split across page boundaries, rather than being a byte stream, and that
the last page may be short.
Fix some comments.
svn path=/trunk/; revision=50025
out there (especially over USB) and we should be able to load them as long as
they are snapped to a sane length.
Also validate that packets do not specify a snapshot length larger than the one
in the file header, though only make it a warning, as this is not necessarily a
fatally corrupt packet.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808
svn path=/trunk/; revision=49999
as the "where to put the packet data" argument.
This lets more of the libwiretap code be common between the read and
seek-read code paths, and also allows for more flexibility in the "fill
in the data" path - we can expand the buffer as needed in both cases.
svn path=/trunk/; revision=49949
artificial 16MB limit on blocks.
Do some sanity checks when reading options, to make sure we don't read
past the end of the block.
Make some variables unsigned so as not to get inappropriate
sign-extension (which, in practice, should never happen due to the 16MB
block size limit, although if the limit is raised above 2^31-1, the
limit won't protect you).
Fixes bug 8752.
svn path=/trunk/; revision=49833
visual_process_packet_header() and call it in both the read and
seek-read routines.
Pull the post-processing code that guesses the encapsulation based on
the first few bytes in the packet into
visual_fill_in_chdlc_encapsulation() and call it in both the read and
seek-routines. Add some length checks.
svn path=/trunk/; revision=49812
Check that the record length we got out of the file is at least as big as
stats block trailer; if not, declare the file bad.
svn path=/trunk/; revision=49739
seek offset is after calling it, they can use file_tell(). (Some
routines were already assuming it returned a gboolean.)
svn path=/trunk/; revision=49733
that the complaints are valid, or that simply zeroing them is the right fix
if they are, but at least it builds now. Should we be erroring if we don't
see a sliceLength header?
svn path=/trunk/; revision=49705
frame_table field to NULL before trying to allocate the frame table, so
that if we fail before we allocate the frame table, the attempt to free
the private data doesn't crash due to the frame_table field containing a
bogus pointer.
svn path=/trunk/; revision=49697
and fail with ENOMEM if that fails (and the frame table is not empty -
g_try_malloc() will return NULL if you ask it to allocate zero bytes).
Have an error message for ENOMEM on an open that attempts to tell the
user what the problem is without making their head explode.
svn path=/trunk/; revision=49673
routines are passed a separate struct wtap_pkthdr to be filled in.
Get rid of the pseudo_header member of the wblock structure - the
pseudo-header is part of the struct wtap_pkthdr.
Get rid of the union wtap_pseudo_header * argument to
pcap_process_pseudo_header() - it's passed a pointer to a struct
pcap_pkthdr, and that structure contains the union in question.
Have libpcap_read_header() take a FILE_T argument, rather than using
only the "sequential" handle of the wtap it's handed. Have the libpcap
read routine return the offset of the beginning of the pcap record, and
have the seek-read routine read the header and fill in the struct
wtap_pkthdr handed to it.
svn path=/trunk/; revision=49401
both the read and the seek-read routines. Have the read routine return
the offset of the record header as the record's offset, so that the
seek-read routine can read that header.
svn path=/trunk/; revision=49397
Pascal Quantin