source: pcap timestamp microsecond consistency

That is it should be less than 1 000 000.
Have the same for fuzz targets where the bug came from.

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44177
(cherry picked from commit 8ecf7e403ec493118afaa0543166e0c11d907417)

diff --git a/src/source-pcap-file-helper.c b/src/source-pcap-file-helper.c
index 20e4892fce56a39db413aa326625db9fc748b1d9..398a1c4cb8b9d09eb19f8fd2e4b708ae4ff52e6d 100644 (file)
--- a/src/source-pcap-file-helper.c
+++ b/src/source-pcap-file-helper.c
@@ -77,7 +77,7 @@ void PcapFileCallbackLoop(char *user, struct pcap_pkthdr *h, u_char *pkt)
 
     PKT_SET_SRC(p, PKT_SRC_WIRE);
     p->ts.tv_sec = h->ts.tv_sec;
-    p->ts.tv_usec = h->ts.tv_usec;
+    p->ts.tv_usec = h->ts.tv_usec % 1000000;
     SCLogDebug("p->ts.tv_sec %"PRIuMAX"", (uintmax_t)p->ts.tv_sec);
     p->datalink = ptv->datalink;
     p->pcap_cnt = ++pcap_g.cnt;

diff --git a/src/tests/fuzz/fuzz_sigpcap.c b/src/tests/fuzz/fuzz_sigpcap.c
index 2607f2d44ec43d7786ae85b2e5e88c7479ae96f9..37fe0f60dc18a385df894491d8dc88c5e13404c8 100644 (file)
--- a/src/tests/fuzz/fuzz_sigpcap.c
+++ b/src/tests/fuzz/fuzz_sigpcap.c
@@ -142,7 +142,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
     r = pcap_next_ex(pkts, &header, &pkt);
     p = PacketGetFromAlloc();
     p->ts.tv_sec = header->ts.tv_sec;
-    p->ts.tv_usec = header->ts.tv_usec;
+    p->ts.tv_usec = header->ts.tv_usec % 1000000;
     p->datalink = pcap_datalink(pkts);
     while (r > 0) {
         if (PacketCopyData(p, pkt, header->caplen) == 0) {
@@ -166,7 +166,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
         r = pcap_next_ex(pkts, &header, &pkt);
         PACKET_RECYCLE(p);
         p->ts.tv_sec = header->ts.tv_sec;
-        p->ts.tv_usec = header->ts.tv_usec;
+        p->ts.tv_usec = header->ts.tv_usec % 1000000;
         p->datalink = pcap_datalink(pkts);
         pcap_cnt++;
         p->pcap_cnt = pcap_cnt;