Handle very large -f files by rejecting them.

[tcpdump] / smbutil.c

diff --git a/smbutil.c b/smbutil.c
index e2d3c7bcb3dbfa6322ac68fe6f3ccf4896e27896..525635cbc7f78ebf5f5038267ecf8e9ccc4d6a25 100644 (file)
--- a/smbutil.c
+++ b/smbutil.c
@@ -798,6 +798,7 @@ smb_fdata(netdissect_options *ndo,
           int unicodestr)
 {
     static int depth = 0;
+    const u_char *buf_start = buf;
     char s[128];
     char *p;
 
@@ -876,8 +877,9 @@ smb_fdata(netdissect_options *ndo,
            s[p - fmt] = '\0';
            fmt = p + 1;
            buf = smb_fdata1(ndo, buf, s, maxbuf, unicodestr);
-           if (buf == NULL)
+           if(buf < buf_start || buf == NULL) {
                return(NULL);
+           }
            break;
 
        default: