Don't try to allocate more than WTAP_MAX_PACKET_SIZE. Fixes a crash
reported in bug 3849. svn path=/trunk/; revision=29364
This commit is contained in:
parent
842d1be224
commit
c158c4ad69
|
@ -218,6 +218,13 @@ extern int erf_open(wtap *wth, int *err, gchar **err_info _U_)
|
|||
|
||||
/* The file_seek function do not return an error if the end of file
|
||||
is reached whereas the record is truncated */
|
||||
if (packet_size > WTAP_MAX_PACKET_SIZE) {
|
||||
/*
|
||||
* Probably a corrupt capture file; don't blow up trying
|
||||
* to allocate space for an immensely-large packet.
|
||||
*/
|
||||
return 0;
|
||||
}
|
||||
buffer=g_malloc(packet_size);
|
||||
r = file_read(buffer, 1, packet_size, wth->fh);
|
||||
g_free(buffer);
|
||||
|
|
Loading…
Reference in New Issue