Thus wrote Michael Tuexen ([email protected]): > On Jan 2, 2012, at 3:53 AM, Guy Harris wrote:
> > The Wireshark code to read pcap-NG files uses g_strndup() to make > > copies of the various "UTF-8 string[s]", so the strings in the file > > don't have to be null-terminated, and I would read the *lack* of any > > mention of null-termination in the spec as an indication that > I think g_strndup() is for being secure. Even if the spec requires the > string to be 0 terminated, you never know if the file you read > conforms to the spec. Since the option has a length field, using > g_strndup() is the way to go. I'm asking because there might be an issue with the current implementation. In pcapng_read_packet_block(), we have char option_content[100]; and call pcapng_read_option(..., &oh, option_content, sizeof(option_content), ...) for each option that we find. This function reads the option length, stores it in oh.option_length and reads oh.option_length bytes from the file into option_content. Then we do wblock->data.packet.opt_comment = g_strndup(option_content, sizeof(option_content)); where sizeof(option_content) is 100. If the option string is not 0-terminated, we end up copying the string + random bytes from the option_content buffer until there's a 0 or we reached 100. It's not that critial we but know the correct length and could do opt_comment = g_strndup(option_content, oh.option_length) instead. If you agree, I can open a bugzilla item with a patch and sample capture that has an unterminated comment. Best regards, Martin ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
