Test hdr.snaplen to see whether it fits in an int.

Assigning it to p->snapshot, and then checking whether the result is negative, should work in practice, but it gets unsigned-behavior warnings. Test beforehand whether it's valid, and only assign it to p->snapshot if it is. This should address the pcap.c part of GitHub issue the-tcpdump-group/tcpdump#785.
author: Guy Harris <guy@alum.mit.edu> 2019-07-25 15:50:57 -0700
committer: Guy Harris <guy@alum.mit.edu> 2019-07-25 15:53:23 -0700
commit: dd0edaf7eb97c05aff6502056c1e5de9944eb209 (patch)
tree: dc2cc44d821c4b46a01f9a6a21dabf52d508a2bd /sf-pcap.c
parent: d04d4649e86656ab03f75e0f7107a7f0fc97bbd3 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/sf-pcap.c b/sf-pcap.c
index 23057a0c..9fab5997 100644
--- a/sf-pcap.c
+++ b/sf-pcap.c
@@ -249,8 +249,7 @@ pcap_check_header(const uint8_t *magic, FILE *fp, u_int precision, char *errbuf,
 	p->swapped = swapped;
 	p->version_major = hdr.version_major;
 	p->version_minor = hdr.version_minor;
-	p->snapshot = hdr.snaplen;
-	if (p->snapshot <= 0) {
+	if (hdr.snaplen == 0 || hdr.snaplen > INT_MAX) {
 		/*
 		 * Bogus snapshot length; use the maximum for this
 		 * link-layer type as a fallback.
@@ -260,7 +259,8 @@ pcap_check_header(const uint8_t *magic, FILE *fp, u_int precision, char *errbuf,
 		 * unsigned int.
 		 */
 		p->snapshot = max_snaplen_for_dlt(hdr.linktype);
-	}
+	} else
+		p->snapshot = hdr.snaplen;
 	p->linktype = linktype_to_dlt(LT_LINKTYPE(hdr.linktype));
 	p->linktype_ext = LT_LINKTYPE_EXT(hdr.linktype);
author	Guy Harris <guy@alum.mit.edu>	2019-07-25 15:50:57 -0700
committer	Guy Harris <guy@alum.mit.edu>	2019-07-25 15:53:23 -0700
commit	dd0edaf7eb97c05aff6502056c1e5de9944eb209 (patch)
tree	dc2cc44d821c4b46a01f9a6a21dabf52d508a2bd /sf-pcap.c
parent	d04d4649e86656ab03f75e0f7107a7f0fc97bbd3 (diff)