Make sure we don't create comment options longer than 65535 bytes.

Check in both editcap and Wireshark to make sure that comments have fewer than 65536 bytes before accepting them. This shoudl fix #18235, although there should also be checks in libwiretap to catch cases where the user interface code doesn't do the check (it should be done in the UI so that the user gets notified appropriately).
author: Guy Harris <gharris@sonic.net> 2022-08-02 16:38:49 -0700
committer: Guy Harris <gharris@sonic.net> 2022-08-02 16:38:49 -0700
commit: 71f32ef2a8bc18c65e856609a68778db2b32930d (patch)
tree: 20eda9d2a7441e40e949fb75f9711d68e3587b75 /editcap.c
parent: 4d9167908c4da68861ff4d68852b1b7a42b9d172 (diff)
1 files changed, 30 insertions, 0 deletions
diff --git a/editcap.c b/editcap.c
index 6738a25df5..fb123bc521 100644
--- a/editcap.c
+++ b/editcap.c
@@ -1284,6 +1284,21 @@ main(int argc, char *argv[])
 
         case LONGOPT_CAPTURE_COMMENT:
         {
+            /*
+             * Make sure this would fit in a pcapng option.
+             *
+             * XXX - 65535 is the maximum size for an option in pcapng;
+             * what if another capture file format supports larger
+             * comments?
+             */
+            if (strlen(ws_optarg) > 65535) {
+                /* It doesn't fit.  Tell the user and give up. */
+                cmdarg_err("Capture comment %u is too large to save in a capture file.",
+                           capture_comments->len + 1);
+                ret = INVALID_OPTION;
+                goto clean_exit;
+            }
+
             /* pcapng supports multiple comments, so support them here too.
              */
             if (!capture_comments) {
@@ -1311,6 +1326,21 @@ main(int argc, char *argv[])
                 goto clean_exit;
             }
 
+            /*
+             * Make sure this would fit in a pcapng option.
+             *
+             * XXX - 65535 is the maximum size for an option in pcapng;
+             * what if another capture file format supports larger
+             * comments?
+             */
+            if (strlen(ws_optarg+string_start_index) > 65535) {
+                /* It doesn't fit.  Tell the user and give up. */
+                cmdarg_err("A comment for frame %u is too large to save in a capture file.",
+                           frame_number);
+                ret = INVALID_OPTION;
+                goto clean_exit;
+            }
+
             /* Lazily create the table */
             if (!frames_user_comments) {
                 frames_user_comments = g_tree_new_full(framenum_compare, NULL, NULL, g_free);
author	Guy Harris <gharris@sonic.net>	2022-08-02 16:38:49 -0700
committer	Guy Harris <gharris@sonic.net>	2022-08-02 16:38:49 -0700
commit	71f32ef2a8bc18c65e856609a68778db2b32930d (patch)
tree	20eda9d2a7441e40e949fb75f9711d68e3587b75 /editcap.c
parent	4d9167908c4da68861ff4d68852b1b7a42b9d172 (diff)