Accept file snaplen larger than WTAP_MAX_PACKET_SIZE,

text2pcap uses 102400. This fixes bug 3620. Thanks to Tyson Key for reporting the bug and providing capture files. This fix should be included in Wireshark 1.2.1 and higher. svn path=/trunk/; revision=28866
2009-06-27 18:50:13 +00:00 · 2009-06-27 18:50:13 +00:00 · 7a728f6722
parent ce11d99c12
commit 7a728f6722
1 changed files with 6 additions and 6 deletions
--- a/wiretap/pcapng.c
+++ b/wiretap/pcapng.c
@ -527,14 +527,14 @@ pcapng_read_if_descr_block(FILE_T fh, pcapng_block_header_t *bh, pcapng_t *pn,
 		      wtap_encap_string(wtap_pcap_encap_to_wtap_encap(wblock->data.if_descr.link_type)),
 		      wblock->data.if_descr.snap_len);

-	/* XXX - sanity check of snapshot length */
-	/* XXX - while a very big snapshot length is valid, it's more likely that it's a bug in the file */
-	/* XXX - so do a sanity check for now, it's likely e.g. a byte swap order problem */
 	if (wblock->data.if_descr.snap_len > WTAP_MAX_PACKET_SIZE) {
-		pcapng_debug1("pcapng_read_if_descr_block: snapshot length %u unrealistic", 
+		/* This is unrealisitic, but text2pcap currently uses 102400.
+		 * We do not use this value, maybe we should check the
+		 * snap_len of the packets against it. For now, only warn.
+		 */
+		pcapng_debug1("pcapng_read_if_descr_block: snapshot length %u unrealistic.",
 			      wblock->data.if_descr.snap_len);
-		/*wblock->data.if_descr.snap_len = 65535;*/
-		return 0;
+		/*wblock->data.if_descr.snap_len = WTAP_MAX_PACKET_SIZE;*/
 	}

 	/* Option defaults */