forked from osmocom/wireshark
Don't treat the packet length as unsigned.
The scanf family of functions are as annoyingly bad at handling unsigned numbers as strtoul() is - both of them are perfectly willing to accept a value beginning with a negative sign as an unsigned value. When using strtoul(), you can compensate for this by explicitly checking for a '-' as the first character of the string, but you can't do that with sscanf(). So revert to having pkt_len be signed, and scanning it with %d, but check for a negative value and fail if we see a negative value. Change-Id: I6450d468504e942df72342176a0e145e5ac3db5f Reviewed-on: https://code.wireshark.org/review/15216 Reviewed-by: Guy Harris <guy@alum.mit.edu>
This commit is contained in:
parent
2cb5985bf4
commit
29c78db2a8
|
@ -273,14 +273,13 @@ parse_dbs_etherwatch_packet(struct wtap_pkthdr *phdr, FILE_T fh, Buffer* buf,
|
|||
guint8 *pd;
|
||||
char line[DBS_ETHERWATCH_LINE_LENGTH];
|
||||
int num_items_scanned;
|
||||
int eth_hdr_len, csec;
|
||||
guint pkt_len;
|
||||
int eth_hdr_len, pkt_len, csec;
|
||||
int length_pos, length_from, length;
|
||||
struct tm tm;
|
||||
char mon[4] = "xxx";
|
||||
gchar *p;
|
||||
static const gchar months[] = "JANFEBMARAPRMAYJUNJULAUGSEPOCTNOVDEC";
|
||||
guint count, line_count;
|
||||
int count, line_count;
|
||||
|
||||
/* Make sure we have enough room for a regular Ethernet packet */
|
||||
ws_buffer_assure_space(buf, DBS_ETHERWATCH_MAX_ETHERNET_PACKET_LEN);
|
||||
|
@ -351,7 +350,7 @@ parse_dbs_etherwatch_packet(struct wtap_pkthdr *phdr, FILE_T fh, Buffer* buf,
|
|||
}
|
||||
|
||||
num_items_scanned = sscanf(line + LENGTH_POS,
|
||||
"%9u byte buffer at %2d-%3s-%4d %2d:%2d:%2d.%9d",
|
||||
"%9d byte buffer at %2d-%3s-%4d %2d:%2d:%2d.%9d",
|
||||
&pkt_len,
|
||||
&tm.tm_mday, mon,
|
||||
&tm.tm_year, &tm.tm_hour, &tm.tm_min,
|
||||
|
@ -363,6 +362,12 @@ parse_dbs_etherwatch_packet(struct wtap_pkthdr *phdr, FILE_T fh, Buffer* buf,
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
if (pkt_len < 0) {
|
||||
*err = WTAP_ERR_BAD_FILE;
|
||||
*err_info = g_strdup("dbs_etherwatch: packet header has a negative packet length");
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
/* Determine whether it is Ethernet II or IEEE 802 */
|
||||
if(strncmp(&line[ETH_II_CHECK_POS], ETH_II_CHECK_STR,
|
||||
strlen(ETH_II_CHECK_STR)) == 0) {
|
||||
|
|
Loading…
Reference in New Issue