diff options
Diffstat (limited to 'wiretap/stanag4607.c')
-rw-r--r-- | wiretap/stanag4607.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/wiretap/stanag4607.c b/wiretap/stanag4607.c index 5636b72dd2..e2c141a6cd 100644 --- a/wiretap/stanag4607.c +++ b/wiretap/stanag4607.c @@ -32,6 +32,9 @@ typedef struct { time_t base_secs; } stanag4607_t; +#define PKT_HDR_SIZE 32 /* size of a packet header */ +#define SEG_HDR_SIZE 5 /* size of a segment header */ + static gboolean is_valid_id(guint16 version_id) { #define VERSION_21 0x3231 @@ -49,7 +52,7 @@ static gboolean stanag4607_read_file(wtap *wth, FILE_T fh, struct wtap_pkthdr *p stanag4607_t *stanag4607 = (stanag4607_t *)wth->priv; guint32 millisecs, secs, nsecs; gint64 offset = 0; - guint8 stanag_pkt_hdr[37]; + guint8 stanag_pkt_hdr[PKT_HDR_SIZE+SEG_HDR_SIZE]; guint32 packet_size; *err = 0; @@ -79,6 +82,16 @@ static gboolean stanag4607_read_file(wtap *wth, FILE_T fh, struct wtap_pkthdr *p "bigger than maximum of %u", packet_size, WTAP_MAX_PACKET_SIZE); return FALSE; } + if (packet_size < PKT_HDR_SIZE+SEG_HDR_SIZE) { + /* + * Probably a corrupt capture file; don't, for example, loop + * infinitely if the size is zero. + */ + *err = WTAP_ERR_BAD_FILE; + *err_info = g_strdup_printf("stanag4607: File has %" G_GUINT32_FORMAT "d-byte packet, " + "smaller than minimum of %u", packet_size, PKT_HDR_SIZE+SEG_HDR_SIZE); + return FALSE; + } phdr->caplen = packet_size; phdr->len = packet_size; |