osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

Check our original record length. Fixes a crash bug found by Huzaifa 

Sidhpurwala of the Red Hat Security Response Team.

svn path=/trunk/; revision=37068
This commit is contained in:
Gerald Combs 2011-05-11 22:36:59 +00:00
parent d264cd5658
commit 995d748f05
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
wiretap/snoop.c
View File

@ -473,6 +473,16 @@ static gboolean snoop_read(wtap *wth, int *err, gchar **err_info,
rec_size = g_ntohl(hdr.rec_len);
orig_size = g_ntohl(hdr.orig_len);
packet_size = g_ntohl(hdr.incl_len);
if (orig_size > WTAP_MAX_PACKET_SIZE) {
/*
* Probably a corrupt capture file; don't blow up trying
* to allocate space for an immensely-large packet.
*/
*err = WTAP_ERR_BAD_RECORD;
*err_info = g_strdup_printf("snoop: File has %u-byte original length, bigger than maximum of %u",
orig_size, WTAP_MAX_PACKET_SIZE);
return FALSE;
}
if (packet_size > WTAP_MAX_PACKET_SIZE) {
/*
* Probably a corrupt capture file; don't blow up trying