diff options
| author | Francois-Xavier Le Bail <fx.lebail@yahoo.com> | 2015-10-10 13:57:21 +0200 |
|---|---|---|
| committer | Francois-Xavier Le Bail <fx.lebail@yahoo.com> | 2015-10-10 15:42:04 +0200 |
| commit | f32c705ed52f2fd3b5fa787cc1a62220aad6ab63 (patch) | |
| tree | 6ee0db00315e25207e1541b4b895a9eb9f3d7a14 | |
| parent | 112bc49a4267d4452ead296635074d4c5a3df96a (diff) | |
| download | libpcap-f32c705ed52f2fd3b5fa787cc1a62220aad6ab63.tar.gz | |
Add versions sanity checks for pcap and pcap-ng savefiles
pcap:
Currently only versions 2.[0-4] are supported with the exception
of 543.0 for DG/UX tcpdump.
Versions < 2.x were already rejected as "archaic".
pcap-ng:
Currently only SHB version 1.0 is supported.
(reference: https://github.com/pcapng/pcapng)
| -rw-r--r-- | sf-pcap-ng.c | 9 | ||||
| -rw-r--r-- | sf-pcap.c | 17 |
2 files changed, 22 insertions, 4 deletions
diff --git a/sf-pcap-ng.c b/sf-pcap-ng.c index 15962a10..9bee799a 100644 --- a/sf-pcap-ng.c +++ b/sf-pcap-ng.c @@ -121,6 +121,7 @@ struct section_header_block { * that means that this code can't read the file. */ #define PCAP_NG_VERSION_MAJOR 1 +#define PCAP_NG_VERSION_MINOR 0 /* * Interface Description Block. @@ -891,10 +892,12 @@ pcap_ng_check_header(bpf_u_int32 magic, FILE *fp, u_int precision, char *errbuf, * XXX - we don't care about the section length. */ } - if (shbp->major_version != PCAP_NG_VERSION_MAJOR) { + /* currently only SHB version 1.0 is supported */ + if (! (shbp->major_version == PCAP_NG_VERSION_MAJOR && + shbp->minor_version == PCAP_NG_VERSION_MINOR)) { snprintf(errbuf, PCAP_ERRBUF_SIZE, - "unknown pcap-ng savefile major version number %u", - shbp->major_version); + "unsupported pcap-ng savefile version %u.%u", + shbp->major_version, shbp->minor_version); goto fail; } p->version_major = shbp->major_version; @@ -149,7 +149,7 @@ struct pcap_sf { */ pcap_t * pcap_check_header(bpf_u_int32 magic, FILE *fp, u_int precision, char *errbuf, - int *err) + int *err) { struct pcap_file_header hdr; size_t amt_read; @@ -218,6 +218,21 @@ pcap_check_header(bpf_u_int32 magic, FILE *fp, u_int precision, char *errbuf, } /* + * currently only versions 2.[0-4] are supported with + * the exception of 543.0 for DG/UX tcpdump. + */ + if (! ((hdr.version_major == PCAP_VERSION_MAJOR && + hdr.version_minor <= PCAP_VERSION_MINOR) || + (hdr.version_major == 543 && + hdr.version_minor == 0))) { + snprintf(errbuf, PCAP_ERRBUF_SIZE, + "unsupported pcap savefile version %u.%u", + hdr.version_major, hdr.version_minor); + *err = 1; + return NULL; + } + + /* * OK, this is a good pcap file. * Allocate a pcap_t for it. */ |