Gerald Combs wrote: > Jaap Keuter wrote: >> Hi list, >> >> There have been a renewed influx of fuzztest bugs, due to improved >> reporting. >> Now a lot have/are being fixed, but little has appeared on the 1.2.2 >> roadmap for backporting. >> Shouldn't this be done? > > I've added a couple of obvious ones to the list. The others are the > result of trying to add integer items with the wrong length, e.g. a > 20-byte FT_UINT32. As pointed out in bug 3884, we might want to have > proto.c handle this more gracefully instead of adding length checks to a > lot of dissectors. >
Great, thanks. On the way forward, there are two options for the API. Either the length is incorrectly programmed (a genuine bug in the dissector), or an invalid length is derived from the TVB (a protocol error). The first one should be a true assert, the second an expert item and a way to resync (if possible). Sounds like we really need these generic TLV routines. Thanx, Jaap ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
