diff options
Diffstat (limited to 'wiretap/visual.c')
-rw-r--r-- | wiretap/visual.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/wiretap/visual.c b/wiretap/visual.c index 306fb0211b..9c48fe22be 100644 --- a/wiretap/visual.c +++ b/wiretap/visual.c @@ -420,6 +420,15 @@ static gboolean visual_read(wtap *wth, int *err, gchar **err_info, break; } + if (wth->phdr.len > WTAP_MAX_PACKET_SIZE) { + /* Check if wth->phdr.len is sane, small values of wth.phdr.len before + the case loop above can cause integer underflows */ + *err = WTAP_ERR_BAD_RECORD; + *err_info = g_strdup_printf("visual: File has %u-byte original packet, bigger than maximum of %u", + wth->phdr.len, WTAP_MAX_PACKET_SIZE); + return FALSE; + } + /* Sanity check */ if (wth->phdr.len < wth->phdr.caplen) { |