From: guy <guy>
Date: Thu, 16 Jun 2005 01:19:38 +0000 (+0000)
Subject: Add some sanity checking of the arguments to "print_unknown_data()", as
X-Git-Tag: tcpdump-4.0.0~385
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/db34d9c99d8e8ea82248117dc8dbcf5e971ae361

Add some sanity checking of the arguments to "print_unknown_data()", as
per the problems found by Gerald Combs.
---

diff --git a/util.c b/util.c
index 4e04b0a9..178525d4 100644
--- a/util.c
+++ b/util.c
@@ -21,7 +21,7 @@
 
 #ifndef lint
 static const char rcsid[] _U_ =
-    "@(#) $Header: /tcpdump/master/tcpdump/util.c,v 1.99 2005-05-06 08:26:45 guy Exp $ (LBL)";
+    "@(#) $Header: /tcpdump/master/tcpdump/util.c,v 1.100 2005-06-16 01:19:38 guy Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -242,8 +242,18 @@ relts_print(int secs)
 int
 print_unknown_data(const u_char *cp,const char *ident,int len)
 {
+	if (len < 0) {
+		printf("%sDissector error: print_unknown_data called with negative length",
+		    ident);
+		return(0);
+	}
 	if (snapend - cp < len)
 		len = snapend - cp;
+	if (len < 0) {
+		printf("%sDissector error: print_unknown_data called with pointer past end of packet",
+		    ident);
+		return(0);
+	}
         hex_print(ident,cp,len);
 	return(1); /* everything is ok */
 }