#endif
#endif
- /* Loop through packets */
+ /*
+ * Loop through packets.
+ *
+ * This assumes that a single buffer of packets will have
+ * <= INT_MAX packets, so the packet count doesn't overflow.
+ */
ep = bufp + len;
n = 0;
/*
* Loop through each packet.
+ *
+ * This assumes that a single buffer of packets will have
+ * <= INT_MAX packets, so the packet count doesn't overflow.
*/
#define bhp ((AirpcapBpfHeader *)bp)
n = 0;
/*
* Loop through each packet.
+ *
+ * This assumes that a single buffer of packets will have
+ * <= INT_MAX packets, so the packet count doesn't overflow.
*/
#ifdef BIOCSTSTAMP
#define bhp ((struct bpf_xhdr *)bp)
}
- /* Process the packets. */
+ /*
+ * Process the packets.
+ *
+ * This assumes that a single buffer of packets will have
+ * <= INT_MAX packets, so the packet count doesn't overflow.
+ */
while (pd->dag_mem_top - pd->dag_mem_bottom >= dag_record_size) {
unsigned short packet_len = 0;
#include <signal.h>
#include <float.h>
#include <fcntl.h>
+#include <limits.h> /* for INT_MAX */
#include <io.h>
#if defined(USE_32BIT_DRIVERS)
{
int rc, num = 0;
- while (num <= cnt || PACKET_COUNT_IS_UNLIMITED(cnt))
+ /*
+ * This can conceivably process more than INT_MAX packets,
+ * which would overflow the packet count, causing it either
+ * to look like a negative number, and thus cause us to
+ * return a value that looks like an error, or overflow
+ * back into positive territory, and thus cause us to
+ * return a too-low count.
+ *
+ * Therefore, if the packet count is unlimited, we clip
+ * it at INT_MAX; this routine is not expected to
+ * process packets indefinitely, so that's not an issue.
+ */
+ if (PACKET_COUNT_IS_UNLIMITED(cnt))
+ cnt = INT_MAX;
+
+ while (num <= cnt)
{
if (p->fd <= 0)
return (-1);
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <limits.h> /* for INT_MAX */
#include <time.h>
#include <sys/time.h>
u_char *large_buffer=NULL;
int timeout_ms = p->opt.timeout;
- if ( !PACKET_COUNT_IS_UNLIMITED(max_cnt) && max_cnt < MAX_PKT_BURST){
+ /*
+ * This can conceivably process more than INT_MAX packets,
+ * which would overflow the packet count, causing it either
+ * to look like a negative number, and thus cause us to
+ * return a value that looks like an error, or overflow
+ * back into positive territory, and thus cause us to
+ * return a too-low count.
+ *
+ * Therefore, if the packet count is unlimited, we clip
+ * it at INT_MAX; this routine is not expected to
+ * process packets indefinitely, so that's not an issue.
+ */
+ if (PACKET_COUNT_IS_UNLIMITED(max_cnt))
+ max_cnt = INT_MAX;
+
+ if (max_cnt < MAX_PKT_BURST){
burst_cnt = max_cnt;
}else{
burst_cnt = MAX_PKT_BURST;
}
- while( PACKET_COUNT_IS_UNLIMITED(max_cnt) || pkt_cnt < max_cnt){
+ while( pkt_cnt < max_cnt){
if (p->break_loop){
p->break_loop = 0;
return PCAP_ERROR_BREAK;
}
}
- /* non-positive values of max_packets are used to require all
- * packets currently available in the ring */
- while ((pkts < max_packets) || PACKET_COUNT_IS_UNLIMITED(max_packets)) {
+ /*
+ * This can conceivably process more than INT_MAX packets,
+ * which would overflow the packet count, causing it either
+ * to look like a negative number, and thus cause us to
+ * return a value that looks like an error, or overflow
+ * back into positive territory, and thus cause us to
+ * return a too-low count.
+ *
+ * Therefore, if the packet count is unlimited, we clip
+ * it at INT_MAX; this routine is not expected to
+ * process packets indefinitely, so that's not an issue.
+ */
+ if (PACKET_COUNT_IS_UNLIMITED(max_packets))
+ max_packets = INT_MAX;
+
+ while (pkts < max_packets) {
/*
* Get the current ring buffer frame, and break if
* it's still owned by the kernel.
return pkts;
}
- /* non-positive values of max_packets are used to require all
- * packets currently available in the ring */
- while ((pkts < max_packets) || PACKET_COUNT_IS_UNLIMITED(max_packets)) {
+ /*
+ * This can conceivably process more than INT_MAX packets,
+ * which would overflow the packet count, causing it either
+ * to look like a negative number, and thus cause us to
+ * return a value that looks like an error, or overflow
+ * back into positive territory, and thus cause us to
+ * return a too-low count.
+ *
+ * Therefore, if the packet count is unlimited, we clip
+ * it at INT_MAX; this routine is not expected to
+ * process packets indefinitely, so that's not an issue.
+ */
+ if (PACKET_COUNT_IS_UNLIMITED(max_packets))
+ max_packets = INT_MAX;
+
+ while (pkts < max_packets) {
int packets_to_read;
if (handlep->current_packet == NULL) {
}
packets_to_read = handlep->packets_left;
- if (!PACKET_COUNT_IS_UNLIMITED(max_packets) &&
- packets_to_read > (max_packets - pkts)) {
+ if (packets_to_read > (max_packets - pkts)) {
/*
- * We've been given a maximum number of packets
- * to process, and there are more packets in
- * this buffer than that. Only process enough
+ * There are more packets in the buffer than
+ * the number of packets we have left to
+ * process to get up to the maximum number
+ * of packets to process. Only process enough
* of them to get us up to that maximum.
*/
packets_to_read = max_packets - pkts;
bp = (unsigned char *)handle->buffer;
} else
bp = handle->bp;
+
+ /*
+ * Loop through each message.
+ *
+ * This assumes that a single buffer of message will have
+ * <= INT_MAX packets, so the message count doesn't overflow.
+ */
ep = bp + len;
while (bp < ep) {
const struct nlmsghdr *nlh = (const struct nlmsghdr *) bp;
* Loop through each packet. The increment expression
* rounds up to the next int boundary past the end of
* the previous packet.
+ *
+ * This assumes that a single buffer of packets will have
+ * <= INT_MAX packets, so the packet count doesn't overflow.
*/
n = 0;
ep = bp + cc;
#endif
#include <errno.h>
+#include <limits.h> /* for INT_MAX */
#define PCAP_DONT_INCLUDE_PCAP_BPF_H
#include <Packet32.h>
#include <pcap-int.h>
/*
* Loop through each packet.
+ *
+ * This assumes that a single buffer of packets will have
+ * <= INT_MAX packets, so the packet count doesn't overflow.
*/
#define bhp ((struct bpf_hdr *)bp)
n = 0;
endofbuf = (char*)header + cc;
+ /*
+ * This can conceivably process more than INT_MAX packets,
+ * which would overflow the packet count, causing it either
+ * to look like a negative number, and thus cause us to
+ * return a value that looks like an error, or overflow
+ * back into positive territory, and thus cause us to
+ * return a too-low count.
+ *
+ * Therefore, if the packet count is unlimited, we clip
+ * it at INT_MAX; this routine is not expected to
+ * process packets indefinitely, so that's not an issue.
+ */
+ if (PACKET_COUNT_IS_UNLIMITED(cnt))
+ cnt = INT_MAX;
+
/*
* Cycle through the packets
*/
bp = pc->bp;
/*
* Loop through each packet.
+ *
+ * This assumes that a single buffer of packets will have
+ * <= INT_MAX packets, so the packet count doesn't overflow.
*/
n = 0;
pad = pc->fddipad;
#include <infiniband/verbs.h>
#include <stdlib.h>
#include <string.h>
+#include <limits.h> /* for INT_MAX */
#include <sys/time.h>
#if !defined(IBV_FLOW_ATTR_SNIFFER)
priv->cq_event = 1;
}
- while (count < max_packets || PACKET_COUNT_IS_UNLIMITED(max_packets)) {
+ /*
+ * This can conceivably process more than INT_MAX packets,
+ * which would overflow the packet count, causing it either
+ * to look like a negative number, and thus cause us to
+ * return a value that looks like an error, or overflow
+ * back into positive territory, and thus cause us to
+ * return a too-low count.
+ *
+ * Therefore, if the packet count is unlimited, we clip
+ * it at INT_MAX; this routine is not expected to
+ * process packets indefinitely, so that's not an issue.
+ */
+ if (PACKET_COUNT_IS_UNLIMITED(max_packets))
+ max_packets = INT_MAX;
+
+ while (count < max_packets) {
if (ibv_poll_cq(priv->cq, 1, &wc) != 1) {
priv->cq_event = 0;
break;
#include <stdlib.h> /* for malloc(), free(), ... */
#include <stdarg.h> /* for functions with variable number of arguments */
#include <errno.h> /* for the errno variable */
+#include <limits.h> /* for INT_MAX */
#include "sockutils.h"
#include "pcap-int.h"
#include "rpcap-protocol.h"
}
}
+ /*
+ * This can conceivably process more than INT_MAX packets,
+ * which would overflow the packet count, causing it either
+ * to look like a negative number, and thus cause us to
+ * return a value that looks like an error, or overflow
+ * back into positive territory, and thus cause us to
+ * return a too-low count.
+ *
+ * Therefore, if the packet count is unlimited, we clip
+ * it at INT_MAX; this routine is not expected to
+ * process packets indefinitely, so that's not an issue.
+ */
+ if (PACKET_COUNT_IS_UNLIMITED(cnt))
+ cnt = INT_MAX;
+
while (n < cnt || PACKET_COUNT_IS_UNLIMITED(cnt))
{
/*
#include <stdlib.h>
#include <string.h>
#include <errno.h>
+#include <limits.h> /* for INT_MAX */
#ifndef _WIN32
#include <netinet/in.h>
if (!p)
return -1;
+ /*
+ * This can conceivably process more than INT_MAX packets,
+ * which would overflow the packet count, causing it either
+ * to look like a negative number, and thus cause us to
+ * return a value that looks like an error, or overflow
+ * back into positive territory, and thus cause us to
+ * return a too-low count.
+ *
+ * Therefore, if the packet count is unlimited, we clip
+ * it at INT_MAX; this routine is not expected to
+ * process packets indefinitely, so that's not an issue.
+ */
+ if (PACKET_COUNT_IS_UNLIMITED(cnt))
+ cnt = INT_MAX;
+
n = 0;
timeout = ps->snf_timeout;
- while (n < cnt || PACKET_COUNT_IS_UNLIMITED(cnt)) {
+ while (n < cnt) {
/*
* Has "pcap_breakloop()" been called?
*/
/*
* loop through each snapshot in the chunk
+ *
+ * This assumes that a single buffer of packets will have
+ * <= INT_MAX packets, so the packet count doesn't overflow.
*/
n = 0;
ep = bp + cc;
int n = 0;
u_char *data;
+ /*
+ * This can conceivably process more than INT_MAX packets,
+ * which would overflow the packet count, causing it either
+ * to look like a negative number, and thus cause us to
+ * return a value that looks like an error, or overflow
+ * back into positive territory, and thus cause us to
+ * return a too-low count.
+ *
+ * Therefore, if the packet count is unlimited, we clip
+ * it at INT_MAX; this routine is not expected to
+ * process packets indefinitely, so that's not an issue.
+ */
+ if (PACKET_COUNT_IS_UNLIMITED(cnt))
+ cnt = INT_MAX;
+
for (;;) {
struct pcap_pkthdr h;
int status;
pcap_filter(fcode, data, h.len, h.caplen)) {
(*callback)(user, &h, data);
n++; /* count the packet */
- if (!PACKET_COUNT_IS_UNLIMITED(cnt) && n >= cnt)
+ if (n >= cnt)
break;
}
}
projects / libpcap / commitdiff
