Don't write out packets that have a "captured length" bigger than we're

willing to read or that's bigger than will fit in the file format; instead, report an error. For the "I can't write a packet of that type in that file type" error, report the file type in question. svn path=/trunk/; revision=54882
author: Guy Harris <guy@alum.mit.edu> 2014-01-22 00:26:36 +0000
committer: Guy Harris <guy@alum.mit.edu> 2014-01-22 00:26:36 +0000
commit: 90d7c5f59b574e254bc1bb70aaaf12372fe97cc3 (patch)
tree: 7bc8e69b7cc459b8dfef190d1b33a7cb092a7bf3 /wiretap/ngsniffer.c
parent: 5c825d6a364d83dace7b6c682aa47678e89df79b (diff)
download: wireshark-90d7c5f59b574e254bc1bb70aaaf12372fe97cc3.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/wiretap/ngsniffer.c b/wiretap/ngsniffer.c
index 0e33072ca7..58031ff38e 100644
--- a/wiretap/ngsniffer.c
+++ b/wiretap/ngsniffer.c
@@ -2075,6 +2075,13 @@ ngsniffer_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
 	guint16 start_date;
 	struct tm *tm;
 
+	/* The captured length field is 16 bits, so there's a hard
+	   limit of 65535. */
+	if (phdr->caplen > 65535) {
+		*err = WTAP_ERR_PACKET_TOO_LARGE;
+		return FALSE;
+	}
+
 	/* Sniffer files have a capture start date in the file header, and
 	   have times relative to the beginning of that day in the packet
 	   headers; pick the date of the first packet as the capture start
author	Guy Harris <guy@alum.mit.edu>	2014-01-22 00:26:36 +0000
committer	Guy Harris <guy@alum.mit.edu>	2014-01-22 00:26:36 +0000
commit	90d7c5f59b574e254bc1bb70aaaf12372fe97cc3 (patch)
tree	7bc8e69b7cc459b8dfef190d1b33a7cb092a7bf3 /wiretap/ngsniffer.c
parent	5c825d6a364d83dace7b6c682aa47678e89df79b (diff)
download	wireshark-90d7c5f59b574e254bc1bb70aaaf12372fe97cc3.tar.gz