From dd0edaf7eb97c05aff6502056c1e5de9944eb209 Mon Sep 17 00:00:00 2001
From: Guy Harris <guy@alum.mit.edu>
Date: Thu, 25 Jul 2019 15:50:57 -0700
Subject: Test hdr.snaplen to see whether it fits in an int.

Assigning it to p->snapshot, and then checking whether the result is
negative, should work in practice, but it gets unsigned-behavior
warnings.  Test beforehand whether it's valid, and only assign it to
p->snapshot if it is.

This should address the pcap.c part of GitHub issue
the-tcpdump-group/tcpdump#785.
---
 sf-pcapng.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'sf-pcapng.c')

diff --git a/sf-pcapng.c b/sf-pcapng.c
index 52f795f7..2881da34 100644
--- a/sf-pcapng.c
+++ b/sf-pcapng.c
@@ -32,6 +32,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h> /* for INT_MAX */
 
 #include "pcap-int.h"
 
@@ -1047,8 +1048,7 @@ pcap_ng_check_header(const uint8_t *magic, FILE *fp, u_int precision,
 	}
 
 done:
-	p->snapshot = idbp->snaplen;
-	if (p->snapshot <= 0) {
+	if (idbp->snaplen == 0 || idbp->snaplen > INT_MAX) {
 		/*
 		 * Bogus snapshot length; use the maximum for this
 		 * link-layer type as a fallback.
@@ -1058,7 +1058,8 @@ done:
 		 * unsigned int.
 		 */
 		p->snapshot = max_snaplen_for_dlt(idbp->linktype);
-	}
+	} else
+		p->snapshot = idbp->snaplen;
 	p->linktype = linktype_to_dlt(idbp->linktype);
 	p->linktype_ext = 0;
 
-- 
cgit v1.2.3