diff options
author | Guy Harris <guy@alum.mit.edu> | 2014-04-25 10:44:11 -0700 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2014-04-25 17:44:47 +0000 |
commit | 6d6094e3498254de69f4878502a97b7fa3028207 (patch) | |
tree | 9c5d4ae7d4fd99b9befa79546cdf2234cfb6bb3f /wiretap/wtap.c | |
parent | 83fe3572c5d21b38cebf19ab07b2b10c1fa0816a (diff) |
Don't fail if a pcap-NG PB or EPB has caplen > actual len.
We don't fail for other file types; there's no point in failing for
pcap-NG. wtap_read() will ensure that caplen <= len.
Make wtap_seek_read() ensure that caplen <= len as well.
Fixes bug 10037.
Change-Id: I41fbcf54341ea0429cef875442ea1f1377177a5f
Reviewed-on: https://code.wireshark.org/review/1353
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'wiretap/wtap.c')
-rw-r--r-- | wiretap/wtap.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/wiretap/wtap.c b/wiretap/wtap.c index 2d04375366..343a9b23c4 100644 --- a/wiretap/wtap.c +++ b/wiretap/wtap.c @@ -1075,5 +1075,23 @@ gboolean wtap_seek_read(wtap *wth, gint64 seek_off, struct wtap_pkthdr *phdr, Buffer *buf, int *err, gchar **err_info) { - return wth->subtype_seek_read(wth, seek_off, phdr, buf, err, err_info); + if (!wth->subtype_seek_read(wth, seek_off, phdr, buf, err, err_info)) + return FALSE; + + /* + * It makes no sense for the captured data length to be bigger + * than the actual data length. + */ + if (wth->phdr.caplen > wth->phdr.len) + wth->phdr.caplen = wth->phdr.len; + + /* + * Make sure that it's not WTAP_ENCAP_PER_PACKET, as that + * probably means the file has that encapsulation type + * but the read routine didn't set this packet's + * encapsulation type. + */ + g_assert(wth->phdr.pkt_encap != WTAP_ENCAP_PER_PACKET); + + return TRUE; } |