| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
This reverts commit a02c2faeec982d233a32b6db4df20ce817dd1563.
That zeroed out bits in the non-reserved portion of the field; the
reserved portion was already zero.
|
| |
|
|
|
|
|
|
|
|
| |
For some reason pcap fuzzers just *love* to fuzz the "link-layer type
plus other stuff" part of the pcap file header. That can produce a file
that has non-zero values in reserved fields, which means it can get
rejected well before being handed to anything for dissection.
Clear out one of the reserved parts of that field, as we'll be changing
libpcap to check for non-zero values and reporting an error.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The packet length must be <= MAXIMUM_SNAPLEN.
Currently, there is no D-Bus printer, thus no need for a bigger length.
Now a pachet is valid if:
capture length != 0,
packet length != 0,
capture length <= MAXIMUM_SNAPLEN,
packet length <= MAXIMUM_SNAPLEN,
packet length >= capture length.
Moreover:
Fix the packet header lengths of some fuzzed pcap files:
If the lengths are > MAXIMUM_SNAPLEN, set them to MAXIMUM_SNAPLEN.
Thus they will be always usable with this new sanity check.
|
|
|
Kamil Frankowicz had found that truncated BE_STR and BE_SEQ ASN.1
elements could lead to an overread, from the source code it looked like
other ids could have this problem too. Move the checks introduced in
commit 72e501f out of the switch blocks to cover all ids by default.
This fixes GH#559 and GH#566.
|
