Overview

File wireshark-0105-CVE-2024-4853.patch of Package wireshark.38548

From 7c744e7933794b09e7af4d9703194ad0b01be282 Mon Sep 17 00:00:00 2001
From: John Thacker <johnthacker@gmail.com>
Date: Fri, 29 Mar 2024 09:42:44 -0400
Subject: [PATCH] editcap: Don't memmove more than allocated in the buffer

When moving from the begining with a beginning offset specified,
don't run off the end. Subtract the source memory area's full offset
from the beginning of the buffer from the capture length.

Fix #19724
---
 editcap.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/editcap.c b/editcap.c
index 8af5f7317b..57b02caf1c 100644
--- a/editcap.c
+++ b/editcap.c
@@ -2595,7 +2595,7 @@ handle_chopping(chop_t chop, wtap_packet_header *out_phdr,
         if (chop.off_begin_pos > 0) {
             memmove(*buf + chop.off_begin_pos,
                     *buf + chop.off_begin_pos + chop.len_begin,
-                    out_phdr->caplen - chop.len_begin);
+                    out_phdr->caplen - (chop.off_begin_pos + chop.len_begin));
         } else {
             *buf += chop.len_begin;
         }
-- 
2.49.0
openSUSE Build Service is sponsored by
Places