From 6332c2f45e5f0b23893a41def45384911f28109a Mon Sep 17 00:00:00 2001
From: Guy Harris <guy@alum.mit.edu>
Date: Sun, 1 May 2016 17:52:45 -0700
Subject: Don't assume packets will be no larger than ISERIES_MAX_PACKET_LEN.

We don't check against it.  Insteead, use phdr->caplen as the buffer
size; that's based on the number of hex digits we've found.

While we're at it, also get rid of ISERIES_PKT_ALLOC_SIZE - it makes it
less obvious that it's based on the packet length from the packet
header.

Change-Id: I8ad6306c62e7bc4cf896b335f39a5a77780fb2ea
Reviewed-on: https://code.wireshark.org/review/15236
Reviewed-by: Guy Harris <guy@alum.mit.edu>
---
 wiretap/iseries.c | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

(limited to 'wiretap/iseries.c')

diff --git a/wiretap/iseries.c b/wiretap/iseries.c
index c2e6c41730..746091386a 100644
--- a/wiretap/iseries.c
+++ b/wiretap/iseries.c
@@ -162,9 +162,7 @@ Number  S/R  Length    Timer                        MAC Address   MAC Address
 #define ISERIES_LINE_LENGTH           270
 #define ISERIES_HDR_LINES_TO_CHECK    100
 #define ISERIES_PKT_LINES_TO_CHECK    4
-#define ISERIES_MAX_PACKET_LEN        16384
 #define ISERIES_MAX_TRACE_LEN         99999999
-#define ISERIES_PKT_ALLOC_SIZE        (pkt_len*2)+1
 #define ISERIES_FORMAT_ASCII          1
 #define ISERIES_FORMAT_UNICODE        2
 
@@ -774,8 +772,8 @@ iseries_parse_packet (wtap * wth, FILE_T fh, struct wtap_pkthdr *phdr,
   phdr->pkt_encap                 = WTAP_ENCAP_ETHERNET;
   phdr->pseudo_header.eth.fcs_len = -1;
 
-  ascii_buf = (char *)g_malloc (ISERIES_PKT_ALLOC_SIZE);
-  g_snprintf(ascii_buf, ISERIES_PKT_ALLOC_SIZE, "%s%s%s", destmac, srcmac, type);
+  ascii_buf = (char *)g_malloc ((pkt_len*2)+1);
+  g_snprintf(ascii_buf, (pkt_len*2)+1, "%s%s%s", destmac, srcmac, type);
   ascii_offset = 14*2; /* 14-byte Ethernet header, 2 characters per byte */
 
   /*
@@ -838,7 +836,7 @@ iseries_parse_packet (wtap * wth, FILE_T fh, struct wtap_pkthdr *phdr,
               strncmp(data + 22, "Option  Hdr:  ", 14) == 0)
             {
               ascii_offset = append_hex_digits(ascii_buf, ascii_offset,
-                                               ISERIES_PKT_ALLOC_SIZE - 1,
+                                               pkt_len*2,
                                                data + 22 + 14, err,
                                                err_info);
               if (ascii_offset == -1)
@@ -860,7 +858,7 @@ iseries_parse_packet (wtap * wth, FILE_T fh, struct wtap_pkthdr *phdr,
           if (strncmp(data + 9, "Data . . . . . :  ", 18) == 0)
             {
               ascii_offset = append_hex_digits(ascii_buf, ascii_offset,
-                                               ISERIES_PKT_ALLOC_SIZE - 1,
+                                               pkt_len*2,
                                                data + 9 + 18, err,
                                                err_info);
               if (ascii_offset == -1)
@@ -883,7 +881,7 @@ iseries_parse_packet (wtap * wth, FILE_T fh, struct wtap_pkthdr *phdr,
       if (offset == 36 || offset == 27)
         {
           ascii_offset = append_hex_digits(ascii_buf, ascii_offset,
-                                           ISERIES_PKT_ALLOC_SIZE - 1,
+                                           pkt_len*2,
                                            data + offset, err,
                                            err_info);
           if (ascii_offset == -1)
@@ -932,7 +930,7 @@ iseries_parse_packet (wtap * wth, FILE_T fh, struct wtap_pkthdr *phdr,
   phdr->caplen = ((guint32) strlen (ascii_buf))/2;
 
   /* Make sure we have enough room for the packet. */
-  ws_buffer_assure_space (buf, ISERIES_MAX_PACKET_LEN);
+  ws_buffer_assure_space (buf, phdr->caplen);
   /* Convert ascii data to binary and return in the frame buffer */
   iseries_parse_hex_string (ascii_buf, ws_buffer_start_ptr (buf), strlen (ascii_buf));
 
-- 
cgit v1.2.1