From: Victor Julien Date: Tue, 23 Oct 2018 12:51:25 +0000 (+0200) Subject: pcap: fix buffer size validation logic X-Git-Tag: suricata-4.1.0~31 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=22c7be26c40c8dc63f09bd75d7512c14bbbb3466;p=thirdparty%2Fsuricata.git pcap: fix buffer size validation logic --- diff --git a/src/runmode-pcap.c b/src/runmode-pcap.c index 850bcb7e39..04325ee383 100644 --- a/src/runmode-pcap.c +++ b/src/runmode-pcap.c @@ -99,8 +99,14 @@ static void *ParsePcapConfig(const char *iface) aconf->buffer_size = 0; /* If set command line option has precedence over config */ if ((ConfGetInt("pcap.buffer-size", &value)) == 1) { - SCLogInfo("Pcap will use %d buffer size", (int)value); - aconf->buffer_size = value; + if (value >= 0 && value <= INT_MAX) { + SCLogInfo("Pcap will use %d buffer size", (int)value); + aconf->buffer_size = value; + } else { + SCLogWarning(SC_ERR_INVALID_ARGUMENT, "pcap.buffer-size " + "value of %"PRIiMAX" is invalid. Valid range is " + "0-2147483647", value); + } } aconf->checksum_mode = CHECKSUM_VALIDATION_AUTO; diff --git a/src/source-pcap.c b/src/source-pcap.c index 3e488f73cf..ddb34c7f02 100644 --- a/src/source-pcap.c +++ b/src/source-pcap.c @@ -408,9 +408,8 @@ TmEcode ReceivePcapThreadInit(ThreadVars *tv, const void *initdata, void **data) } #ifdef HAVE_PCAP_SET_BUFF ptv->pcap_buffer_size = pcapconfig->buffer_size; - if (ptv->pcap_buffer_size >= 0 && ptv->pcap_buffer_size <= INT_MAX) { - if (ptv->pcap_buffer_size > 0) - SCLogInfo("Going to use pcap buffer size of %" PRId32 "", ptv->pcap_buffer_size); + if (ptv->pcap_buffer_size > 0) { + SCLogInfo("Going to use pcap buffer size of %" PRId32 "", ptv->pcap_buffer_size); int pcap_set_buffer_size_r = pcap_set_buffer_size(ptv->pcap_handle,ptv->pcap_buffer_size); //printf("ReceivePcapThreadInit: pcap_set_timeout(%p) returned %" PRId32 "\n", ptv->pcap_handle, pcap_set_buffer_size_r);