~ubuntu-branches/debian/squeeze/wireshark/squeeze
» Revision
52
: debian/patches/36_fixes-from-1.4.11.patch
« back to all changes in this revision
Viewing changes to debian/patches/36_fixes-from-1.4.11.patch
- browse files at revision 52
- compare with another revision
- download diff
- download tarball
- view history from revision 52
- Committer: Package Import Robot
- Author(s): Moritz Muehlenhoff
- Date: 2012-01-25 16:11:58 UTC
- Revision ID: package-import@ubuntu.com-20120125161158-h4joyppoc7oqhgpn
Tags: 1.2.11-6+squeeze6
Fix CVE-2011-3483, CVE-2011-0042, CVE-2012-0068, CVE-2012-0067,
CVE-2012-0066, CVE-2011-0041 (Patches provided by Balint)
CVE-2012-0066, CVE-2011-0041 (Patches provided by Balint)
- files added:
- .pc/35_CVE-2011-3483.patch
- .pc/35_CVE-2011-3483.patch/epan
- .pc/36_fixes-from-1.4.11.patch
- .pc/36_fixes-from-1.4.11.patch/epan
- .pc/36_fixes-from-1.4.11.patch/epan/ftypes
- .pc/36_fixes-from-1.4.11.patch/wiretap
- files modified:
- .pc/applied-patches
added
removed
debian/patches/36_fixes-from-1.4.11.patch
1
diff --git a/epan/ftypes/ftype-tvbuff.c b/epan/ftypes/ftype-tvbuff.c
2
index 8494d3d..a69da90 100644
3
--- a/epan/ftypes/ftype-tvbuff.c
4
+++ b/epan/ftypes/ftype-tvbuff.c
5
@@ -189,18 +189,18 @@ value_get(fvalue_t *fv)
6
static guint
7
len(fvalue_t *fv)
8
{
9
+ guint length = 0;
10
+
11
TRY {
12
if (fv->value.tvb)
13
- return tvb_length(fv->value.tvb);
14
- else
15
- return 0;
16
-}
17
+ length = tvb_length(fv->value.tvb);
18
+ }
19
CATCH_ALL {
20
/* nothing */
21
}
22
ENDTRY;
23
24
- return 0;
25
+ return length;
26
}
27
28
static void
29
@@ -226,22 +226,20 @@ cmp_eq(fvalue_t *fv_a, fvalue_t *fv_b)
30
{
31
tvbuff_t *a = fv_a->value.tvb;
32
tvbuff_t *b = fv_b->value.tvb;
33
+ gboolean eq = FALSE;
34
35
TRY {
36
guint a_len = tvb_length(a);
37
38
- if (a_len != tvb_length(b)) {
39
- return FALSE;
40
+ if (a_len == tvb_length(b))
41
+ eq = (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) == 0);
42
}
43
-
44
- return (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) == 0);
45
-}
46
CATCH_ALL {
47
/* nothing */
48
}
49
ENDTRY;
50
51
- return FALSE;
52
+ return eq;
53
}
54
55
static gboolean
56
@@ -249,22 +247,21 @@ cmp_ne(fvalue_t *fv_a, fvalue_t *fv_b)
57
{
58
tvbuff_t *a = fv_a->value.tvb;
59
tvbuff_t *b = fv_b->value.tvb;
60
+ gboolean ne = TRUE;
61
62
TRY {
63
guint a_len = tvb_length(a);
64
65
- if (a_len != tvb_length(b)) {
66
- return TRUE;
67
+ if (a_len == tvb_length(b)) {
68
+ ne = (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) != 0);
69
+ }
70
}
71
-
72
- return (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) != 0);
73
-}
74
CATCH_ALL {
75
/* nothing */
76
}
77
ENDTRY;
78
79
- return FALSE;
80
+ return ne;
81
}
82
83
static gboolean
84
@@ -272,27 +269,24 @@ cmp_gt(fvalue_t *fv_a, fvalue_t *fv_b)
85
{
86
tvbuff_t *a = fv_a->value.tvb;
87
tvbuff_t *b = fv_b->value.tvb;
88
+ gboolean gt = FALSE;
89
90
TRY {
91
guint a_len = tvb_length(a);
92
guint b_len = tvb_length(b);
93
94
if (a_len > b_len) {
95
- return TRUE;
96
+ gt = TRUE;
97
+ } else if (a_len == b_len) {
98
+ gt = (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) > 0);
99
}
100
-
101
- if (a_len < b_len) {
102
- return FALSE;
103
}
104
-
105
- return (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) > 0);
106
-}
107
CATCH_ALL {
108
/* nothing */
109
}
110
ENDTRY;
111
112
- return FALSE;
113
+ return gt;
114
}
115
116
static gboolean
117
@@ -300,27 +294,24 @@ cmp_ge(fvalue_t *fv_a, fvalue_t *fv_b)
118
{
119
tvbuff_t *a = fv_a->value.tvb;
120
tvbuff_t *b = fv_b->value.tvb;
121
+ gboolean ge = FALSE;
122
123
TRY {
124
guint a_len = tvb_length(a);
125
guint b_len = tvb_length(b);
126
127
if (a_len > b_len) {
128
- return TRUE;
129
+ ge = TRUE;
130
+ } else if (a_len == b_len) {
131
+ ge = (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) >= 0);
132
}
133
-
134
- if (a_len < b_len) {
135
- return FALSE;
136
}
137
-
138
- return (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) >= 0);
139
-}
140
CATCH_ALL {
141
/* nothing */
142
}
143
ENDTRY;
144
145
- return FALSE;
146
+ return ge;
147
}
148
149
static gboolean
150
@@ -328,27 +319,24 @@ cmp_lt(fvalue_t *fv_a, fvalue_t *fv_b)
151
{
152
tvbuff_t *a = fv_a->value.tvb;
153
tvbuff_t *b = fv_b->value.tvb;
154
+ gboolean lt = FALSE;
155
156
TRY {
157
guint a_len = tvb_length(a);
158
guint b_len = tvb_length(b);
159
160
if (a_len < b_len) {
161
- return TRUE;
162
+ lt = TRUE;
163
+ } else if (a_len == b_len) {
164
+ lt = (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) < 0);
165
}
166
-
167
- if (a_len > b_len) {
168
- return FALSE;
169
}
170
-
171
- return (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) < 0);
172
-}
173
CATCH_ALL {
174
/* nothing */
175
}
176
ENDTRY;
177
178
- return FALSE;
179
+ return lt;
180
}
181
182
static gboolean
183
@@ -356,46 +344,42 @@ cmp_le(fvalue_t *fv_a, fvalue_t *fv_b)
184
{
185
tvbuff_t *a = fv_a->value.tvb;
186
tvbuff_t *b = fv_b->value.tvb;
187
+ gboolean le = FALSE;
188
189
TRY {
190
guint a_len = tvb_length(a);
191
guint b_len = tvb_length(b);
192
193
if (a_len < b_len) {
194
- return TRUE;
195
+ le = TRUE;
196
+ } else if (a_len == b_len) {
197
+ le = (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) <= 0);
198
}
199
-
200
- if (a_len > b_len) {
201
- return FALSE;
202
}
203
-
204
- return (memcmp(tvb_get_ptr(a, 0, a_len), tvb_get_ptr(b, 0, a_len), a_len) <= 0);
205
-}
206
CATCH_ALL {
207
/* nothing */
208
}
209
ENDTRY;
210
211
- return FALSE;
212
+ return le;
213
}
214
215
static gboolean
216
cmp_contains(fvalue_t *fv_a, fvalue_t *fv_b)
217
{
218
+ gboolean contains = FALSE;
219
+
220
TRY {
221
if (tvb_find_tvb(fv_a->value.tvb, fv_b->value.tvb, 0) > -1) {
222
- return TRUE;
223
+ contains = TRUE;
224
}
225
- else {
226
- return FALSE;
227
}
228
-}
229
CATCH_ALL {
230
/* nothing */
231
}
232
ENDTRY;
233
234
- return FALSE;
235
+ return contains;
236
}
237
238
#ifdef HAVE_LIBPCRE
239
diff --git a/epan/packet.c b/epan/packet.c
240
index 72ca341..b4e5bd9 100644
241
--- a/epan/packet.c
242
+++ b/epan/packet.c
243
@@ -352,7 +352,31 @@ dissect_packet(epan_dissect_t *edt, union wtap_pseudo_header *pseudo_header,
244
EP_CHECK_CANARY(("before dissecting frame %d",fd->num));
245
246
TRY {
247
- edt->tvb = tvb_new_real_data(pd, fd->cap_len, fd->pkt_len);
248
+ /*
249
+ * XXX - currently, the length arguments to
250
+ * tvb_new_real_data() are signed, but the captured
251
+ * and reported length values are unsigned; this means
252
+ * that length values > 2^31 - 1 will appear as
253
+ * negative lengths in tvb_new_real_data().
254
+ *
255
+ * Captured length values that large will already
256
+ * have been filtered out by the Wiretap modules
257
+ * (the file will be reported as corrupted), to
258
+ * avoid trying to allocate large chunks of data.
259
+ *
260
+ * Reported length values will not have been
261
+ * filtered out, and should not be filtered out,
262
+ * as those lengths are not necessarily invalid.
263
+ *
264
+ * For now, we clip the reported length at G_MAXINT,
265
+ * so that tvb_new_real_data() doesn't fail. It
266
+ * would throw an exception, which we'd catch, but
267
+ * that would mean we would have no tvbuffs
268
+ * associated with edt, which would upset much of
269
+ * the rest of the application.
270
+ */
271
+ edt->tvb = tvb_new_real_data(pd, fd->cap_len,
272
+ fd->pkt_len > G_MAXINT ? G_MAXINT : fd->pkt_len);
273
/* Add this tvbuffer into the data_src list */
274
packet_add_new_data_source(&edt->pi, edt->tree, edt->tvb, "Frame");
275
276
diff --git a/epan/to_str.c b/epan/to_str.c
277
index f92afe5..13b305b 100644
278
--- a/epan/to_str.c
279
+++ b/epan/to_str.c
280
@@ -64,6 +64,7 @@
281
#include <stdio.h>
282
#include <time.h>
283
#include "emem.h"
284
+#include "proto.h"
285
286
/*
287
* If a user _does_ pass in a too-small buffer, this is probably
288
@@ -96,6 +97,9 @@ bytestring_to_str(const guint8 *ad, guint32 len, char punct) {
289
static const gchar hex_digits[16] =
290
{ '0', '1', '2', '3', '4', '5', '6', '7',
291
'8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
292
+ if (!ad) {
293
+ REPORT_DISSECTOR_BUG("Null pointer passed to bytestring_to_str()");
294
+ }
295
296
if (punct)
297
buflen=len*3;
298
diff --git a/wiretap/5views.c b/wiretap/5views.c
299
index f1fb49b..57a1a9a 100644
300
--- a/wiretap/5views.c
301
+++ b/wiretap/5views.c
302
@@ -240,6 +240,16 @@ _5views_read(wtap *wth, int *err, gchar **err_info _U_, gint64 *data_offset)
303
304
packet_size = TimeStamped_Header.RecSize;
305
orig_size = TimeStamped_Header.RecSize;
306
+ if (packet_size > WTAP_MAX_PACKET_SIZE) {
307
+ /*
308
+ * Probably a corrupt capture file; don't blow up trying
309
+ * to allocate space for an immensely-large packet.
310
+ */
311
+ *err = WTAP_ERR_BAD_RECORD;
312
+ *err_info = g_strdup_printf("5views: File has %u-byte packet, bigger than maximum of %u",
313
+ packet_size, WTAP_MAX_PACKET_SIZE);
314
+ return FALSE;
315
+ }
316
317
*data_offset = wth->data_offset;
318
319
diff --git a/wiretap/airopeek9.c b/wiretap/airopeek9.c
320
index 2f7eeb3..6db9ab0 100644
321
--- a/wiretap/airopeek9.c
322
+++ b/wiretap/airopeek9.c
323
@@ -497,10 +497,23 @@ static gboolean airopeekv9_read(wtap *wth, int *err, gchar **err_info,
324
return FALSE;
325
wth->data_offset += hdrlen;
326
327
- /* force sliceLength to be the actual length of the packet */
328
+ /*
329
+ * If sliceLength is 0, force it to be the actual length of the packet.
330
+ */
331
if (hdr_info.sliceLength == 0)
332
hdr_info.sliceLength = hdr_info.length;
333
334
+ if (hdr_info.sliceLength > WTAP_MAX_PACKET_SIZE) {
335
+ /*
336
+ * Probably a corrupt capture file; don't blow up trying
337
+ * to allocate space for an immensely-large packet.
338
+ */
339
+ *err = WTAP_ERR_BAD_RECORD;
340
+ *err_info = g_strdup_printf("airopeek9: File has %u-byte packet, bigger than maximum of %u",
341
+ hdr_info.sliceLength, WTAP_MAX_PACKET_SIZE);
342
+ return FALSE;
343
+ }
344
+
345
/* fill in packet header length values before slicelength may be
346
adjusted */
347
wth->phdr.len = hdr_info.length;
348
diff --git a/wiretap/i4btrace.c b/wiretap/i4btrace.c
349
index dceeb03..0a22296 100644
350
--- a/wiretap/i4btrace.c
351
+++ b/wiretap/i4btrace.c
352
@@ -139,6 +139,16 @@ static gboolean i4btrace_read(wtap *wth, int *err, gchar **err_info,
353
return FALSE;
354
}
355
length = hdr.length - (guint32)sizeof(hdr);
356
+ if (length > WTAP_MAX_PACKET_SIZE) {
357
+ /*
358
+ * Probably a corrupt capture file; don't blow up trying
359
+ * to allocate space for an immensely-large packet.
360
+ */
361
+ *err = WTAP_ERR_BAD_RECORD;
362
+ *err_info = g_strdup_printf("i4btrace: File has %u-byte packet, bigger than maximum of %u",
363
+ length, WTAP_MAX_PACKET_SIZE);
364
+ return FALSE;
365
+ }
366
367
wth->phdr.len = length;
368
wth->phdr.caplen = length;
369
diff --git a/wiretap/iptrace.c b/wiretap/iptrace.c
370
index adc69ad..afc79fd 100644
371
--- a/wiretap/iptrace.c
372
+++ b/wiretap/iptrace.c
373
@@ -152,7 +152,18 @@ static gboolean iptrace_read_1_0(wtap *wth, int *err, gchar **err_info _U_,
374
wth->phdr.pkt_encap = wtap_encap_ift(pkt_hdr.if_type);
375
376
/* Read the packet data */
377
- packet_size = pntohl(&header[0]) - IPTRACE_1_0_PDATA_SIZE;
378
+ packet_size = pntohl(&header[0]);
379
+ if (packet_size < IPTRACE_1_0_PDATA_SIZE) {
380
+ /*
381
+ * Uh-oh, the record isn't big enough to even have a
382
+ * packet meta-data header.
383
+ */
384
+ *err = WTAP_ERR_BAD_RECORD;
385
+ *err_info = g_strdup_printf("iptrace: file has a %u-byte record, too small to have even a packet meta-data header",
386
+ packet_size);
387
+ return FALSE;
388
+ }
389
+ packet_size -= IPTRACE_1_0_PDATA_SIZE;
390
391
/*
392
* AIX appears to put 3 bytes of padding in front of FDDI
393
@@ -163,6 +174,16 @@ static gboolean iptrace_read_1_0(wtap *wth, int *err, gchar **err_info _U_,
394
* The packet size is really a record size and includes
395
* the padding.
396
*/
397
+ if (packet_size < 3) {
398
+ /*
399
+ * Uh-oh, the record isn't big enough to even have
400
+ * the padding.
401
+ */
402
+ *err = WTAP_ERR_BAD_RECORD;
403
+ *err_info = g_strdup_printf("iptrace: file has a %u-byte record, too small to have even a packet meta-data header",
404
+ packet_size + IPTRACE_1_0_PDATA_SIZE);
405
+ return FALSE;
406
+ }
407
packet_size -= 3;
408
wth->data_offset += 3;
409
410
@@ -172,6 +193,16 @@ static gboolean iptrace_read_1_0(wtap *wth, int *err, gchar **err_info _U_,
411
if (!iptrace_read_rec_data(wth->fh, fddi_padding, 3, err))
412
return FALSE; /* Read error */
413
}
414
+ if (packet_size > WTAP_MAX_PACKET_SIZE) {
415
+ /*
416
+ * Probably a corrupt capture file; don't blow up trying
417
+ * to allocate space for an immensely-large packet.
418
+ */
419
+ *err = WTAP_ERR_BAD_RECORD;
420
+ *err_info = g_strdup_printf("iptrace: File has %u-byte packet, bigger than maximum of %u",
421
+ packet_size, WTAP_MAX_PACKET_SIZE);
422
+ return FALSE;
423
+ }
424
425
buffer_assure_space( wth->frame_buffer, packet_size );
426
data_ptr = buffer_start_ptr( wth->frame_buffer );
427
@@ -331,7 +362,18 @@ static gboolean iptrace_read_2_0(wtap *wth, int *err, gchar **err_info _U_,
428
wth->phdr.pkt_encap = wtap_encap_ift(pkt_hdr.if_type);
429
430
/* Read the packet data */
431
- packet_size = pntohl(&header[0]) - IPTRACE_2_0_PDATA_SIZE;
432
+ packet_size = pntohl(&header[0]);
433
+ if (packet_size < IPTRACE_2_0_PDATA_SIZE) {
434
+ /*
435
+ * Uh-oh, the record isn't big enough to even have a
436
+ * packet meta-data header.
437
+ */
438
+ *err = WTAP_ERR_BAD_RECORD;
439
+ *err_info = g_strdup_printf("iptrace: file has a %u-byte record, too small to have even a packet meta-data header",
440
+ packet_size);
441
+ return FALSE;
442
+ }
443
+ packet_size -= IPTRACE_2_0_PDATA_SIZE;
444
445
/*
446
* AIX appears to put 3 bytes of padding in front of FDDI
447
@@ -342,6 +384,16 @@ static gboolean iptrace_read_2_0(wtap *wth, int *err, gchar **err_info _U_,
448
* The packet size is really a record size and includes
449
* the padding.
450
*/
451
+ if (packet_size < 3) {
452
+ /*
453
+ * Uh-oh, the record isn't big enough to even have
454
+ * the padding.
455
+ */
456
+ *err = WTAP_ERR_BAD_RECORD;
457
+ *err_info = g_strdup_printf("iptrace: file has a %u-byte record, too small to have even a packet meta-data header",
458
+ packet_size + IPTRACE_2_0_PDATA_SIZE);
459
+ return FALSE;
460
+ }
461
packet_size -= 3;
462
wth->data_offset += 3;
463
464
@@ -351,6 +403,16 @@ static gboolean iptrace_read_2_0(wtap *wth, int *err, gchar **err_info _U_,
465
if (!iptrace_read_rec_data(wth->fh, fddi_padding, 3, err))
466
return FALSE; /* Read error */
467
}
468
+ if (packet_size > WTAP_MAX_PACKET_SIZE) {
469
+ /*
470
+ * Probably a corrupt capture file; don't blow up trying
471
+ * to allocate space for an immensely-large packet.
472
+ */
473
+ *err = WTAP_ERR_BAD_RECORD;
474
+ *err_info = g_strdup_printf("iptrace: File has %u-byte packet, bigger than maximum of %u",
475
+ packet_size, WTAP_MAX_PACKET_SIZE);
476
+ return FALSE;
477
+ }
478
479
buffer_assure_space( wth->frame_buffer, packet_size );
480
data_ptr = buffer_start_ptr( wth->frame_buffer );
481
diff --git a/wiretap/lanalyzer.c b/wiretap/lanalyzer.c
482
index 6cca77d..cb60a61 100644
483
--- a/wiretap/lanalyzer.c
484
+++ b/wiretap/lanalyzer.c
485
@@ -319,6 +319,16 @@ static gboolean lanalyzer_read(wtap *wth, int *err, gchar **err_info,
486
return FALSE;
487
}
488
else {
489
+ if (record_length < DESCRIPTOR_LEN) {
490
+ /*
491
+ * Uh-oh, the record isn't big enough to even have a
492
+ * descriptor.
493
+ */
494
+ *err = WTAP_ERR_BAD_RECORD;
495
+ *err_info = g_strdup_printf("lanalyzer: file has a %u-byte record, too small to have even a packet descriptor",
496
+ record_length);
497
+ return FALSE;
498
+ }
499
packet_size = record_length - DESCRIPTOR_LEN;
500
}
501
502
diff --git a/wiretap/netmon.c b/wiretap/netmon.c
503
index 90921d5..c82ff9f 100644
504
--- a/wiretap/netmon.c
505
+++ b/wiretap/netmon.c
506
@@ -271,6 +271,26 @@ int netmon_open(wtap *wth, int *err, gchar **err_info)
507
g_free(wth->capture.netmon);
508
return -1;
509
}
510
+ /*
511
+ * XXX - clamp the size of the frame table, so that we don't
512
+ * attempt to allocate a huge frame table and fail.
513
+ *
514
+ * Given that file offsets in the frame table are 32-bit,
515
+ * a NetMon file cannot be bigger than 2^32 bytes.
516
+ * Given that a NetMon 1.x-format packet header is 8 bytes,
517
+ * that means a NetMon file cannot have more than
518
+ * 512*2^20 packets. We'll pick that as the limit for
519
+ * now; it's 1/8th of a 32-bit address space, which is
520
+ * probably not going to exhaust the address space all by
521
+ * itself, and probably won't exhaust the backing store.
522
+ */
523
+ if (frame_table_size > 512*1024*1024) {
524
+ *err = WTAP_ERR_UNSUPPORTED;
525
+ *err_info = g_strdup_printf("netmon: frame table length is %u, which is larger than we support",
526
+ frame_table_length);
527
+ g_free(wth->capture.netmon);
528
+ return -1;
529
+ }
530
if (file_seek(wth->fh, frame_table_offset, SEEK_SET, err) == -1) {
531
g_free(wth->capture.netmon);
532
return -1;
533
diff --git a/wiretap/nettl.c b/wiretap/nettl.c
534
index 5e2dbec..da8ca72 100644
535
--- a/wiretap/nettl.c
536
+++ b/wiretap/nettl.c
537
@@ -306,6 +306,17 @@ static gboolean nettl_read(wtap *wth, int *err, gchar **err_info,
538
}
539
wth->data_offset += ret;
540
541
+ if (wth->phdr.caplen > WTAP_MAX_PACKET_SIZE) {
542
+ /*
543
+ * Probably a corrupt capture file; don't blow up trying
544
+ * to allocate space for an immensely-large packet.
545
+ */
546
+ *err = WTAP_ERR_BAD_RECORD;
547
+ *err_info = g_strdup_printf("nettl: File has %u-byte packet, bigger than maximum of %u",
548
+ wth->phdr.caplen, WTAP_MAX_PACKET_SIZE);
549
+ return FALSE;
550
+ }
551
+
552
/*
553
* If the per-file encapsulation isn't known, set it to this
554
* packet's encapsulation.
555
diff --git a/wiretap/packetlogger.c b/wiretap/packetlogger.c
556
index e993564..fdc8cce 100644
557
--- a/wiretap/packetlogger.c
558
+++ b/wiretap/packetlogger.c
559
@@ -106,6 +106,16 @@ packetlogger_read(wtap *wth, int *err, gchar **err_info, gint64 *data_offset)
560
*err = WTAP_ERR_BAD_RECORD;
561
return FALSE;
562
}
563
+ if (pl_hdr.len - 8 > WTAP_MAX_PACKET_SIZE) {
564
+ /*
565
+ * Probably a corrupt capture file; don't blow up trying
566
+ * to allocate space for an immensely-large packet.
567
+ */
568
+ *err = WTAP_ERR_BAD_RECORD;
569
+ *err_info = g_strdup_printf("packetlogger: File has %u-byte packet, bigger than maximum of %u",
570
+ pl_hdr.len - 8, WTAP_MAX_PACKET_SIZE);
571
+ return FALSE;
572
+ }
573
574
buffer_assure_space(wth->frame_buffer, pl_hdr.len - 8);
575
bytes_read = file_read(buffer_start_ptr(wth->frame_buffer), 1,
Loggerhead is a web-based interface for Breezy
Version: 2.0.1