forked from osmocom/wireshark
Don't limit the on-the-wire length of packets to 64KB, there are larger packets
out there (especially over USB) and we should be able to load them as long as they are snapped to a sane length. Also validate that packets do not specify a snapshot length larger than the one in the file header, though only make it a warning, as this is not necessarily a fatally corrupt packet. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808 svn path=/trunk/; revision=49999
This commit is contained in:
parent
b5c538ff81
commit
3f1f630570
|
@ -765,21 +765,8 @@ static int libpcap_read_header(wtap *wth, FILE_T fh, int *err, gchar **err_info,
|
|||
return -1;
|
||||
}
|
||||
|
||||
if (hdr->hdr.orig_len > WTAP_MAX_PACKET_SIZE) {
|
||||
/*
|
||||
* Probably a corrupt capture file; return an error,
|
||||
* so that our caller doesn't blow up trying to
|
||||
* cope with a huge "real" packet length, and so that
|
||||
* the code to try to guess what type of libpcap file
|
||||
* this is can tell when it's not the type we're guessing
|
||||
* it is.
|
||||
*/
|
||||
*err = WTAP_ERR_BAD_FILE;
|
||||
if (err_info != NULL) {
|
||||
*err_info = g_strdup_printf("pcap: File has %u-byte packet, bigger than maximum of %u",
|
||||
hdr->hdr.orig_len, WTAP_MAX_PACKET_SIZE);
|
||||
}
|
||||
return -1;
|
||||
if (hdr->hdr.incl_len > wth->snapshot_length) {
|
||||
g_warning("pcap: File has packet larger than file's snapshot length.");
|
||||
}
|
||||
|
||||
return bytes_read;
|
||||
|
@ -929,7 +916,7 @@ static gboolean libpcap_dump(wtap_dumper *wdh,
|
|||
rec_hdr.hdr.incl_len = phdr->caplen + phdrsize;
|
||||
rec_hdr.hdr.orig_len = phdr->len + phdrsize;
|
||||
|
||||
if (rec_hdr.hdr.incl_len > WTAP_MAX_PACKET_SIZE || rec_hdr.hdr.orig_len > WTAP_MAX_PACKET_SIZE) {
|
||||
if (rec_hdr.hdr.incl_len > WTAP_MAX_PACKET_SIZE) {
|
||||
*err = WTAP_ERR_BAD_FILE;
|
||||
return FALSE;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue