From 2607a01b28aafb5b9cd78e99a1e243b2d2c659ea Mon Sep 17 00:00:00 2001 From: Peter Hatina Date: Wed, 4 Sep 2013 10:03:57 +0200 Subject: [PATCH] fix string overrun in plugins/profinet --- wireshark-1.8.x-dcom-string-overrun.patch | 13 +++++++++++++ wireshark.spec | 7 ++++++- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 wireshark-1.8.x-dcom-string-overrun.patch diff --git a/wireshark-1.8.x-dcom-string-overrun.patch b/wireshark-1.8.x-dcom-string-overrun.patch new file mode 100644 index 0000000..37ba79f --- /dev/null +++ b/wireshark-1.8.x-dcom-string-overrun.patch @@ -0,0 +1,13 @@ +diff --git a/plugins/profinet/packet-dcom-cba.c b/plugins/profinet/packet-dcom-cba.c +index 967b8e6..cbb628c 100644 +--- a/plugins/profinet/packet-dcom-cba.c ++++ b/plugins/profinet/packet-dcom-cba.c +@@ -553,7 +553,7 @@ dissect_ICBAPhysicalDevice_get_LogicalDevice_rqst(tvbuff_t *tvb, int offset, + packet_info *pinfo, proto_tree *tree, guint8 *drep) + { + guint32 u32Pointer; +- gchar szStr[1000]; ++ gchar szStr[1000] = ""; + guint32 u32MaxStr = sizeof(szStr); + dcerpc_info *info = (dcerpc_info *) pinfo->private_data; + gchar *call; diff --git a/wireshark.spec b/wireshark.spec index dede5cd..a489989 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -21,7 +21,7 @@ Summary: Network traffic analyzer Name: wireshark Version: 1.10.0 -Release: 7%{?dist} +Release: 8%{?dist} License: GPL+ Group: Applications/Internet Source0: http://wireshark.org/download/src/%{name}-%{version}.tar.bz2 @@ -41,6 +41,7 @@ Patch4: wireshark-1.6.1-group-msg.patch Patch5: wireshark-1.6.0-soname.patch Patch6: wireshark-1.8.x-pod2man-encoding.patch Patch7: wireshark-1.8.x-flow-graph-crash.patch +Patch8: wireshark-1.8.x-dcom-string-overrun.patch Url: http://www.wireshark.org/ BuildRequires: libpcap-devel >= 0.9 @@ -141,6 +142,7 @@ and plugins. %patch5 -p1 -b .soname %patch6 -p1 -b .pod2man %patch7 -p1 -b .flow-graph-crash +%patch8 -p1 -b .dcom-overrun %build %ifarch s390 s390x sparcv9 sparc64 @@ -368,6 +370,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %{_datadir}/aclocal/* %changelog +* Wed Sep 04 2013 Peter Hatina - 1.10.0-8 +- fix string overrun in plugins/profinet + * Tue Sep 03 2013 Peter Hatina - 1.10.0-7 - fix BuildRequires - libgcrypt-devel