%patch8 -p1 -b .dcom-overrun

 %build
 %ifarch s390 s390x sparcv9 sparc64
@ -368,6 +370,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %{_datadir}/aclocal/*

 %changelog
+* Wed Sep 04 2013 Peter Hatina <phatina@redhat.com> - 1.10.0-8
+- fix string overrun in plugins/profinet
+
 * Tue Sep 03 2013 Peter Hatina <phatina@redhat.com> - 1.10.0-7
 - fix BuildRequires - libgcrypt-devel