Accept file snaplen larger than WTAP_MAX_PACKET_SIZE,

text2pcap uses 102400.
This fixes bug 3620. Thanks to Tyson Key for reporting the bug
and providing capture files.
This fix should be included in Wireshark 1.2.1 and higher.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@28866 f5534014-38df-0310-8fa8-9805f1628bb7

1 files changed, 6 insertions, 6 deletions

diff --git a/wiretap/pcapng.c b/wiretap/pcapng.c
index 0cd6a127be..88d9ada5f5 100644
--- a/wiretap/pcapng.c
+++ b/wiretap/pcapng.c
@@ -527,14 +527,14 @@ pcapng_read_if_descr_block(FILE_T fh, pcapng_block_header_t *bh, pcapng_t *pn,
 		      wtap_encap_string(wtap_pcap_encap_to_wtap_encap(wblock->data.if_descr.link_type)),
 		      wblock->data.if_descr.snap_len);
 
-	/* XXX - sanity check of snapshot length */
-	/* XXX - while a very big snapshot length is valid, it's more likely that it's a bug in the file */
-	/* XXX - so do a sanity check for now, it's likely e.g. a byte swap order problem */
 	if (wblock->data.if_descr.snap_len > WTAP_MAX_PACKET_SIZE) {
-		pcapng_debug1("pcapng_read_if_descr_block: snapshot length %u unrealistic", 
+		/* This is unrealisitic, but text2pcap currently uses 102400.
+		 * We do not use this value, maybe we should check the
+		 * snap_len of the packets against it. For now, only warn.
+		 */
+		pcapng_debug1("pcapng_read_if_descr_block: snapshot length %u unrealistic.",
 			      wblock->data.if_descr.snap_len);
-		/*wblock->data.if_descr.snap_len = 65535;*/
-		return 0;
+		/*wblock->data.if_descr.snap_len = WTAP_MAX_PACKET_SIZE;*/
 	}
 
 	/* Option defaults */