From 765405da3e7ee501935e04a818beda6fffa4ccf9 Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Wed, 25 Jun 2014 14:05:36 -0700 Subject: Update a comment. Also, make the block of code containing that comment intended consistently with spaces. Change-Id: I8e8eb346833662f15c53ece5869b12cc430bad11 Reviewed-on: https://code.wireshark.org/review/2661 Reviewed-by: Guy Harris --- wiretap/libpcap.c | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c index fb920d4e08..83ff0886d9 100644 --- a/wiretap/libpcap.c +++ b/wiretap/libpcap.c @@ -763,21 +763,24 @@ static int libpcap_read_header(wtap *wth, FILE_T fh, int *err, gchar **err_info, } if (hdr->hdr.orig_len > 64*1024*1024) { - /* + /* * In theory I guess the on-the-wire packet size can be * arbitrarily large, and it can certainly be larger than the - * 64KB which bounds the snapshot size, but any file claiming - * 64MB in a single packet is *probably* corrupt, and makes the - * heuristics much more reliable. See, for example, - * https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9634 - * (64MB is an arbitrary size at this point) - */ - *err = WTAP_ERR_BAD_FILE; - if (err_info != NULL) { - *err_info = g_strdup_printf("pcap: File claims packet was %u bytes on the wire", - hdr->hdr.orig_len); - } - return -1; + * maximum snapshot length which bounds the snapshot size, + * but any file claiming 64MB in a single packet is *probably* + * corrupt, and treating them as such makes the heuristics + * much more reliable. See, for example, + * + * https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9634 + * + * (64MB is an arbitrary size at this point). + */ + *err = WTAP_ERR_BAD_FILE; + if (err_info != NULL) { + *err_info = g_strdup_printf("pcap: File claims packet was %u bytes on the wire", + hdr->hdr.orig_len); + } + return -1; } /* Disabling because this is not a fatal error, and packets that have -- cgit v1.2.3