Changeset 7aa03d9


Ignore:
Timestamp:
01/15/19 09:53:33 (21 months ago)
Author:
Jacob Van Walraven <jcv9@…>
Branches:
develop
Children:
cbd77bd
Parents:
e7132d6
Message:

Check for NULL packet buffer in get_meta_data(), Make sure not to read past the end of the packet in pcapng_get_meta_data()

Location:
lib
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • lib/format_erf.c

    r977e0db r7aa03d9  
    923923        uint16_t curr_sec;
    924924
    925         hdr = (dag_record_t *)packet->header;
     925        if (packet->buffer == NULL) { return NULL; }
     926
     927        hdr = (dag_record_t *)packet->buffer;
    926928        bodyptr = (char *)packet->payload;
     929        /* 24 is size of the ERF header */
    927930        remaining = ntohs(hdr->rlen) - 24;
    928931
  • lib/format_pcapng.c

    re7132d6 r7aa03d9  
    21072107        uint32_t blocktype;
    21082108        uint16_t optcode;
     2109        int remaining;
     2110
     2111        if (packet->buffer == NULL) { return NULL; }
    21092112
    21102113        hdr = (struct pcapng_peeker *)packet->buffer;
     
    21132116        if (DATA(packet->trace)->byteswapped) {
    21142117                blocktype = byteswap32(hdr->blocktype);
     2118                remaining = byteswap32(hdr->blocklen);
    21152119        } else {
    21162120                blocktype = hdr->blocktype;
     2121                remaining = hdr->blocklen;
    21172122        }
    21182123
     
    21602165        else { return NULL; }
    21612166
     2167        /* update remaining to account for header and any payload */
     2168        remaining -= ptr - packet->buffer;
     2169
    21622170        /* Skip over the options till a match is found or they run out */
    21632171        struct pcapng_optheader *opthdr = ptr;
     
    21672175                optcode = opthdr->optcode;
    21682176        }
    2169         while ((optcode != section) && (optcode != PCAPNG_OPTION_END)) {
     2177        while ((optcode != section) && (optcode != PCAPNG_OPTION_END) &&
     2178                (remaining > 0)) {
     2179
    21702180                uint16_t len;
    21712181
     
    21902200                        optcode = opthdr->optcode;
    21912201                }
     2202
     2203                /* update remaining */
     2204                remaining -= (ptr-packet->buffer);
     2205
    21922206        }
    21932207
Note: See TracChangeset for help on using the changeset viewer.