Wireshark-commits: [Wireshark-commits] master-2.4 52ac26f: Do the maximum block size check in pcap_
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Fri, 09 Feb 2018 05:39:30 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=52ac26f1316ee738a63d298d77b9ec9a3a5b485c
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master-2.4
Repository: wireshark

Commits:

52ac26f by Guy Harris (guy@xxxxxxxxxxxx):

    Do the maximum block size check in pcap_read_block().
    
    Do it before we even *try* to read the block, so that it's done in one
    place rather than having to be done in every routine to handle
    particular block types.
    
    The check was missing in the routine to read sysdig event blocks, so if
    we got a huge sysdig even block we'd try to allocate a huge amount of
    memory.
    
    Bug: 14403
    Change-Id: Iff0fb0387e4499420598361be6d241f2832042d7
    Reviewed-on: https://code.wireshark.org/review/25702
    Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
    (cherry picked from commit f73ae69ba917abd34db434b7ead03d4bc0e9c279)
    Reviewed-on: https://code.wireshark.org/review/25703
    

Actions performed:

    from  e14250a   Plug an (unlikely) leak.
    adds  52ac26f   Do the maximum block size check in pcap_read_block().


Summary of changes:
 wiretap/pcapng.c | 88 +++++++++-----------------------------------------------
 1 file changed, 13 insertions(+), 75 deletions(-)