Wireshark-commits: [Wireshark-commits] master-1.12 41986d0: pcap-common: Fix several serious ENCAP_
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Thu, 12 May 2016 02:01:01 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=41986d031aaf4f061a6ce956381481990bdae5d2
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master-1.12
Repository: wireshark

Commits:

41986d0 by Anthony Coddington (anthony.coddington@xxxxxxxxxx):

    pcap-common: Fix several serious ENCAP_ERF extension header writing issues
    
    Write ERF subheader after extension headers, especially important for Ethernet
    (other types predate extension headers for the most part).
    Add missing ERF_TYPE_MC_AAL2 and ERF_TYPE_COLOR_HASH_ETH.
    
    Truncate final ERF extension header when too many. Rlen is not currently
    adjusted so may be incorrect (see followup patch). Existing tools generally
    check against PCAP incl_len anyway as there are other scenarios where this can
    happen like naive snapping or Wireshark ERF-to-PCAP.
    Properly fixing this will involve getting rid of the ERF pseudoheader.
    Consistent with the ERF wiretap (except for different padding behaviour).
    
    Bug: 3606
    Change-Id: I186c37f5a7894b60bc61822b8488a3a274ffb32c
    Reviewed-on: https://code.wireshark.org/review/15394
    Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
    

Actions performed:

    from  b8e0d41   WBXML: add a basic sanity check for offset overflow
    adds  41986d0   pcap-common: Fix several serious ENCAP_ERF extension header writing issues


Summary of changes:
 wiretap/pcap-common.c |   24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)