Check for a bogus record size. Fixes bug 6670.

author Guy Harris <guy@alum.mit.edu>

Tue, 13 Dec 2011 02:00:41 +0000 (02:00 -0000)

committer Guy Harris <guy@alum.mit.edu>

Tue, 13 Dec 2011 02:00:41 +0000 (02:00 -0000)
author Guy Harris <guy@alum.mit.edu>
Tue, 13 Dec 2011 02:00:41 +0000 (02:00 -0000)
committer Guy Harris <guy@alum.mit.edu>
Tue, 13 Dec 2011 02:00:41 +0000 (02:00 -0000)
diff --git a/wiretap/lanalyzer.c b/wiretap/lanalyzer.c

index a77c10e8b95814ce143e9336a2a710dbb5ff4377..2c049297f00aad91bd0447518c49f580bec27097 100644 (file)
--- a/wiretap/lanalyzer.c
+++ b/wiretap/lanalyzer.c
@@ -467,6 +467,16 @@ static gboolean lanalyzer_read(wtap *wth, int *err, gchar **err_info,
                 return FALSE;
         }
         else {
+               if (record_length < DESCRIPTOR_LEN) {
+                       /*
+                        * Uh-oh, the record isn't big enough to even have a
+                        * descriptor.
+                        */
+                       *err = WTAP_ERR_BAD_RECORD;
+                       *err_info = g_strdup_printf("lanalyzer: file has a %u-byte record, too small to have even a packet descriptor",
+                           record_length);
+                       return FALSE;
+               }
                 packet_size = record_length - DESCRIPTOR_LEN;
         }
author	Guy Harris <guy@alum.mit.edu>
	Tue, 13 Dec 2011 02:00:41 +0000 (02:00 -0000)
committer	Guy Harris <guy@alum.mit.edu>
	Tue, 13 Dec 2011 02:00:41 +0000 (02:00 -0000)