wireshark/wireshark-0013-Copy-over-r49999-from-trunk.patch
Peter Lemenkov 65d033ba77 Few bugfixes and enhancements
- Updated RTPproxy dissector (again)
- Allow packets more than 64k (for USB capture). See patch no. 13
- Don't die during loading of some SIP capture files. See patch no. 14
- Backport support for RTPproxy dissector timeouts detection. See patch no. 15

Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
2013-11-27 16:24:19 +04:00

61 lines
2.1 KiB
Diff

From: Guy Harris <guy@alum.mit.edu>
Date: Thu, 7 Nov 2013 01:54:16 +0000
Subject: [PATCH] Copy over r49999 from trunk:
------------------------------------------------------------------------
r49999 | eapache | 2013-06-17 18:02:26 -0700 (Mon, 17 Jun 2013) | 10 lines
Don't limit the on-the-wire length of packets to 64KB, there are larger packets
out there (especially over USB) and we should be able to load them as long as
they are snapped to a sane length.
Also validate that packets do not specify a snapshot length larger than the one
in the file header, though only make it a warning, as this is not necessarily a
fatally corrupt packet.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808
------------------------------------------------------------------------
Also fixes bug 9390.
svn path=/trunk-1.10/; revision=53123
diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c
index cb9e97c..9601332 100644
--- a/wiretap/libpcap.c
+++ b/wiretap/libpcap.c
@@ -773,21 +773,8 @@ static int libpcap_read_header(wtap *wth, int *err, gchar **err_info,
return -1;
}
- if (hdr->hdr.orig_len > WTAP_MAX_PACKET_SIZE) {
- /*
- * Probably a corrupt capture file; return an error,
- * so that our caller doesn't blow up trying to
- * cope with a huge "real" packet length, and so that
- * the code to try to guess what type of libpcap file
- * this is can tell when it's not the type we're guessing
- * it is.
- */
- *err = WTAP_ERR_BAD_FILE;
- if (err_info != NULL) {
- *err_info = g_strdup_printf("pcap: File has %u-byte packet, bigger than maximum of %u",
- hdr->hdr.orig_len, WTAP_MAX_PACKET_SIZE);
- }
- return -1;
+ if (hdr->hdr.incl_len > wth->snapshot_length) {
+ g_warning("pcap: File has packet larger than file's snapshot length.");
}
return bytes_read;
@@ -955,7 +942,7 @@ static gboolean libpcap_dump(wtap_dumper *wdh,
rec_hdr.hdr.incl_len = phdr->caplen + phdrsize;
rec_hdr.hdr.orig_len = phdr->len + phdrsize;
- if (rec_hdr.hdr.incl_len > WTAP_MAX_PACKET_SIZE || rec_hdr.hdr.orig_len > WTAP_MAX_PACKET_SIZE) {
+ if (rec_hdr.hdr.incl_len > WTAP_MAX_PACKET_SIZE) {
*err = WTAP_ERR_BAD_FILE;
return FALSE;
}