Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 1972] Fail to load I4B traces

Wireshark-bugs: [Wireshark-bugs] [Bug 1972] Fail to load I4B traces

Date: Mon, 5 Nov 2007 14:23:36 +0000 (GMT)

http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1972





------- Comment #3 from florent.drouin@xxxxxxxxxx  2007-11-05 14:23 GMT -------
There is a test missing in the erf_open function in wiretap/erf.c
we have to check the length of the first ERF headers to validate the file
format.

<<
wireshark_TRUNK23365$ diff -u wiretap/erf.c.ori wiretap/erf.c
--- wiretap/erf.c.ori   2007-11-01 07:23:20.000000000 +0100
+++ wiretap/erf.c       2007-11-05 15:11:08.000000000 +0100
@@ -120,6 +120,14 @@

     packet_size = g_ntohs(header.rlen) - sizeof(header);

+    if (packet_size > WTAP_MAX_PACKET_SIZE) {
+      /*
+       * Probably a corrupt capture file; don't blow up trying
+       * to allocate space for an immensely-large packet.
+       */
+      return 0;
+    }
+    
     /* fail on invalid record type, decreasing timestamps or non-zero pad-bits
*/
     /* Not all types within this range are decoded, but it is a first filter
*/
     if (header.type == 0 || header.type > ERF_TYPE_MAX ) {
>>


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

References:
- [Wireshark-bugs] [Bug 1972] New: Decode I4B traces as ASN.1 BER
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 1651] Warn dissector bug, memory error, crashes Wireshark
Next by Date: [Wireshark-bugs] [Bug 1973] ISDN filters for direction
Previous by thread: [Wireshark-bugs] [Bug 1972] Fail to load I4B traces
Next by thread: [Wireshark-bugs] [Bug 1972] Fail to load I4B traces
Index(es):
- Date
- Thread