Wireshark-commits: [Wireshark-commits] master-2.2 129e41f: Do the maximum block size check in pcap_
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=129e41f9f63885ad8224ef413c2860788fb9e849
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master-2.2
Repository: wireshark
Commits:
129e41f by Guy Harris (guy@xxxxxxxxxxxx):
Do the maximum block size check in pcap_read_block().
Do it before we even *try* to read the block, so that it's done in one
place rather than having to be done in every routine to handle
particular block types.
The check was missing in the routine to read sysdig event blocks, so if
we got a huge sysdig even block we'd try to allocate a huge amount of
memory.
Bug: 14403
Change-Id: Iff0fb0387e4499420598361be6d241f2832042d7
Reviewed-on: https://code.wireshark.org/review/25702
Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
(cherry picked from commit f73ae69ba917abd34db434b7ead03d4bc0e9c279)
Reviewed-on: https://code.wireshark.org/review/25704
Actions performed:
from b1cc8f1 Plug an (unlikely) leak.
adds 129e41f Do the maximum block size check in pcap_read_block().
Summary of changes:
wiretap/pcapng.c | 88 +++++++++-----------------------------------------------
1 file changed, 13 insertions(+), 75 deletions(-)