|
 |
65d033 |
From: Guy Harris <guy@alum.mit.edu>
|
|
|
65d033 |
Date: Thu, 7 Nov 2013 01:54:16 +0000
|
|
|
65d033 |
Subject: [PATCH] Copy over r49999 from trunk:
|
|
|
65d033 |
|
|
|
65d033 |
------------------------------------------------------------------------
|
|
|
65d033 |
r49999 | eapache | 2013-06-17 18:02:26 -0700 (Mon, 17 Jun 2013) | 10 lines
|
|
|
65d033 |
|
|
|
65d033 |
Don't limit the on-the-wire length of packets to 64KB, there are larger packets
|
|
|
65d033 |
out there (especially over USB) and we should be able to load them as long as
|
|
|
65d033 |
they are snapped to a sane length.
|
|
|
65d033 |
|
|
|
65d033 |
Also validate that packets do not specify a snapshot length larger than the one
|
|
|
65d033 |
in the file header, though only make it a warning, as this is not necessarily a
|
|
|
65d033 |
fatally corrupt packet.
|
|
|
65d033 |
|
|
|
65d033 |
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808
|
|
|
65d033 |
|
|
|
65d033 |
------------------------------------------------------------------------
|
|
|
65d033 |
|
|
|
65d033 |
Also fixes bug 9390.
|
|
|
65d033 |
|
|
|
65d033 |
svn path=/trunk-1.10/; revision=53123
|
|
|
65d033 |
|
|
|
65d033 |
diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c
|
|
|
65d033 |
index cb9e97c..9601332 100644
|
|
|
65d033 |
--- a/wiretap/libpcap.c
|
|
|
65d033 |
+++ b/wiretap/libpcap.c
|
|
|
65d033 |
@@ -773,21 +773,8 @@ static int libpcap_read_header(wtap *wth, int *err, gchar **err_info,
|
|
|
65d033 |
return -1;
|
|
|
65d033 |
}
|
|
|
65d033 |
|
|
|
65d033 |
- if (hdr->hdr.orig_len > WTAP_MAX_PACKET_SIZE) {
|
|
|
65d033 |
- /*
|
|
|
65d033 |
- * Probably a corrupt capture file; return an error,
|
|
|
65d033 |
- * so that our caller doesn't blow up trying to
|
|
|
65d033 |
- * cope with a huge "real" packet length, and so that
|
|
|
65d033 |
- * the code to try to guess what type of libpcap file
|
|
|
65d033 |
- * this is can tell when it's not the type we're guessing
|
|
|
65d033 |
- * it is.
|
|
|
65d033 |
- */
|
|
|
65d033 |
- *err = WTAP_ERR_BAD_FILE;
|
|
|
65d033 |
- if (err_info != NULL) {
|
|
|
65d033 |
- *err_info = g_strdup_printf("pcap: File has %u-byte packet, bigger than maximum of %u",
|
|
|
65d033 |
- hdr->hdr.orig_len, WTAP_MAX_PACKET_SIZE);
|
|
|
65d033 |
- }
|
|
|
65d033 |
- return -1;
|
|
|
65d033 |
+ if (hdr->hdr.incl_len > wth->snapshot_length) {
|
|
|
65d033 |
+ g_warning("pcap: File has packet larger than file's snapshot length.");
|
|
|
65d033 |
}
|
|
|
65d033 |
|
|
|
65d033 |
return bytes_read;
|
|
|
65d033 |
@@ -955,7 +942,7 @@ static gboolean libpcap_dump(wtap_dumper *wdh,
|
|
|
65d033 |
rec_hdr.hdr.incl_len = phdr->caplen + phdrsize;
|
|
|
65d033 |
rec_hdr.hdr.orig_len = phdr->len + phdrsize;
|
|
|
65d033 |
|
|
|
65d033 |
- if (rec_hdr.hdr.incl_len > WTAP_MAX_PACKET_SIZE || rec_hdr.hdr.orig_len > WTAP_MAX_PACKET_SIZE) {
|
|
|
65d033 |
+ if (rec_hdr.hdr.incl_len > WTAP_MAX_PACKET_SIZE) {
|
|
|
65d033 |
*err = WTAP_ERR_BAD_FILE;
|
|
|
65d033 |
return FALSE;
|
|
|
65d033 |
}
|