Re: reported_length < -1

[Pascal Quantin <pascal.quantin () gmail com>]

2013/9/7 Martin Kaiser <lists () kaiser cx>

> Dear all,
>
> I stumbled on
>
> tvb_new_subset(tvb, 10, (tvb_get_guint8(tvb, 1) - 2), (tvb_get_guint8(tvb,
> 1) - 2));
>
> If tvb_get_guint8(tvb, 1)==0, we throw an exception because of
> backing_length - that makes sense.
>
> As for reported_length<-1, it looks like that's ok when the tvb is
> created. There'll be an exception when it's accessed, we'll always be
> out of bounds.
>
> Is there a valid use case for reported_length<-1?

I Martin,

I (wrongly?) assumed that it would automatically throw an exception (as I
found at least one other code line like this in the source tree) so I did
not add an explicit check on the size before creating the tvb.
I do not see any valid use case either.

Pascal.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe