Date: Wed, 5 Sep 2012 15:59:55 +0000 (UTC) From: Joe Marcus Clarke <marcus@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r303711 - in head/net/wireshark: . files Message-ID: <201209051559.q85FxtQw064889@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: marcus Date: Wed Sep 5 15:59:55 2012 New Revision: 303711 URL: http://svn.freebsd.org/changeset/ports/303711 Log: Add a fix for CVE-2012-3548. PR: 171220 Submitted by: rea Obtained from: Wireshark bug 9009 Added: head/net/wireshark/files/patch-cve-2012-3548 (contents, props changed) Modified: head/net/wireshark/Makefile Modified: head/net/wireshark/Makefile ============================================================================== --- head/net/wireshark/Makefile Wed Sep 5 15:43:33 2012 (r303710) +++ head/net/wireshark/Makefile Wed Sep 5 15:59:55 2012 (r303711) @@ -7,6 +7,7 @@ PORTNAME?= wireshark PORTVERSION= 1.8.2 +PORTREVISION= 1 CATEGORIES= net ipv6 MASTER_SITES= http://www.wireshark.org/download/src/ \ http://ftp.uni-kl.de/pub/wireshark/src/ \ Added: head/net/wireshark/files/patch-cve-2012-3548 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/wireshark/files/patch-cve-2012-3548 Wed Sep 5 15:59:55 2012 (r303711) @@ -0,0 +1,23 @@ +Obtained-from: https://bugs.wireshark.org/bugzilla/attachment.cgi?id=9009&action=diff&context=patch&collapsed=&headers=1&format=raw + +--- epan/dissectors/packet-drda.c (revision 44689) ++++ epan/dissectors/packet-drda.c (working copy) +@@ -55,6 +55,7 @@ + #include <epan/packet.h> + #include <epan/conversation.h> + #include <epan/prefs.h> ++#include <epan/expert.h> + #include "packet-tcp.h" + + static int proto_drda = -1; +@@ -696,6 +697,10 @@ + { + iCommand = tvb_get_ntohs(tvb, offset + 8); + iLength = tvb_get_ntohs(tvb, offset + 0); ++ if (iLength < 10) { ++ expert_add_info_format(pinfo, NULL, PI_MALFORMED, PI_ERROR, "Invalid length detected (%u): should be at least 10 bytes long", iLength); ++ break; ++ } + /* iCommandEnd is the length of the packet up to the end of the current command */ + iCommandEnd += iLength; +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201209051559.q85FxtQw064889>