diff options
Diffstat (limited to 'meta-openembedded/meta-networking/recipes-support/wireshark/files/CVE-2023-2879.patch')
-rw-r--r-- | meta-openembedded/meta-networking/recipes-support/wireshark/files/CVE-2023-2879.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/files/CVE-2023-2879.patch b/meta-openembedded/meta-networking/recipes-support/wireshark/files/CVE-2023-2879.patch new file mode 100644 index 0000000000..0a8247923e --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/wireshark/files/CVE-2023-2879.patch @@ -0,0 +1,37 @@ +From 118815ca7c9f82c1f83f8f64d9e0e54673f31677 Mon Sep 17 00:00:00 2001 +From: John Thacker <johnthacker@gmail.com> +Date: Sat, 13 May 2023 21:45:16 -0400 +Subject: [PATCH] GDSDB: Make sure our offset advances. + +add_uint_string() returns the next offset to use, not the number +of bytes consumed. So to consume all the bytes and make sure the +offset advances, return the entire reported tvb length, not the +number of bytes remaining. + +Fixup 8d3c2177793e900cfc7cfaac776a2807e4ea289f +Fixes #19068 + +Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/118815ca7c9f82c1f83f8f64d9e0e54673f31677] +CVE: CVE-2023-2879 + +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + epan/dissectors/packet-gdsdb.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/epan/dissectors/packet-gdsdb.c b/epan/dissectors/packet-gdsdb.c +index 75bcfb9..950d68f 100644 +--- a/epan/dissectors/packet-gdsdb.c ++++ b/epan/dissectors/packet-gdsdb.c +@@ -480,7 +480,7 @@ static int add_uint_string(proto_tree *tree, int hf_string, tvbuff_t *tvb, int o + int ret_offset = offset + length; + if (length < 4 || ret_offset < offset) { + expert_add_info_format(NULL, ti, &ei_gdsdb_invalid_length, "Invalid length: %d", length); +- return tvb_reported_length_remaining(tvb, offset); ++ return tvb_reported_length(tvb); + } + return ret_offset; + } +-- +2.25.1 + |