packet-sigcomp.c: Prevent large shift

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1232
Bug: 13641
Change-Id: I6e53d07dd03a5b637ca27884fad32ba5f7a85d0e
Reviewed-on: https://code.wireshark.org/review/21369
Reviewed-by: Michael Mann <mmann78@netscape.net>

diff --git a/epan/dissectors/packet-sigcomp.c b/epan/dissectors/packet-sigcomp.c
index d5bb66d050916889bf900917e742501ea4d5dbf7..20ff5823fb312d4b66199974d4d05f57f707c27e 100644 (file)
--- a/epan/dissectors/packet-sigcomp.c
+++ b/epan/dissectors/packet-sigcomp.c
@@ -3803,6 +3803,9 @@ execute_next_instruction:
                 proto_tree_add_uint_format(udvm_tree, hf_udvm_bits, bytecode_tvb, offset, (next_operand_address-operand_address), bits_n,
                                     "Addr: %u      bits_n %u", operand_address, bits_n);
             }
+            if (bits_n > 31)
+                break;
+
             offset += (next_operand_address-operand_address);
             operand_address = next_operand_address;