is a byte-swapped version of that.
PCAP_NSEC_MAGIC is for Ulf Lamping's modified "libpcap" format,
- which uses the same common file format as PCAP_MAGIC, but the
+ which uses the same common file format as PCAP_MAGIC, but the
timestamps are saved in nanosecond resolution instead of microseconds.
PCAP_SWAPPED_NSEC_MAGIC is a byte-swapped version of that. */
#define PCAP_MAGIC 0xa1b2c3d4
} else { \
*error_pointer = 0; \
} \
- fclose(file_pointer); \
return FALSE; \
} \
written_length += (long)nwritten; \
gboolean
libpcap_write_session_header_block(FILE *fp,
- char *appname,
+ const char *appname,
long *bytes_written,
int *err)
{
struct option option;
guint32 block_total_length;
const guint32 padding = 0;
-
+
block_total_length = sizeof(struct shb) +
- sizeof(struct option) + (guint16)(ADD_PADDING(strlen(appname) + 1)) +
- sizeof(struct option) +
sizeof(guint32);
+ if ((strlen(appname) > 0) && (strlen(appname) < G_MAXUINT16)) {
+ block_total_length += 2 * sizeof(struct option) +
+ (guint16)(ADD_PADDING(strlen(appname) + 1));
+ }
/* write shb header */
shb.block_type = SECTION_HEADER_BLOCK_TYPE;
shb.block_total_length = block_total_length;
shb.minor_version = PCAPNG_MINOR_VERSION;
shb.section_length = -1;
WRITE_DATA(fp, &shb, sizeof(struct shb), *bytes_written, err);
- /* write shb_userappl options */
- option.type = SHB_USERAPPL;
- option.value_length = (guint16)(strlen(appname) + 1);
- WRITE_DATA(fp, &option, sizeof(struct option), *bytes_written, err);
- WRITE_DATA(fp, appname, strlen(appname) + 1, *bytes_written, err);
- if ((strlen(appname) + 1) % 4) {
- WRITE_DATA(fp, &padding, 4 - (strlen(appname) + 1) % 4, *bytes_written, err);
+
+ if ((strlen(appname) > 0) && (strlen(appname) < G_MAXUINT16)) {
+ /* write shb_userappl options */
+ option.type = SHB_USERAPPL;
+ option.value_length = (guint16)(strlen(appname) + 1);
+ WRITE_DATA(fp, &option, sizeof(struct option), *bytes_written, err);
+ WRITE_DATA(fp, appname, strlen(appname) + 1, *bytes_written, err);
+ if ((strlen(appname) + 1) % 4) {
+ WRITE_DATA(fp, &padding, 4 - (strlen(appname) + 1) % 4, *bytes_written, err);
+ }
+ /* write last option */
+ option.type = OPT_ENDOFOPT;
+ option.value_length = 0;
+ WRITE_DATA(fp, &option, sizeof(struct option), *bytes_written, err);
}
- /* write last option */
- option.type = OPT_ENDOFOPT;
- option.value_length = 0;
- WRITE_DATA(fp, &option, sizeof(struct option), *bytes_written, err);
/* write the trailing block total length */
WRITE_DATA(fp, &block_total_length, sizeof(guint32), *bytes_written, err);
return TRUE;
gboolean
libpcap_write_interface_description_block(FILE *fp,
- char *name,
- char *filter,
+ const char *name,
+ const char *filter,
int link_type,
int snap_len,
long *bytes_written,
const guint32 padding = 0;
block_total_length = sizeof(struct idb) + sizeof(guint32);
- if (strlen(name) > 0) {
- block_total_length += sizeof(struct option) + ADD_PADDING(strlen(name) + 1);
+ if ((strlen(name) > 0) && (strlen(name) < G_MAXUINT16)) {
+ block_total_length += sizeof(struct option) +
+ (guint16)(ADD_PADDING(strlen(name) + 1));
}
- if (strlen(filter) > 0) {
- block_total_length += sizeof(struct option) + ADD_PADDING(strlen(filter) + 1);
+ if ((strlen(filter) > 0) && (strlen(filter) < G_MAXUINT16)) {
+ block_total_length += sizeof(struct option) +
+ (guint16)(ADD_PADDING(strlen(filter) + 1));
}
- if ((strlen(name) > 0) || (strlen(filter) > 0)) {
+ if (((strlen(name) > 0) && (strlen(name) < G_MAXUINT16)) ||
+ ((strlen(filter) > 0) && (strlen(filter) < G_MAXUINT16))) {
block_total_length += sizeof(struct option);
}
+ /* write block header */
idb.block_type = INTERFACE_DESCRIPTION_BLOCK_TYPE;
idb.block_total_length = block_total_length;
idb.link_type = link_type;
idb.reserved = 0;
idb.snap_len = snap_len;
WRITE_DATA(fp, &idb, sizeof(struct idb), *bytes_written, err);
- /* write the options */
- if (strlen(name) > 0) {
+ /* write interface name string if applicable */
+ if ((strlen(name) > 0) && (strlen(name) < G_MAXUINT16)) {
option.type = IDB_NAME;
option.value_length = (guint16)(strlen(name) + 1);
WRITE_DATA(fp, &option, sizeof(struct option), *bytes_written, err);
WRITE_DATA(fp, &padding, 4 - (strlen(name) + 1) % 4 , *bytes_written, err);
}
}
- if (strlen(filter) > 0) {
+ /* write filter string if applicable */
+ if ((strlen(filter) > 0) && (strlen(filter) < G_MAXUINT16)) {
option.type = IDB_FILTER;
option.value_length = (guint16)(strlen(filter) + 1);
WRITE_DATA(fp, &option, sizeof(struct option), *bytes_written, err);
WRITE_DATA(fp, &padding, 4 - (strlen(filter) + 1) % 4 , *bytes_written, err);
}
}
- if ((strlen(name) > 0) || (strlen(filter) > 0)) {
+ /* write endofopt option if there were any options */
+ if (((strlen(name) > 0) && (strlen(name) < G_MAXUINT16)) ||
+ ((strlen(filter) > 0) && (strlen(filter) < G_MAXUINT16))) {
option.type = OPT_ENDOFOPT;
option.value_length = 0;
WRITE_DATA(fp, &option, sizeof(struct option), *bytes_written, err);
guint64 timestamp;
guint64 counter;
gboolean stats_retrieved;
-
+
#ifdef _WIN32
/*
* Current time, represented as 100-nanosecond intervals since
* January 1, 1601, 00:00:00 UTC.
+ *
+ * I think DWORD might be signed, so cast both parts of "now"
+ * to guint32 so that the sign bit doesn't get treated specially.
*/
GetSystemTimeAsFileTime(&now);
- timestamp = ((guint64)now.dwHighDateTime) << 32 + now.dwLowDateTime;
+ timestamp = (((guint64)(guint32)now.dwHighDateTime) << 32) +
+ (guint32)now.dwLowDateTime;
/*
* Convert to same thing but as 1-microsecond, i.e. 1000-nanosecond,
#else
/*
* Current time, represented as seconds and microseconds since
- * January 1, 1601, 00:00:00 UTC.
+ * January 1, 1970, 00:00:00 UTC.
*/
gettimeofday(&now, NULL);
WRITE_DATA(fp, &option, sizeof(struct option), *bytes_written, err);
}
WRITE_DATA(fp, &block_total_length, sizeof(guint32), *bytes_written, err);
-
+
return TRUE;
}