Add missing check for a too-large packet, so we don't blow up trying to

allocate a huge buffer; fixes bug 6666. svn path=/trunk/; revision=40165
author: Guy Harris <guy@alum.mit.edu> 2011-12-13 00:57:09 +0000
committer: Guy Harris <guy@alum.mit.edu> 2011-12-13 00:57:09 +0000
commit: b669a11931e84076a113010c294d5eb3fce116d3 (patch)
tree: 2ac12a128dec0baf69469843bd7d211abaa575e0 /wiretap/5views.c
parent: c1f993eef530b4eeb708bd358408215df888b2a6 (diff)
download: wireshark-b669a11931e84076a113010c294d5eb3fce116d3.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/wiretap/5views.c b/wiretap/5views.c
index 2e3011904d..7fd391cbbb 100644
--- a/wiretap/5views.c
+++ b/wiretap/5views.c
@@ -240,6 +240,16 @@ _5views_read(wtap *wth, int *err, gchar **err_info, gint64 *data_offset)
 
 	packet_size = TimeStamped_Header.RecSize;
 	orig_size = TimeStamped_Header.RecSize;
+	if (packet_size > WTAP_MAX_PACKET_SIZE) {
+		/*
+		 * Probably a corrupt capture file; don't blow up trying
+		 * to allocate space for an immensely-large packet.
+		 */
+		*err = WTAP_ERR_BAD_RECORD;
+		*err_info = g_strdup_printf("5views: File has %u-byte packet, bigger than maximum of %u",
+		    packet_size, WTAP_MAX_PACKET_SIZE);
+		return FALSE;
+	}
 
 	*data_offset = wth->data_offset;
author	Guy Harris <guy@alum.mit.edu>	2011-12-13 00:57:09 +0000
committer	Guy Harris <guy@alum.mit.edu>	2011-12-13 00:57:09 +0000
commit	b669a11931e84076a113010c294d5eb3fce116d3 (patch)
tree	2ac12a128dec0baf69469843bd7d211abaa575e0 /wiretap/5views.c
parent	c1f993eef530b4eeb708bd358408215df888b2a6 (diff)
download	wireshark-b669a11931e84076a113010c294d5eb3fce116d3.tar.gz