https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6846
--- Comment #7 from Guy Harris <guy@xxxxxxxxxxxx> 2012-02-15 23:26:57 PST ---
With this change, the only errors for which pcapng_read_section_header_block()
will fail if the "first_block" argument is TRUE - i.e., in the cases where it's
used to check whether a file is a pcap-NG file - are cases where there's an I/O
error (in which case the open should fail with that error, and does), where the
byte order magic number is wrong (meaning the file isn't *really* a pcap-NG
file, it's just some random file that happens to begin with "\r\n\n\r"), or the
magic number isn't 1.0 (in which case there's no guarantee that the magic
number is where it is in 1.0, so there's not much we can do). So the change in
rev 41037 should suffice for this particular bug.
If somebody wants Wireshark 1.8.x not to write out SHBs with options longer
than 100 bytes, so that versions of Wireshark *without* this fix will be able
to read those files, they should clone this bug and make the clone a bug
against the SVN version.
As for other blocks, yes, Wireshark should support arbitrary-length options,
but those fixes aren't necessary for *this* bug.
I've scheduled this for the 1.4.x branch.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
