From dd0edaf7eb97c05aff6502056c1e5de9944eb209 Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Thu, 25 Jul 2019 15:50:57 -0700 Subject: Test hdr.snaplen to see whether it fits in an int. Assigning it to p->snapshot, and then checking whether the result is negative, should work in practice, but it gets unsigned-behavior warnings. Test beforehand whether it's valid, and only assign it to p->snapshot if it is. This should address the pcap.c part of GitHub issue the-tcpdump-group/tcpdump#785. --- sf-pcap.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'sf-pcap.c') diff --git a/sf-pcap.c b/sf-pcap.c index 23057a0c..9fab5997 100644 --- a/sf-pcap.c +++ b/sf-pcap.c @@ -249,8 +249,7 @@ pcap_check_header(const uint8_t *magic, FILE *fp, u_int precision, char *errbuf, p->swapped = swapped; p->version_major = hdr.version_major; p->version_minor = hdr.version_minor; - p->snapshot = hdr.snaplen; - if (p->snapshot <= 0) { + if (hdr.snaplen == 0 || hdr.snaplen > INT_MAX) { /* * Bogus snapshot length; use the maximum for this * link-layer type as a fallback. @@ -260,7 +259,8 @@ pcap_check_header(const uint8_t *magic, FILE *fp, u_int precision, char *errbuf, * unsigned int. */ p->snapshot = max_snaplen_for_dlt(hdr.linktype); - } + } else + p->snapshot = hdr.snaplen; p->linktype = linktype_to_dlt(LT_LINKTYPE(hdr.linktype)); p->linktype_ext = LT_LINKTYPE_EXT(hdr.linktype); -- cgit v1.2.3