ncp2222: don't overflow buffer constructing string

author Evan Huus <eapache@gmail.com>

Mon, 13 Oct 2014 16:55:40 +0000 (12:55 -0400)

committer Evan Huus <eapache@gmail.com>

Mon, 13 Oct 2014 16:59:51 +0000 (16:59 +0000)
author Evan Huus <eapache@gmail.com>
Mon, 13 Oct 2014 16:55:40 +0000 (12:55 -0400)
committer Evan Huus <eapache@gmail.com>
Mon, 13 Oct 2014 16:59:51 +0000 (16:59 +0000)
diff --git a/epan/dissectors/packet-ncp2222.inc b/epan/dissectors/packet-ncp2222.inc

index 0fa0d25d35ff0a345ee098daab5a8c1be990eea7..2dab4d0e8747a41175bb16541d6d65bbf1a132d5 100644 (file)
--- a/epan/dissectors/packet-ncp2222.inc
+++ b/epan/dissectors/packet-ncp2222.inc
@@ -2755,8 +2755,7 @@ build_expert_data(proto_tree *ncp_tree, const char *hf_name, char *buffer,
              case 18:
              case 19:
              case 20:            /* string */
-                /* XXX: Should we verify: buffer_size is as large as value returned by get_finfo_length(...)  ???      */
-                uni_to_string(get_finfo_value_string(PTREE_FINFO(tree_pointer)), get_finfo_length(PTREE_FINFO(tree_pointer)), buffer);
+                uni_to_string(get_finfo_value_string(PTREE_FINFO(tree_pointer)), MIN(get_finfo_length(PTREE_FINFO(tree_pointer)), buffer_size), buffer);
                  if (repeat_lookup > 0) {
                      if (strlen(temp_buffer) + strlen(buffer) < 250) {
                          g_strlcat(temp_buffer, buffer, 256);
author	Evan Huus <eapache@gmail.com>
	Mon, 13 Oct 2014 16:55:40 +0000 (12:55 -0400)
committer	Evan Huus <eapache@gmail.com>
	Mon, 13 Oct 2014 16:59:51 +0000 (16:59 +0000)