1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
$NetBSD: patch-ag,v 1.1.2.2 2011/02/11 05:40:44 sbd Exp $
--- wiretap/pcapng.c.orig 2011-01-11 19:24:22.000000000 +0000
+++ wiretap/pcapng.c
@@ -806,18 +806,26 @@ pcapng_read_packet_block(FILE_T fh, pcap
pcapng_debug2("pcapng_read_packet_block:cap_len %d is larger than packet_len %u.",
wblock->data.packet.cap_len, wblock->data.packet.packet_len);
*err = WTAP_ERR_BAD_RECORD;
+ *err_info = g_strdup("pcapng_read_packet_block:cap_len is larger than packet_len");
return 0;
}
if (wblock->data.packet.cap_len > WTAP_MAX_PACKET_SIZE) {
pcapng_debug2("pcapng_read_packet_block:cap_len %d is larger than WTAP_MAX_PACKET_SIZE %u.",
wblock->data.packet.cap_len, WTAP_MAX_PACKET_SIZE);
*err = WTAP_ERR_BAD_RECORD;
+ *err_info = g_strdup("pcapng_read_packet_block:cap_len is larger than WTAP_MAX_PACKET_SIZE");
return 0;
}
pcapng_debug3("pcapng_read_packet_block: packet data: packet_len %u captured_len %u interface_id %u",
wblock->data.packet.packet_len,
wblock->data.packet.cap_len,
wblock->data.packet.interface_id);
+ if (wblock->data.packet.packet_len > WTAP_MAX_PACKET_SIZE) {
+ *err = WTAP_ERR_BAD_RECORD;
+ *err_info = g_strdup_printf("pcapng_read_packet_block: packet_len %u is larger than WTAP_MAX_PACKET_SIZE %u.",
+ wblock->data.packet.packet_len, WTAP_MAX_PACKET_SIZE);
+ return 0;
+ }
wtap_encap = pcapng_get_encap(wblock->data.packet.interface_id, pn);
pcapng_debug3("pcapng_read_packet_block: encapsulation = %d (%s), pseudo header size = %d.",
@@ -980,6 +988,12 @@ pcapng_read_simple_packet_block(FILE_T f
}
pcapng_debug1("pcapng_read_simple_packet_block: packet data: packet_len %u",
wblock->data.simple_packet.packet_len);
+ if (wblock->data.simple_packet.packet_len > WTAP_MAX_PACKET_SIZE) {
+ *err = WTAP_ERR_BAD_RECORD;
+ *err_info = g_strdup_printf("pcapng_read_simple_packet_block: packet_len %u is larger than WTAP_MAX_PACKET_SIZE %u.",
+ wblock->data.simple_packet.packet_len, WTAP_MAX_PACKET_SIZE);
+ return 0;
+ }
encap = pcapng_get_encap(0, pn);
pcapng_debug1("pcapng_read_simple_packet_block: Need to read pseudo header of size %d",
|