ECMP: buffer overflow detected
Summary
The attached pcap triggers an buffer overflow in ECMP dissector. If I disable ECMP protocol, everything is fine. It happens with 4.4.0 and master, both
Sample capture file
Steps to reproduce
ivan@ivan-Precision-3591:~/svnrepos/wireshark(master)$ ./wireshark-master/run/tshark -r ~/ecmp_crash.pcap
*** buffer overflow detected ***: terminated
Aborted (core dumped)
What is the current bug behavior?
Crash
What is the expected correct behavior?
(What you should see instead)
Build information
Version 4.5.0 (v4.5.0rc0-973-gb42dc76c89af).
Compiled (64-bit) using GCC 13.2.0, with GLib 2.80.0, with Qt 6.4.2, with
libpcap, with POSIX capabilities (Linux), with libnl 3, with zlib 1.3, without
zlib-ng, with PCRE2, with Lua 5.4.6, with GnuTLS 3.8.3 and PKCS #11 support,
with Gcrypt 1.10.3, with Kerberos (MIT), with MaxMind, with nghttp2 1.59.0, with
nghttp3 0.8.0, with brotli, with LZ4, with Zstandard, with Snappy, with libxml2
2.9.14, with libsmi 0.4.8, with Minizip 1.3.0, with QtMultimedia, with QtDBus,
without automatic updates, with binary plugins.
Running on Linux 6.8.0-48-generic, with Intel(R) Core(TM) Ultra 7 155H (with
SSE4.2), with 63750 MB of physical memory, with GLib 2.80.0, with Qt 6.4.2, with
libpcap 1.10.4 (with TPACKET_V3), with zlib 1.3, with PCRE2 10.42 2022-12-11,
with c-ares 1.27.0, with GnuTLS 3.8.3, with Gcrypt 1.10.3, with nghttp2 1.59.0,
with nghttp3 0.8.0, with brotli 1.1.0, with LZ4 1.9.4, with Zstandard 1.5.5,
with libsmi 0.4.8, with dark display mode, without HiDPI, with Wayland, with QPA
plugin "wayland", with LC_TYPE=en_US.UTF-8, binary plugins supported.