Handle very large -f files by rejecting them.

[tcpdump] / tcpdump.c

diff --git a/tcpdump.c b/tcpdump.c
index d9c7f7ab8f97677f1d0270fa8b429caa75487eec..8f27ba2a47fbbf80700df196f679449c10e84f28 100644 (file)
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -108,6 +108,7 @@ The Regents of the University of California.  All rights reserved.\n";
 #endif /* HAVE_CAP_NG_H */
 #endif /* HAVE_LIBCAP_NG */
 
+#include "netdissect-stdinc.h"
 #include "netdissect.h"
 #include "interface.h"
 #include "addrtoname.h"
@@ -607,11 +608,10 @@ droproot(const char *username, const char *chroot_dir)
 #ifdef HAVE_LIBCAP_NG
                {
                        int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG);
-                       if (ret < 0) {
-                               fprintf(stderr, "error : ret %d\n", ret);
-                       } else {
+                       if (ret < 0)
+                               error("capng_change_id(): return %d\n", ret);
+                       else
                                fprintf(stderr, "dropped privs to %s\n", username);
-                       }
                }
 #else
                if (initgroups(pw->pw_name, pw->pw_gid) != 0 ||
@@ -700,13 +700,15 @@ static char *
 get_next_file(FILE *VFile, char *ptr)
 {
        char *ret;
+       size_t len;
 
        ret = fgets(ptr, PATH_MAX, VFile);
        if (!ret)
                return NULL;
 
-       if (ptr[strlen(ptr) - 1] == '\n')
-               ptr[strlen(ptr) - 1] = '\0';
+       len = strlen (ptr);
+       if (len > 0 && ptr[len - 1] == '\n')
+               ptr[len - 1] = '\0';
 
        return ret;
 }
@@ -860,15 +862,22 @@ read_infile(char *fname)
 {
        register int i, fd, cc;
        register char *cp;
-       struct stat buf;
+       our_statb buf;
 
        fd = open(fname, O_RDONLY|O_BINARY);
        if (fd < 0)
                error("can't open %s: %s", fname, pcap_strerror(errno));
 
-       if (fstat(fd, &buf) < 0)
+       if (our_fstat(fd, &buf) < 0)
                error("can't stat %s: %s", fname, pcap_strerror(errno));
 
+       /*
+        * Reject files whose size doesn't fit into an int; a filter
+        * *that* large will probably be too big.
+        */
+       if (buf.st_size > INT_MAX)
+               error("%s is too large", fname);
+
        cp = malloc((u_int)buf.st_size + 1);
        if (cp == NULL)
                error("malloc(%d) for %s: %s", (u_int)buf.st_size + 1,
@@ -877,7 +886,8 @@ read_infile(char *fname)
        if (cc < 0)
                error("read %s: %s", fname, pcap_strerror(errno));
        if (cc != buf.st_size)
-               error("short read %s (%d != %d)", fname, cc, (int)buf.st_size);
+               error("short read %s (%d != %d)", fname, (int) cc,
+                   (int)buf.st_size);
 
        close(fd);
        /* replace "# comment" with spaces */
@@ -1023,6 +1033,10 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf)
                if (status < 0)
                        error("%s: Can't set time stamp type: %s",
                              device, pcap_statustostr(status));
+               else if (status > 0)
+                       warning("When trying to set timestamp type '%s' on %s: %s",
+                               pcap_tstamp_type_val_to_name(jflag), device,
+                               pcap_statustostr(status));
        }
 #endif
        status = pcap_activate(pc);