Wireshark-commits: [Wireshark-commits] master-2.2 129e41f: Do the maximum block size check in pcap_
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Fri, 09 Feb 2018 08:13:34 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=129e41f9f63885ad8224ef413c2860788fb9e849
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master-2.2
Repository: wireshark

Commits:

129e41f by Guy Harris (guy@xxxxxxxxxxxx):

    Do the maximum block size check in pcap_read_block().
    
    Do it before we even *try* to read the block, so that it's done in one
    place rather than having to be done in every routine to handle
    particular block types.
    
    The check was missing in the routine to read sysdig event blocks, so if
    we got a huge sysdig even block we'd try to allocate a huge amount of
    memory.
    
    Bug: 14403
    Change-Id: Iff0fb0387e4499420598361be6d241f2832042d7
    Reviewed-on: https://code.wireshark.org/review/25702
    Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
    (cherry picked from commit f73ae69ba917abd34db434b7ead03d4bc0e9c279)
    Reviewed-on: https://code.wireshark.org/review/25704
    

Actions performed:

    from  b1cc8f1   Plug an (unlikely) leak.
    adds  129e41f   Do the maximum block size check in pcap_read_block().


Summary of changes:
 wiretap/pcapng.c | 88 +++++++++-----------------------------------------------
 1 file changed, 13 insertions(+), 75 deletions(-)