From 4b9ab6d1fce496323994ad288599e0f716be3449 Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Sun, 22 Aug 1999 02:29:40 +0000 Subject: [PATCH] Get rid of some cruft left in by previous checkins as placeholders. Get rid of WTAP_ENCAP_NONE; replace it with WTAP_ENCAP_UNKNOWN, which means "I can't handle that file, it's using an encapsulation I don't support". Check for encapsulations we don't support, and return an error (as is already done in "libpcap.c"). Check for too-large packet sizes, and return an error (as is already done in "libpcap.c"). Print unsigned quantities in Wiretap messages with "%u", not "%d". svn path=/trunk/; revision=544 --- capture.c | 17 ++++----------- wiretap/file.c | 4 ++-- wiretap/iptrace.c | 7 ++++-- wiretap/lanalyzer.c | 10 +++++++-- wiretap/libpcap.c | 48 ++++++++++++++++++++++------------------- wiretap/netmon.c | 40 ++++++++++++++++++++++------------ wiretap/netxray.c | 26 ++++++++++++----------- wiretap/ngsniffer.c | 52 ++++++++++++++++++++++----------------------- wiretap/snoop.c | 36 ++++++++++++++++++++----------- wiretap/wtap.h | 48 ++++++++++++++++++++--------------------- 10 files changed, 159 insertions(+), 129 deletions(-) diff --git a/capture.c b/capture.c index aef3ad51bc..4c9365e550 100644 --- a/capture.c +++ b/capture.c @@ -1,7 +1,7 @@ /* capture.c * Routines for packet capture windows * - * $Id: capture.c,v 1.59 1999/08/22 01:02:42 guy Exp $ + * $Id: capture.c,v 1.60 1999/08/22 02:29:30 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -835,21 +835,12 @@ capture_pcap_cb(u_char *user, const struct pcap_pkthdr *phdr, case WTAP_ENCAP_PPP: capture_ppp(pd, phdr->caplen, &ld->counts); break; -#if 0 -#ifdef DLT_ENC - case DLT_ENC : /* XXX - OpenBSD "IPSEC enc type (af header, spi, - flags)" */ -#endif -#ifdef DLT_LOOP - case DLT_LOOP : /* XXX - prepended 4-byte AF_xxxx value in OpenBSD, - network byte order */ -#endif -#endif - /* XXX - FreeBSD may append 4-byte ATM pseudo-header - to DLT_ATM_RFC1483, with LLC header following */ case WTAP_ENCAP_RAW_IP: capture_raw(pd, phdr->caplen, &ld->counts); break; + /* XXX - FreeBSD may append 4-byte ATM pseudo-header to DLT_ATM_RFC1483, + with LLC header following; we should implement it at some + point. */ } } diff --git a/wiretap/file.c b/wiretap/file.c index f120b4ccf4..3e75cf1215 100644 --- a/wiretap/file.c +++ b/wiretap/file.c @@ -1,6 +1,6 @@ /* file.c * - * $Id: file.c,v 1.17 1999/08/19 05:31:33 guy Exp $ + * $Id: file.c,v 1.18 1999/08/22 02:29:38 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -104,7 +104,7 @@ wtap* wtap_open_offline(const char *filename, int *err) } /* initialization */ - wth->file_encap = WTAP_ENCAP_NONE; + wth->file_encap = WTAP_ENCAP_UNKNOWN; /* Try all file types */ for (i = 0; i < N_FILE_TYPES; i++) { diff --git a/wiretap/iptrace.c b/wiretap/iptrace.c index 381d22b0d2..0d6e98d119 100644 --- a/wiretap/iptrace.c +++ b/wiretap/iptrace.c @@ -1,6 +1,6 @@ /* iptrace.c * - * $Id: iptrace.c,v 1.7 1999/08/20 04:07:09 gram Exp $ + * $Id: iptrace.c,v 1.8 1999/08/22 02:29:40 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -125,7 +125,10 @@ static int iptrace_read(wtap *wth, int *err) wth->phdr.pkt_encap = WTAP_ENCAP_RAW_IP; } else { - wth->phdr.pkt_encap = WTAP_ENCAP_NONE; + g_message("iptrace: interface type %c%c unknown or unsupported", + if_name1, if_name2); + *err = WTAP_ERR_BAD_RECORD; + return -1; } return data_offset; } diff --git a/wiretap/lanalyzer.c b/wiretap/lanalyzer.c index da19d26f7e..b28cfa1444 100644 --- a/wiretap/lanalyzer.c +++ b/wiretap/lanalyzer.c @@ -1,6 +1,6 @@ /* lanalyzer.c * - * $Id: lanalyzer.c,v 1.12 1999/08/20 04:49:18 gram Exp $ + * $Id: lanalyzer.c,v 1.13 1999/08/22 02:29:40 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -163,7 +163,11 @@ int lanalyzer_open(wtap *wth, int *err) wth->file_encap = WTAP_ENCAP_TR; break; default: - wth->file_encap = WTAP_ENCAP_NONE; + g_message("lanalyzer: board type %u unknown", + board_type); + g_free(wth->capture.lanalyzer); + *err = WTAP_ERR_UNSUPPORTED; + return -1; } break; @@ -229,6 +233,8 @@ static int lanalyzer_read(wtap *wth, int *err) * the middle of reading packets. If any other record type exists * after a Trace Packet Data Record, mark it as an error. */ if (record_type != REC_TRACE_PACKET_DATA) { + g_message("lanalyzer: record type %u seen after trace summary record", + record_type); *err = WTAP_ERR_BAD_RECORD; return -1; } diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c index 73e0f1acb7..aee592fda7 100644 --- a/wiretap/libpcap.c +++ b/wiretap/libpcap.c @@ -1,6 +1,6 @@ /* libpcap.c * - * $Id: libpcap.c,v 1.11 1999/08/22 00:47:56 guy Exp $ + * $Id: libpcap.c,v 1.12 1999/08/22 02:29:37 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -78,21 +78,23 @@ static int libpcap_dump_close(wtap_dumper *wdh, int *err); /* * XXX - this is a bit of a mess. OpenBSD, and perhaps NetBSD, have * different DLT_ codes from FreeBSD (and from the LBL BPF code). - * For now, we simply treat all except DLT_RAW as "unknown"; this - * means you won't be able to capture from a network using those + * For now, we simply treat those type values with different + * meanings on different platforms, except for DLT_RAW, as "unknown"; + * this means you won't be able to capture from a network using those * types in Ethereal (and that capturing from the loopback interface - * won't necessarily work right on OpenBSD, either). + * won't necessarily work right on OpenBSD, either, as it uses + * DLT_LOOP, which is the same as DLT_RAW on other platforms). * * Does anybody know what BSD/OS uses as DLT_ types for SLIP and * PPP? The LBL code, and the OpenBSD code, appear to disagree.... * * Nothing in FreeBSD appears to use DLT_RAW, so it's not clear what - * link-layer header or fake header appears. If it's completely - * unused, or if it behaves the same way OpenBSD DLT_LOOP behaves, - * i.e. it puts an address family in *network* byte order (as opposed - * to the *host* byte order that DLT_NULL uses on FreeBSD), then - * we should just make it WTAP_ENCAP_LOOP and process that as an - * OpenBSD DLT_LOOP. + * link-layer header or fake header appears for DLT_RAW. If it's + * completely unused, or if it behaves the same way OpenBSD DLT_LOOP + * behaves, i.e. it puts an address family in *network* byte order + * (as opposed to the *host* byte order that DLT_NULL uses on FreeBSD), + * then we should just make it WTAP_ENCAP_NULL, which we treat in + * such a fashion as to cause it to work with DLT_LOOP headers. */ static const int pcap_encap[] = { WTAP_ENCAP_NULL, /* null encapsulation */ @@ -166,14 +168,15 @@ int libpcap_open(wtap *wth, int *err) } if (hdr.version_major < 2) { /* We only support version 2.0 and later. */ - g_message("pcap: major version %d unsupported", + g_message("pcap: major version %u unsupported", hdr.version_major); *err = WTAP_ERR_UNSUPPORTED; return -1; } if (hdr.network >= NUM_PCAP_ENCAPS || pcap_encap[hdr.network] == WTAP_ENCAP_UNKNOWN) { - g_message("pcap: network type %d unknown or unsupported", hdr.network); + g_message("pcap: network type %u unknown or unsupported", + hdr.network); *err = WTAP_ERR_UNSUPPORTED; return -1; } @@ -289,16 +292,17 @@ int libpcap_dump_open(wtap_dumper *wdh, int *err) static const guint32 pcap_magic = PCAP_MAGIC; struct pcap_hdr file_hdr; static const int wtap_encap[] = { - 0, /* WTAP_ENCAP_NONE */ - 1, /* WTAP_ENCAP_ETHERNET */ - 6, /* WTAP_ENCAP_TR */ - 8, /* WTAP_ENCAP_SLIP */ - 9, /* WTAP_ENCAP_PPP */ - 10, /* WTAP_ENCAP_FDDI */ - 12, /* WTAP_ENCAP_RAW_IP */ - 7, /* WTAP_ENCAP_ARCNET */ - 11, /* WTAP_ENCAP_ATM_RFC1483 */ - 19 /* WTAP_ENCAP_LINUX_ATM_CLIP */ + 0, /* WTAP_ENCAP_UNKNOWN -> DLT_NULL */ + 1, /* WTAP_ENCAP_ETHERNET -> DLT_EN10MB */ + 6, /* WTAP_ENCAP_TR -> DLT_IEEE802 */ + 8, /* WTAP_ENCAP_SLIP -> DLT_SLIP */ + 9, /* WTAP_ENCAP_PPP -> DLT_PPP */ + 10, /* WTAP_ENCAP_FDDI -> DLT_FDDI */ + 12, /* WTAP_ENCAP_RAW_IP -> DLT_RAW */ + 7, /* WTAP_ENCAP_ARCNET -> DLT_ARCNET */ + 11, /* WTAP_ENCAP_ATM_RFC1483 -> DLT_ATM_RFC1483 */ + 19, /* WTAP_ENCAP_LINUX_ATM_CLIP */ + 0 /* WTAP_ENCAP_NULL -> DLT_NULL */ }; int nwritten; diff --git a/wiretap/netmon.c b/wiretap/netmon.c index 77afdaeaf2..cf6567e01d 100644 --- a/wiretap/netmon.c +++ b/wiretap/netmon.c @@ -1,6 +1,6 @@ /* netmon.c * - * $Id: netmon.c,v 1.10 1999/08/19 05:31:36 guy Exp $ + * $Id: netmon.c,v 1.11 1999/08/22 02:29:40 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -99,18 +99,18 @@ int netmon_open(wtap *wth, int *err) struct netmon_hdr hdr; int file_type; static const int netmon_encap[] = { - WTAP_ENCAP_NONE, + WTAP_ENCAP_UNKNOWN, WTAP_ENCAP_ETHERNET, WTAP_ENCAP_TR, WTAP_ENCAP_FDDI, - WTAP_ENCAP_NONE, /* WAN */ - WTAP_ENCAP_NONE, /* LocalTalk */ - WTAP_ENCAP_NONE, /* "DIX" - should not occur */ - WTAP_ENCAP_NONE, /* ARCNET raw */ - WTAP_ENCAP_NONE, /* ARCNET 878.2 */ - WTAP_ENCAP_NONE, /* ATM */ - WTAP_ENCAP_NONE, /* Wireless WAN */ - WTAP_ENCAP_NONE /* IrDA */ + WTAP_ENCAP_UNKNOWN, /* WAN */ + WTAP_ENCAP_UNKNOWN, /* LocalTalk */ + WTAP_ENCAP_UNKNOWN, /* "DIX" - should not occur */ + WTAP_ENCAP_UNKNOWN, /* ARCNET raw */ + WTAP_ENCAP_UNKNOWN, /* ARCNET 878.2 */ + WTAP_ENCAP_UNKNOWN, /* ATM */ + WTAP_ENCAP_UNKNOWN, /* Wireless WAN */ + WTAP_ENCAP_UNKNOWN /* IrDA */ }; #define NUM_NETMON_ENCAPS (sizeof netmon_encap / sizeof netmon_encap[0]) struct tm tm; @@ -155,14 +155,16 @@ int netmon_open(wtap *wth, int *err) break; default: - g_message("netmon: major version %d unsupported", hdr.ver_major); + g_message("netmon: major version %u unsupported", hdr.ver_major); *err = WTAP_ERR_UNSUPPORTED; return -1; } hdr.network = pletohs(&hdr.network); - if (hdr.network >= NUM_NETMON_ENCAPS) { - g_message("netmon: network type %d unknown", hdr.network); + if (hdr.network >= NUM_NETMON_ENCAPS + || netmon_encap[hdr.network] == WTAP_ENCAP_UNKNOWN) { + g_message("netmon: network type %u unknown or unsupported", + hdr.network); *err = WTAP_ERR_UNSUPPORTED; return -1; } @@ -219,7 +221,7 @@ int netmon_open(wtap *wth, int *err) /* Read the next packet */ static int netmon_read(wtap *wth, int *err) { - int packet_size = 0; + guint32 packet_size = 0; int bytes_read; union { struct netmonrec_1_x_hdr hdr_1_x; @@ -274,6 +276,16 @@ static int netmon_read(wtap *wth, int *err) packet_size = pletohl(&hdr.hdr_2_x.incl_len); break; } + if (packet_size > WTAP_MAX_PACKET_SIZE) { + /* + * Probably a corrupt capture file; don't blow up trying + * to allocate space for an immensely-large packet. + */ + g_message("netmon: File has %u-byte packet, bigger than maximum of %u", + packet_size, WTAP_MAX_PACKET_SIZE); + *err = WTAP_ERR_BAD_RECORD; + return -1; + } buffer_assure_space(wth->frame_buffer, packet_size); errno = WTAP_ERR_CANT_READ; bytes_read = fread(buffer_start_ptr(wth->frame_buffer), 1, diff --git a/wiretap/netxray.c b/wiretap/netxray.c index 1f8391d41f..e3cd643089 100644 --- a/wiretap/netxray.c +++ b/wiretap/netxray.c @@ -1,6 +1,6 @@ /* netxray.c * - * $Id: netxray.c,v 1.10 1999/08/19 05:31:35 guy Exp $ + * $Id: netxray.c,v 1.11 1999/08/22 02:29:39 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -102,14 +102,14 @@ int netxray_open(wtap *wth, int *err) WTAP_ENCAP_ETHERNET, WTAP_ENCAP_TR, WTAP_ENCAP_FDDI, - WTAP_ENCAP_NONE, /* WAN */ - WTAP_ENCAP_NONE, /* LocalTalk */ - WTAP_ENCAP_NONE, /* "DIX" - should not occur */ - WTAP_ENCAP_NONE, /* ARCNET raw */ - WTAP_ENCAP_NONE, /* ARCNET 878.2 */ - WTAP_ENCAP_NONE, /* ATM */ - WTAP_ENCAP_NONE, /* Wireless WAN */ - WTAP_ENCAP_NONE /* IrDA */ + WTAP_ENCAP_UNKNOWN, /* WAN */ + WTAP_ENCAP_UNKNOWN, /* LocalTalk */ + WTAP_ENCAP_UNKNOWN, /* "DIX" - should not occur */ + WTAP_ENCAP_UNKNOWN, /* ARCNET raw */ + WTAP_ENCAP_UNKNOWN, /* ARCNET 878.2 */ + WTAP_ENCAP_UNKNOWN, /* ATM */ + WTAP_ENCAP_UNKNOWN, /* Wireless WAN */ + WTAP_ENCAP_UNKNOWN /* IrDA */ }; #define NUM_NETXRAY_ENCAPS (sizeof netxray_encap / sizeof netxray_encap[0]) @@ -167,8 +167,10 @@ int netxray_open(wtap *wth, int *err) } hdr.network = pletohs(&hdr.network); - if (hdr.network >= NUM_NETXRAY_ENCAPS) { - g_message("netxray: network type %d unknown", hdr.network); + if (hdr.network >= NUM_NETXRAY_ENCAPS + || netxray_encap[hdr.network] == WTAP_ENCAP_UNKNOWN) { + g_message("netxray: network type %u unknown or unsupported", + hdr.network); *err = WTAP_ERR_UNSUPPORTED; return -1; } @@ -204,7 +206,7 @@ int netxray_open(wtap *wth, int *err) /* Read the next packet */ static int netxray_read(wtap *wth, int *err) { - int packet_size; + guint32 packet_size; int bytes_read; union { struct netxrayrec_1_x_hdr hdr_1_x; diff --git a/wiretap/ngsniffer.c b/wiretap/ngsniffer.c index bc897b2b4e..53066089d8 100644 --- a/wiretap/ngsniffer.c +++ b/wiretap/ngsniffer.c @@ -1,6 +1,6 @@ /* ngsniffer.c * - * $Id: ngsniffer.c,v 1.18 1999/08/20 23:11:05 guy Exp $ + * $Id: ngsniffer.c,v 1.19 1999/08/22 02:29:39 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -87,7 +87,7 @@ struct vers_rec { gint16 time; /* DOS-format time */ gint16 date; /* DOS-format date */ gint8 type; /* what type of records follow */ - gint8 network; /* network type */ + guint8 network; /* network type */ gint8 format; /* format version (we only support version 1!) */ guint8 timeunit; /* timestamp units */ gint8 cmprs_vers; /* compression version */ @@ -238,22 +238,6 @@ struct frame4_rec { #define NUM_NGSNIFF_TIMEUNITS 7 static double Usec[] = { 15.0, 0.838096, 15.0, 0.5, 2.0, 0.0, 0.1 }; -#define NGSNIFF_ENCAP_ATM 10 -#define NUM_NGSNIFF_ENCAPS 11 -static int sniffer_encap[] = { - WTAP_ENCAP_TR, - WTAP_ENCAP_ETHERNET, - WTAP_ENCAP_ARCNET, - WTAP_ENCAP_NONE, /* StarLAN */ - WTAP_ENCAP_NONE, /* PC Network broadband */ - WTAP_ENCAP_NONE, /* LocalTalk */ - WTAP_ENCAP_NONE, /* Znet */ - WTAP_ENCAP_LAPB, /* Internetwork analyzer */ - WTAP_ENCAP_NONE, /* type 8 not defined in Sniffer */ - WTAP_ENCAP_FDDI, - WTAP_ENCAP_ATM_SNIFFER /* ATM */ -}; - static int ngsniffer_read(wtap *wth, int *err); int ngsniffer_open(wtap *wth, int *err) @@ -267,6 +251,20 @@ int ngsniffer_open(wtap *wth, int *err) struct vers_rec version; guint16 start_date; guint16 start_time; + static const int sniffer_encap[] = { + WTAP_ENCAP_TR, + WTAP_ENCAP_ETHERNET, + WTAP_ENCAP_ARCNET, + WTAP_ENCAP_UNKNOWN, /* StarLAN */ + WTAP_ENCAP_UNKNOWN, /* PC Network broadband */ + WTAP_ENCAP_UNKNOWN, /* LocalTalk */ + WTAP_ENCAP_UNKNOWN, /* Znet */ + WTAP_ENCAP_LAPB, /* Internetwork analyzer */ + WTAP_ENCAP_UNKNOWN, /* type 8 not defined in Sniffer */ + WTAP_ENCAP_FDDI, + WTAP_ENCAP_ATM_SNIFFER /* ATM */ + }; + #define NUM_NGSNIFF_ENCAPS (sizeof sniffer_encap / sizeof sniffer_encap[0]) struct tm tm; /* Read in the string that should be at the start of a Sniffer file */ @@ -329,15 +327,17 @@ int ngsniffer_open(wtap *wth, int *err) } /* Check the data link type */ - if (version.network >= NUM_NGSNIFF_ENCAPS) { - g_message("ngsniffer: network type %d unknown", version.network); + if (version.network >= NUM_NGSNIFF_ENCAPS + || sniffer_encap[version.network] == WTAP_ENCAP_UNKNOWN) { + g_message("ngsniffer: network type %u unknown or unsupported", + version.network); *err = WTAP_ERR_UNSUPPORTED; return -1; } /* Check the time unit */ if (version.timeunit >= NUM_NGSNIFF_TIMEUNITS) { - g_message("ngsniffer: Unknown timeunit %d", version.timeunit); + g_message("ngsniffer: Unknown timeunit %u", version.timeunit); *err = WTAP_ERR_UNSUPPORTED; return -1; } @@ -390,13 +390,13 @@ int ngsniffer_open(wtap *wth, int *err) static int ngsniffer_read(wtap *wth, int *err) { int bytes_read; - char record_type[2]; - char record_length[4]; /* only 1st 2 bytes are length */ - guint16 type, length; + char record_type[2]; + char record_length[4]; /* only 1st 2 bytes are length */ + guint16 type, length; struct frame2_rec frame2; struct frame4_rec frame4; - double t; - guint16 time_low, time_med, time_high, true_size, size; + double t; + guint16 time_low, time_med, time_high, true_size, size; int data_offset; for (;;) { diff --git a/wiretap/snoop.c b/wiretap/snoop.c index c5661049ba..eee3b242fa 100644 --- a/wiretap/snoop.c +++ b/wiretap/snoop.c @@ -1,6 +1,6 @@ /* snoop.c * - * $Id: snoop.c,v 1.6 1999/08/19 05:31:35 guy Exp $ + * $Id: snoop.c,v 1.7 1999/08/22 02:29:38 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -62,16 +62,16 @@ int snoop_open(wtap *wth, int *err) char magic[sizeof snoop_magic]; struct snoop_hdr hdr; static const int snoop_encap[] = { - WTAP_ENCAP_NONE, /* IEEE 802.3 */ - WTAP_ENCAP_NONE, /* IEEE 802.4 Token Bus */ + WTAP_ENCAP_UNKNOWN, /* IEEE 802.3 */ + WTAP_ENCAP_UNKNOWN, /* IEEE 802.4 Token Bus */ WTAP_ENCAP_TR, - WTAP_ENCAP_NONE, /* IEEE 802.6 Metro Net */ + WTAP_ENCAP_UNKNOWN, /* IEEE 802.6 Metro Net */ WTAP_ENCAP_ETHERNET, - WTAP_ENCAP_NONE, /* HDLC */ - WTAP_ENCAP_NONE, /* Character Synchronous */ - WTAP_ENCAP_NONE, /* IBM Channel-to-Channel */ + WTAP_ENCAP_UNKNOWN, /* HDLC */ + WTAP_ENCAP_UNKNOWN, /* Character Synchronous */ + WTAP_ENCAP_UNKNOWN, /* IBM Channel-to-Channel */ WTAP_ENCAP_FDDI, - WTAP_ENCAP_NONE /* Other */ + WTAP_ENCAP_UNKNOWN /* Other */ }; #define NUM_SNOOP_ENCAPS (sizeof snoop_encap / sizeof snoop_encap[0]) @@ -105,13 +105,15 @@ int snoop_open(wtap *wth, int *err) hdr.version = ntohl(hdr.version); if (hdr.version != 2) { /* We only support version 2. */ - g_message("snoop: version %d unsupported", hdr.version); + g_message("snoop: version %u unsupported", hdr.version); *err = WTAP_ERR_UNSUPPORTED; return -1; } hdr.network = ntohl(hdr.network); - if (hdr.network >= NUM_SNOOP_ENCAPS) { - g_message("snoop: network type %d unknown", hdr.network); + if (hdr.network >= NUM_SNOOP_ENCAPS + || snoop_encap[hdr.network] == WTAP_ENCAP_UNKNOWN) { + g_message("snoop: network type %u unknown or unsupported", + hdr.network); *err = WTAP_ERR_UNSUPPORTED; return -1; } @@ -127,7 +129,7 @@ int snoop_open(wtap *wth, int *err) /* Read the next packet */ static int snoop_read(wtap *wth, int *err) { - int packet_size; + guint32 packet_size; int bytes_read; struct snooprec_hdr hdr; int data_offset; @@ -148,6 +150,16 @@ static int snoop_read(wtap *wth, int *err) } packet_size = ntohl(hdr.incl_len); + if (packet_size > WTAP_MAX_PACKET_SIZE) { + /* + * Probably a corrupt capture file; don't blow up trying + * to allocate space for an immensely-large packet. + */ + g_message("snoop: File has %u-byte packet, bigger than maximum of %u", + packet_size, WTAP_MAX_PACKET_SIZE); + *err = WTAP_ERR_BAD_RECORD; + return -1; + } buffer_assure_space(wth->frame_buffer, packet_size); data_offset = ftell(wth->fh); errno = WTAP_ERR_CANT_READ; diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 78ee772f39..fcfd0c11b1 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.30 1999/08/22 00:47:55 guy Exp $ + * $Id: wtap.h,v 1.31 1999/08/22 02:29:38 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -27,6 +27,14 @@ /* Encapsulation types. Choose names that truly reflect * what is contained in the packet trace file. * + * WTAP_ENCAP_PER_PACKET is a value passed to "wtap_dump_open()" or + * "wtap_dump_fdopen()" to indicate that there is no single encapsulation + * type for all packets in the file; this may cause those routines to + * fail if the capture file format being written can't support that. + * + * WTAP_ENCAP_UNKNOWN is returned by "wtap_pcap_encap_to_wtap_encap()" + * if it's handed an unknown encapsulation. + * * WTAP_ENCAP_LINUX_ATM_CLIP is the encapsulation you get with the * ATM on Linux code from ; * that code adds a DLT_ATM_CLIP DLT_ code of 19, and that @@ -34,22 +42,24 @@ * presumably used on some BSD systems, which we turn into * WTAP_ENCAP_ATM_RFC1483. * - * WTAP_ENCAP_PER_PACKET is a value passed to "wtap_dump_open()" or - * "wtap_dump_fdopen()" to indicate that there is no single encapsulation - * type for all packets in the file; this may cause those routines to - * fail if the capture file format being written can't support that. + * WTAP_ENCAP_NULL corresponds to DLT_NULL from "libpcap". This + * corresponds to * - * WTAP_ENCAP_NULL is the DLT_NULL some BSD systems use; at least with - * many drivers on FreeBSD (and the loopback driver in 4.4-Lite, so - * hopefully most BSD drivers, at least, model their DLT_NULL after it), - * it puts a 4-byte field containing the AF_ address family value, - * in *host* byte order, at the beginning of the packet. + * 1) PPP-over-HDLC encapsulation, at least with some versions + * of ISDN4BSD (but not the current ones, it appears, unless + * I've missed something); * - * WTAP_ENCAP_UNKNOWN is returned by "wtap_pcap_encap_to_wtap_encap()" - * if it's handed an unknown encapsulation. */ -#define WTAP_ENCAP_UNKNOWN -2 + * 2) a 4-byte header containing the AF_ address family, in + * the byte order of the machine that saved the capture, + * for the packet, as used on many BSD systems for the + * loopback device and some other devices; + * + * 3) a 4-byte header containing 2 octets of 0 and an Ethernet + * type in the byte order from an Ethernet header, that being + * what "libpcap" on Linux turns the Ethernet header for + * loopback interfaces into. */ #define WTAP_ENCAP_PER_PACKET -1 -#define WTAP_ENCAP_NONE 0 +#define WTAP_ENCAP_UNKNOWN 0 #define WTAP_ENCAP_ETHERNET 1 #define WTAP_ENCAP_TR 2 #define WTAP_ENCAP_SLIP 3 @@ -220,16 +230,6 @@ struct wtap_pkthdr { union pseudo_header pseudo_header; }; -/* - * Header that OpenBSD (and possibly other BSDs) DLT_ENC prepends to - * a packet. - */ -struct dlt_enc_hdr { - guint32 af; - guint32 spi; - guint32 flags; -}; - typedef void (*wtap_handler)(u_char*, const struct wtap_pkthdr*, int, const u_char *);