diff options
author | Peter Wu <peter@lekensteyn.nl> | 2018-11-10 23:03:16 +0100 |
---|---|---|
committer | Michael Mann <mmann78@netscape.net> | 2018-11-10 23:24:05 +0000 |
commit | 961f1388e443b5b08594ec7e9a8d9628f039d4d0 (patch) | |
tree | 0bbdcf78ce6f92b15090a67ac355d63ce12c444a /wiretap/json.c | |
parent | a0bb983834c87a0aa6da7b9fe1f850139354c125 (diff) |
wiretap: fix truncated reads while reading compressed file formats
A lot of file dissectors (pcapng, json, etc.) assumed that the packet
size is equal to the file size. This is not true if the file was
compressed and could result in silently truncating reads or failing to
open a file (if the compressed file is larger than the actual data).
Observe that a lot of file dissectors are simply copies of each other.
Move the fixed implementation to wtap.c and reuse the methods everywhere
else. While at it, avoid an unnecessary large allocation/read in
ruby_marshal.
Change-Id: I8e9cd0af9c4d1bd37789a3b509146ae2182a5379
Reviewed-on: https://code.wireshark.org/review/30570
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Diffstat (limited to 'wiretap/json.c')
-rw-r--r-- | wiretap/json.c | 72 |
1 files changed, 6 insertions, 66 deletions
diff --git a/wiretap/json.c b/wiretap/json.c index c8d016905d..8bb7fe4d20 100644 --- a/wiretap/json.c +++ b/wiretap/json.c @@ -15,76 +15,16 @@ #include "json.h" #include <wsutil/wsjson.h> -static gboolean json_read_file(wtap *wth, FILE_T fh, wtap_rec *rec, - Buffer *buf, int *err, gchar **err_info) -{ - gint64 file_size; - int packet_size; - - if ((file_size = wtap_file_size(wth, err)) == -1) - return FALSE; - - if (file_size > MAX_FILE_SIZE) { - /* - * Don't blow up trying to allocate space for an - * immensely-large file. - */ - *err = WTAP_ERR_BAD_FILE; - *err_info = g_strdup_printf("json: File has %" G_GINT64_MODIFIER "d-byte packet, bigger than maximum of %u", - file_size, MAX_FILE_SIZE); - return FALSE; - } - packet_size = (int)file_size; - - rec->rec_type = REC_TYPE_PACKET; - rec->presence_flags = 0; /* yes, we have no bananas^Wtime stamp */ - - rec->rec_header.packet_header.caplen = packet_size; - rec->rec_header.packet_header.len = packet_size; - - rec->ts.secs = 0; - rec->ts.nsecs = 0; - - return wtap_read_packet_bytes(fh, buf, packet_size, err, err_info); -} - -static gboolean json_seek_read(wtap *wth, gint64 seek_off, wtap_rec *rec, Buffer *buf, - int *err, gchar **err_info) -{ - /* there is only one packet */ - if (seek_off > 0) { - *err = 0; - return FALSE; - } - - if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1) - return FALSE; - - return json_read_file(wth, wth->random_fh, rec, buf, err, err_info); -} - -static gboolean json_read(wtap *wth, int *err, gchar **err_info, gint64 *data_offset) -{ - gint64 offset; - - *err = 0; - - offset = file_tell(wth->fh); - - /* there is only ever one packet */ - if (offset != 0) - return FALSE; - - *data_offset = offset; - - return json_read_file(wth, wth->fh, &wth->rec, wth->rec_data, err, err_info); -} +/* Maximum size of json file. */ +#define MAX_FILE_SIZE (50*1024*1024) wtap_open_return_val json_open(wtap *wth, int *err, gchar **err_info) { guint8* filebuf; int bytes_read; + /* XXX checking the full file contents might be a bit expensive, maybe + * resort to simpler heuristics like '{' or '[' (with some other chars)? */ filebuf = (guint8*)g_malloc0(MAX_FILE_SIZE); if (!filebuf) return WTAP_OPEN_ERROR; @@ -115,8 +55,8 @@ wtap_open_return_val json_open(wtap *wth, int *err, gchar **err_info) wth->file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_JSON; wth->file_encap = WTAP_ENCAP_JSON; wth->file_tsprec = WTAP_TSPREC_SEC; - wth->subtype_read = json_read; - wth->subtype_seek_read = json_seek_read; + wth->subtype_read = wtap_full_file_read; + wth->subtype_seek_read = wtap_full_file_seek_read; wth->snapshot_length = 0; g_free(filebuf); |