Don't crash for ERSPAN packets in Linux cooked captures.

Sadly, "cooked" means the GRE header isn't available; the extra data
pointer is null, so we can't dereference it.

Bug: 14548
Change-Id: I51ae67dcc144b7f5ab3c82dd9adf09b342b29ced
Reviewed-on: https://code.wireshark.org/review/26595
Reviewed-by: Guy Harris <guy@alum.mit.edu>

epan/dissectors/packet-cisco-erspan.c

@@ -133,12 +133,23 @@ dissect_erspan(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
 	tvbuff_t *eth_tvb;
 	guint32 offset = 0;
 	guint16 version;
-	guint16 gre_flags_and_ver = *(guint16 *)data;
 
-	if(gre_flags_and_ver == 0) {
+	if (data == NULL) {
+		/*
+		 * We weren't handed the GRE flags or version.
+		 *
+		 * This can happen if a Linux cooked capture is done and
+		 * we get a packet from an "ipgre" interface.
+		 */
 		version = G_MAXUINT16; /* Possible values are 0...15 */
 	} else {
-		version = tvb_get_ntohs(tvb, offset) >> 12;
+		guint16 gre_flags_and_ver = *(guint16 *)data;
+
+		if (gre_flags_and_ver == 0) {
+			version = G_MAXUINT16; /* Possible values are 0...15 */
+		} else {
+			version = tvb_get_ntohs(tvb, offset) >> 12;
+		}
 	}
 
 	ti = proto_tree_add_item(tree, proto_erspan, tvb, offset, -1,

epan/dissectors/packet-sll.c

@@ -347,6 +347,14 @@ dissect_sll(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
 	} else {
 		switch (hatype) {
 		case ARPHRD_IPGRE:
+			/*
+			 * XXX - the link-layer header appears to consist
+			 * of an IPv4 header followed by a bunch of stuff
+			 * that includes the GRE flags and version, but
+			 * cooked captures strip the link-layer header,
+			 * so we can't provide the flags and version to
+			 * the dissector.
+			 */
 			proto_tree_add_uint(fh_tree, &hfi_sll_gretype, tvb, 14, 2,
 			    protocol);
 			dissector_try_uint(gre_dissector_table,