my capture data as rpcap). Someone with more knowledge of the
format might want to look at this (I added FIXMEs).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38754
f5534014-38df-0310-8fa8-
9805f1628bb7
gint offset = 0;
guint8 version, msg_type;
guint16 msg_value;
gint offset = 0;
guint8 version, msg_type;
guint16 msg_value;
+ guint32 plen, len, caplen;
if (tvb_length (tvb) < 8)
/* Too short */
if (tvb_length (tvb) < 8)
/* Too short */
offset += 2;
plen = tvb_get_ntohl (tvb, offset);
offset += 2;
plen = tvb_get_ntohl (tvb, offset);
+ /* FIXME: What is the maximum value that can really be seen here? */
+ if (plen > 10000)
+ return FALSE;
+
offset += 4;
len = (guint32) tvb_length_remaining (tvb, offset);
offset += 4;
len = (guint32) tvb_length_remaining (tvb, offset);
return FALSE;
/* Check if capture length is valid */
return FALSE;
/* Check if capture length is valid */
- if (tvb_get_ntohl (tvb, offset+8) > len)
+ caplen = tvb_get_ntohl (tvb, offset+8);
+ /* FIXME: Are there cases where a length of 0 may be valid? */
+ if (caplen > len || caplen == 0)