Simplify timestamp checking: only check the packet's timestamp if

check_startstop is set.

Refuse to write packets that do not fit in the file type we're writing.  This
allows fuzz testing to be done on JPEGs without generating bogus files (with
packets bigger than the maximum packet size).  This fixes
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6010 .

Note that this is only a problem with editcap is run with -T to force the
encapsulation type.

Maybe this needs a more generic solution (e.g., should this check be done in
the wiretap routines?), but at least for now it'll pacify the buildbot.

svn path=/trunk/; revision=37633

editcap.c

@@ -831,7 +831,7 @@ main(int argc, char *argv[])
   int split_packet_count = 0;
   int written_count = 0;
   char *filename = NULL;
-  gboolean check_ts;
+  gboolean ts_okay = TRUE;
   int secs_per_block = 0;
   int block_cnt = 0;
   nstime_t block_start;
@@ -1208,10 +1208,10 @@ main(int argc, char *argv[])
         }
       }
 
-      check_ts = check_timestamp(wth);
+      if (check_startstop)
+        ts_okay = check_timestamp(wth);
 
-      if ( ((check_startstop && check_ts) || (!check_startstop && !check_ts)) && ((!selected(count) && !keep_em) ||
-          (selected(count) && keep_em)) ) {
+      if ( ts_okay && ((!selected(count) && !keep_em) || (selected(count) && keep_em)) ) {
 
         if (verbose && !dup_detect && !dup_detect_by_time)
           printf("Packet: %u\n", count);
@@ -1440,6 +1440,12 @@ main(int argc, char *argv[])
           }
         }
 
+        if(phdr->caplen > wtap_snapshot_length(wth)) {
+            fprintf(stderr, "Warning: packet %d too big for file type, skipping it...\n", count);
+            count++;
+            continue;
+        }
+
         if (!wtap_dump(pdh, phdr, wtap_pseudoheader(wth), buf, &err)) {
           fprintf(stderr, "editcap: Error writing to %s: %s\n",
                   filename, wtap_strerror(err));