Wireshark-commits: [Wireshark-commits] master 0ac9449: We can't check the length of an SHB until we
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Tue, 14 Oct 2014 23:53:50 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0ac944944233b49c77a77da65be19ce4c2e65647
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

0ac9449 by Guy Harris (guy@xxxxxxxxxxxx):

    We can't check the length of an SHB until we determine the byte order.
    
    Don't check a possibly-byte-swapped length against the minimum SHB size;
    it'll probably look huge if it's byte-swapped, so the test won't fail
    even if it is too small, and a really huge SHB's length could look too
    small if it's byte-swapped.
    
    Do the check *after* we've read the fixed-length portion of the block;
    yes, that means we've read past the purported size of the block at that
    point, but if that read succeeds, that doesn't matter, and if that read
    fails, it just means we'll report "file cut short" rather than "bad SHB
    length", *both* of which are problems with the file.
    
    Change-Id: Ie3b5700662f2a6da40d373a84f00a8fc2cf0ce1b
    Reviewed-on: https://code.wireshark.org/review/4692
    Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
    

Actions performed:

    from  4420461   Don't assume pcap_read_block() returns the number of bytes read.
    adds  0ac9449   We can't check the length of an SHB until we determine the byte order.


Summary of changes:
 wiretap/pcapng.c |   32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)