*** /tmp/,RCSt1a10632 Sat Jan 26 21:14:13 1991 --- savefile.c Sat Jan 26 21:11:17 1991 *************** *** 20,26 **** */ #ifndef lint static char rcsid[] = ! "@(#)$Header: savefile.c,v 1.17 91/01/10 17:24:07 mccanne Exp $ (LBL)"; #endif /* --- 20,26 ---- */ #ifndef lint static char rcsid[] = ! "@(#)$Header: savefile.c,v 1.19 91/01/26 21:10:10 mccanne Exp $ (LBL)"; #endif /* *************** *** 129,146 **** } if (hdr.version_major > VERSION_MAJOR) return SFERR_BADVERSION; ! /* ! * XXX Hack to be compatible with Vern's trace files. ! * Throw away last two longs, redundant data in dlinfo. ! */ ! if (hdr.version_minor < 2) { ! char buf[8]; ! if (fread(buf, 8, 1, fp) != 1) { ! perror(fname); ! exit(1); ! } ! warning("old style file format"); ! } thiszone = hdr.thiszone; snaplen = hdr.snaplen; *linktype = hdr.linktype; --- 129,135 ---- } if (hdr.version_major > VERSION_MAJOR) return SFERR_BADVERSION; ! thiszone = hdr.thiszone; snaplen = hdr.snaplen; *linktype = hdr.linktype; *************** *** 172,178 **** if (cflag && --cnt < 0) break; ! status = sf_next_packet(&h, buf); if (status) break; --- 161,167 ---- if (cflag && --cnt < 0) break; ! status = sf_next_packet(&h, buf, snaplen); if (status) break; *************** *** 195,203 **** * no more packets, and SFERR_TRUNC if a partial packet was encountered. */ int ! sf_next_packet(hdr, buf) struct packet_header *hdr; u_char *buf; { FILE *fp = sf_readfile; --- 184,193 ---- * no more packets, and SFERR_TRUNC if a partial packet was encountered. */ int ! sf_next_packet(hdr, buf, buflen) struct packet_header *hdr; u_char *buf; + int buflen; { FILE *fp = sf_readfile; *************** *** 214,219 **** --- 204,212 ---- hdr->ts.tv_sec = SWAPLONG(hdr->ts.tv_sec); hdr->ts.tv_usec = SWAPLONG(hdr->ts.tv_usec); } + + if (hdr->caplen > buflen) + return SFERR_BADF; /* read the packet itself */