From: Guy Harris Date: Thu, 7 Nov 2013 01:54:16 +0000 Subject: [PATCH] Copy over r49999 from trunk: ------------------------------------------------------------------------ r49999 | eapache | 2013-06-17 18:02:26 -0700 (Mon, 17 Jun 2013) | 10 lines Don't limit the on-the-wire length of packets to 64KB, there are larger packets out there (especially over USB) and we should be able to load them as long as they are snapped to a sane length. Also validate that packets do not specify a snapshot length larger than the one in the file header, though only make it a warning, as this is not necessarily a fatally corrupt packet. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808 ------------------------------------------------------------------------ Also fixes bug 9390. svn path=/trunk-1.10/; revision=53123 diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c index cb9e97c..9601332 100644 --- a/wiretap/libpcap.c +++ b/wiretap/libpcap.c @@ -773,21 +773,8 @@ static int libpcap_read_header(wtap *wth, int *err, gchar **err_info, return -1; } - if (hdr->hdr.orig_len > WTAP_MAX_PACKET_SIZE) { - /* - * Probably a corrupt capture file; return an error, - * so that our caller doesn't blow up trying to - * cope with a huge "real" packet length, and so that - * the code to try to guess what type of libpcap file - * this is can tell when it's not the type we're guessing - * it is. - */ - *err = WTAP_ERR_BAD_FILE; - if (err_info != NULL) { - *err_info = g_strdup_printf("pcap: File has %u-byte packet, bigger than maximum of %u", - hdr->hdr.orig_len, WTAP_MAX_PACKET_SIZE); - } - return -1; + if (hdr->hdr.incl_len > wth->snapshot_length) { + g_warning("pcap: File has packet larger than file's snapshot length."); } return bytes_read; @@ -955,7 +942,7 @@ static gboolean libpcap_dump(wtap_dumper *wdh, rec_hdr.hdr.incl_len = phdr->caplen + phdrsize; rec_hdr.hdr.orig_len = phdr->len + phdrsize; - if (rec_hdr.hdr.incl_len > WTAP_MAX_PACKET_SIZE || rec_hdr.hdr.orig_len > WTAP_MAX_PACKET_SIZE) { + if (rec_hdr.hdr.incl_len > WTAP_MAX_PACKET_SIZE) { *err = WTAP_ERR_BAD_FILE; return FALSE; }