upgrade to 1.4.3
This commit is contained in:
parent
ca6292a2a5
commit
7b96f14baf
1
.gitignore
vendored
1
.gitignore
vendored
@ -3,3 +3,4 @@ wireshark-1.2.10.tar.bz2
|
||||
/wireshark-1.4.0.tar.bz2
|
||||
/wireshark-1.4.1.tar.bz2
|
||||
/wireshark-1.4.2.tar.bz2
|
||||
/wireshark-1.4.3.tar.bz2
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
5429561935ea0d1ee572793b55446918 wireshark-1.4.2.tar.bz2
|
||||
ac3dcc8c128c38d9ef3d9c93d1dec83e wireshark-1.4.3.tar.bz2
|
||||
|
@ -1,53 +0,0 @@
|
||||
666897 - Wireshark: Array index error in ENTTEC dissector
|
||||
|
||||
commit 66966b531c0aff764644989a5bcda2b6ce46b51f
|
||||
Author: gerald <gerald@f5534014-38df-0310-8fa8-9805f1628bb7>
|
||||
Date: Fri Dec 31 22:24:06 2010 +0000
|
||||
|
||||
From FRAsse via bug 5539:
|
||||
|
||||
There's a buffer overflow in ENTTEC DMX Data RLE, leading to crashes and
|
||||
potential code execution.
|
||||
|
||||
From me: ep_allocate our buffers.
|
||||
|
||||
|
||||
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35318 f5534014-38df-0310-8fa8-9805f1628bb7
|
||||
|
||||
diff --git a/epan/dissectors/packet-enttec.c b/epan/dissectors/packet-enttec.c
|
||||
index 6e6cccc..66d3e18 100644
|
||||
--- a/epan/dissectors/packet-enttec.c
|
||||
+++ b/epan/dissectors/packet-enttec.c
|
||||
@@ -193,8 +193,8 @@ dissect_enttec_dmx_data(tvbuff_t *tvb, guint offset, proto_tree *tree)
|
||||
"%3u: %s"
|
||||
};
|
||||
|
||||
- static guint8 dmx_data[512];
|
||||
- static guint16 dmx_data_offset[513]; /* 1 extra for last offset */
|
||||
+ guint8 *dmx_data = ep_alloc(512 * sizeof(guint8));
|
||||
+ guint16 *dmx_data_offset = ep_alloc(513 * sizeof(guint16)); /* 1 extra for last offset */
|
||||
emem_strbuf_t *dmx_epstr;
|
||||
|
||||
proto_tree *hi,*si;
|
||||
@@ -225,10 +225,10 @@ dissect_enttec_dmx_data(tvbuff_t *tvb, guint offset, proto_tree *tree)
|
||||
length = 512;
|
||||
|
||||
if (type == ENTTEC_DATA_TYPE_RLE) {
|
||||
- /* uncompres the DMX data */
|
||||
+ /* uncompress the DMX data */
|
||||
ui = 0;
|
||||
ci = 0;
|
||||
- while (ci < length) {
|
||||
+ while (ci < length && ui < 512) {
|
||||
v = tvb_get_guint8(tvb, offset+ci);
|
||||
if (v == 0xFE) {
|
||||
ci++;
|
||||
@@ -236,7 +236,7 @@ dissect_enttec_dmx_data(tvbuff_t *tvb, guint offset, proto_tree *tree)
|
||||
ci++;
|
||||
v = tvb_get_guint8(tvb, offset+ci);
|
||||
ci++;
|
||||
- for (i=0;i < count;i++) {
|
||||
+ for (i=0;i < count && ui < 512;i++) {
|
||||
dmx_data[ui] = v;
|
||||
dmx_data_offset[ui] = ci-3;
|
||||
ui++;
|
@ -10,8 +10,8 @@
|
||||
|
||||
Summary: Network traffic analyzer
|
||||
Name: wireshark
|
||||
Version: 1.4.2
|
||||
Release: 5%{?dist}
|
||||
Version: 1.4.3
|
||||
Release: 1%{?dist}
|
||||
License: GPL+
|
||||
Group: Applications/Internet
|
||||
Source0: http://wireshark.org/download/src/%{name}-%{version}.tar.bz2
|
||||
@ -30,7 +30,6 @@ Patch2: wireshark-1.2.4-enable_lua.patch
|
||||
Patch3: wireshark-libtool-pie.patch
|
||||
Patch4: wireshark-1.4.0-doc-path.patch
|
||||
Patch5: wireshark-1.4.2-group-msg.patch
|
||||
Patch6: wireshark-1.4.2-enttec-overflow.patch
|
||||
|
||||
Url: http://www.wireshark.org/
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
@ -105,7 +104,6 @@ and plugins.
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1 -b .group-msg
|
||||
%patch6 -p1 -b .enttec-overflow
|
||||
|
||||
%build
|
||||
%ifarch s390 s390x sparcv9 sparc64
|
||||
@ -303,6 +301,10 @@ fi
|
||||
%{_sbindir}/idl2wrs
|
||||
|
||||
%changelog
|
||||
* Thu Jan 13 2011 Jan Safranek <jsafrane@redhat.com> - 1.4.3
|
||||
- upgrade to 1.4.3
|
||||
- see http://www.wireshark.org/docs/relnotes/wireshark-1.4.3.html
|
||||
|
||||
* Wed Jan 5 2011 Jan Safranek <jsafrane@redhat.com> - 1.4.2-5
|
||||
- fixed buffer overflow in ENTTEC dissector (#666897)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user