stanag4607: add check for wtap max size.

Bug: 11472 Change-Id: Ic269046e697ac5e65301caf4ea5586098d030458 Reviewed-on: https://code.wireshark.org/review/10279 Reviewed-by: Evan Huus <eapache@gmail.com> Petri-Dish: Evan Huus <eapache@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
author: Dario Lombardo <lomato@gmail.com> 2015-08-27 18:01:27 +0200
committer: Anders Broman <a.broman58@gmail.com> 2015-08-30 09:46:22 +0000
commit: e0a87d8cd1c738a012295f8cbf107de7fe131a75 (patch)
tree: 22088a4872d5839a2268d252a1bfbca0f386fb78 /wiretap
parent: 6c065783c5698e699067ad2b50fd884ee8408ace (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/wiretap/stanag4607.c b/wiretap/stanag4607.c
index 1845cc0ab5..9aa3105ba3 100644
--- a/wiretap/stanag4607.c
+++ b/wiretap/stanag4607.c
@@ -73,6 +73,16 @@ static gboolean stanag4607_read_file(wtap *wth, FILE_T fh, struct wtap_pkthdr *p
 
   /* The next 4 bytes are the packet length */
   packet_size = pntoh32(&stanag_pkt_hdr[2]);
+  if (packet_size > WTAP_MAX_PACKET_SIZE) {
+    /*
+     * Probably a corrupt capture file; don't blow up trying
+     * to allocate space for an immensely-large packet.
+     */
+    *err = WTAP_ERR_BAD_FILE;
+    *err_info = g_strdup_printf("stanag4607: File has %" G_GUINT32_FORMAT "d-byte packet, "
+      "bigger than maximum of %u", packet_size, WTAP_MAX_PACKET_SIZE);
+    return FALSE;
+  }
   phdr->caplen = packet_size;
   phdr->len = packet_size;
author	Dario Lombardo <lomato@gmail.com>	2015-08-27 18:01:27 +0200
committer	Anders Broman <a.broman58@gmail.com>	2015-08-30 09:46:22 +0000
commit	e0a87d8cd1c738a012295f8cbf107de7fe131a75 (patch)
tree	22088a4872d5839a2268d252a1bfbca0f386fb78 /wiretap
parent	6c065783c5698e699067ad2b50fd884ee8408ace (diff)