rpms / wireshark

Clone
Source Code
GIT

Files

  1.   4459b55d8dc0e816d0e7396b4068ceb275a53c47
  2.   wireshark-0013-Copy-over-r49999-from-trunk.patch
Blob Blame History Raw 
From: Guy Harris <guy@alum.mit.edu>
Date: Thu, 7 Nov 2013 01:54:16 +0000
Subject: [PATCH] Copy over r49999 from trunk:

  ------------------------------------------------------------------------
  r49999 | eapache | 2013-06-17 18:02:26 -0700 (Mon, 17 Jun 2013) | 10 lines

  Don't limit the on-the-wire length of packets to 64KB, there are larger packets
  out there (especially over USB) and we should be able to load them as long as
  they are snapped to a sane length.

  Also validate that packets do not specify a snapshot length larger than the one
  in the file header, though only make it a warning, as this is not necessarily a
  fatally corrupt packet.

  https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808

  ------------------------------------------------------------------------

Also fixes bug 9390.

svn path=/trunk-1.10/; revision=53123

diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c
index cb9e97c..9601332 100644
--- a/wiretap/libpcap.c
+++ b/wiretap/libpcap.c
@@ -773,21 +773,8 @@ static int libpcap_read_header(wtap *wth, int *err, gchar **err_info,
 		return -1;
 	}
 
-	if (hdr->hdr.orig_len > WTAP_MAX_PACKET_SIZE) {
-		/*
-		 * Probably a corrupt capture file; return an error,
-		 * so that our caller doesn't blow up trying to
-		 * cope with a huge "real" packet length, and so that
-		 * the code to try to guess what type of libpcap file
-		 * this is can tell when it's not the type we're guessing
-		 * it is.
-		 */
-		*err = WTAP_ERR_BAD_FILE;
-		if (err_info != NULL) {
-			*err_info = g_strdup_printf("pcap: File has %u-byte packet, bigger than maximum of %u",
-			    hdr->hdr.orig_len, WTAP_MAX_PACKET_SIZE);
-		}
-		return -1;
+	if (hdr->hdr.incl_len > wth->snapshot_length) {
+		g_warning("pcap: File has packet larger than file's snapshot length.");
 	}
 
 	return bytes_read;
@@ -955,7 +942,7 @@ static gboolean libpcap_dump(wtap_dumper *wdh,
 	rec_hdr.hdr.incl_len = phdr->caplen + phdrsize;
 	rec_hdr.hdr.orig_len = phdr->len + phdrsize;
 
-	if (rec_hdr.hdr.incl_len > WTAP_MAX_PACKET_SIZE || rec_hdr.hdr.orig_len > WTAP_MAX_PACKET_SIZE) {
+	if (rec_hdr.hdr.incl_len > WTAP_MAX_PACKET_SIZE) {
 		*err = WTAP_ERR_BAD_FILE;
 		return FALSE;
 	}

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation