forked from osmocom/wireshark
Check for packets bigger than WTAP_MAX_PACKET_SIZE.
And note the cases where we don't have to check, as the length in the file is 2 bytes long, and 65535 + the metadata length is < WTAP_MAX_PACKET_SIZE. Change-Id: I1e690eeee900b9aa7484dc0bd0c106dc38c77269 Reviewed-on: https://code.wireshark.org/review/15180 Reviewed-by: Guy Harris <guy@alum.mit.edu>
This commit is contained in:
parent
55cc5da8c8
commit
5635d9a02d
|
@ -1035,6 +1035,10 @@ static gboolean vwr_read_s1_W_rec(vwr_t *vwr, struct wtap_pkthdr *phdr,
|
|||
* header, which is why we fill in those extra zero bytes.
|
||||
*
|
||||
* We include the length of the metadata headers in the packet lengths.
|
||||
*
|
||||
* The maximum value of actual_octets is 65535, which, even after
|
||||
* adding the lengths of the metadata headers, is less than
|
||||
* WTAP_MAX_PACKET_SIZE will ever be, so we don't need to check it.
|
||||
*/
|
||||
phdr->len = STATS_COMMON_FIELDS_LEN + EXT_WLAN_FIELDS_LEN + 1 + 16 + actual_octets;
|
||||
phdr->caplen = STATS_COMMON_FIELDS_LEN + EXT_WLAN_FIELDS_LEN + 1 + 16 + actual_octets;
|
||||
|
@ -1469,6 +1473,17 @@ static gboolean vwr_read_s2_s3_W_rec(vwr_t *vwr, struct wtap_pkthdr *phdr,
|
|||
*/
|
||||
phdr->len = STATS_COMMON_FIELDS_LEN + EXT_WLAN_FIELDS_LEN + 1 + 16 + actual_octets;
|
||||
phdr->caplen = STATS_COMMON_FIELDS_LEN + EXT_WLAN_FIELDS_LEN + 1 + 16 + actual_octets;
|
||||
if (phdr->caplen > WTAP_MAX_PACKET_SIZE) {
|
||||
/*
|
||||
* Probably a corrupt capture file; return an error,
|
||||
* so that our caller doesn't blow up trying to allocate
|
||||
* space for an immensely-large packet.
|
||||
*/
|
||||
*err_info = g_strdup_printf("vwr: File has %u-byte packet, bigger than maximum of %u",
|
||||
phdr->caplen, WTAP_MAX_PACKET_SIZE);
|
||||
*err = WTAP_ERR_BAD_FILE;
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
phdr->ts.secs = (time_t)s_sec;
|
||||
phdr->ts.nsecs = (int)(s_usec * 1000);
|
||||
|
@ -1675,6 +1690,11 @@ static gboolean vwr_read_rec_data_ethernet(vwr_t *vwr, struct wtap_pkthdr *phdr,
|
|||
*err = WTAP_ERR_BAD_FILE;
|
||||
return FALSE;
|
||||
}
|
||||
/*
|
||||
* The maximum value of actual_octets is 65535, which, even after
|
||||
* adding the lengths of the metadata headers, is less than
|
||||
* WTAP_MAX_PACKET_SIZE will ever be, so we don't need to check it.
|
||||
*/
|
||||
|
||||
vc_id = pntoh16(&s_ptr[vwr->VCID_OFF]) & vwr->VCID_MASK;
|
||||
flow_seq = s_ptr[vwr->FLOWSEQ_OFF];
|
||||
|
|
Loading…
Reference in New Issue