Tree - rpms/wireshark - CentOS Git server

rpms / wireshark

Files

Commit: 9556244c5d720d7264057bf94b655c5d9d16dc11

Blob Blame History Raw

diff --git a/wiretap/mpeg.c b/wiretap/mpeg.c
index 1500162..bd3ab24 100644
--- a/wiretap/mpeg.c
+++ b/wiretap/mpeg.c
@@ -111,7 +111,7 @@ mpeg_read_rec_data(FILE_T fh, guint8 *pd, int length, int *err,
 
 #define SCRHZ 27000000
 
-static gboolean 
+static gboolean
 mpeg_read(wtap *wth, int *err, gchar **err_info, gint64 *data_offset)
 {
 	mpeg_t *mpeg = (mpeg_t *)wth->priv;
@@ -225,6 +225,18 @@ mpeg_read(wtap *wth, int *err, gchar **err_info, gint64 *data_offset)
 	}
 	*data_offset = file_tell(wth->fh);
 
+	if (packet_size > WTAP_MAX_PACKET_SIZE) {
+		/*
+		 * Larger than we can handle. Don't blow up trying
+		 * to allocate space for an immensely-large packet
+		 * or clobber the stack.
+		 */
+		*err = WTAP_ERR_BAD_FILE;
+		*err_info = g_strdup_printf("mpeg: File has %u-byte packet, bigger than maximum of %u",
+				packet_size, WTAP_MAX_PACKET_SIZE);
+		return FALSE;
+	}
+
 	buffer_assure_space(wth->frame_buffer, packet_size);
 	if (!mpeg_read_rec_data(wth->fh, buffer_start_ptr(wth->frame_buffer),
 				packet_size, err, err_info))

rpms / wireshark

Source Code

Files