sudo security update for Wheezy LTS (wrong subject was: Re: wireshark security update for Wheezy LTS)
2016-11-13 19:11 GMT+01:00 Balint Reczey : > Hi, > > I have prepared an update for sudo in Wheezy. > > Please see the diff to previous version and a small test program attached. > > Changes: > sudo (1.8.5p2-1+nmu3+deb7u2) wheezy-security; urgency=medium > . >* LTS Team upload. >* Fix noexec bypass via system() and popen() (CVE-2016-7032) >* Fix noexec bypass via wordexp() (CVE-2016-7076) (Closes: #842507) > > I plan uploading the package tomorrow around 18:00 UTC. > > The binary packages for amd64 are also available for testing here: > > deb https://people.debian.org/~rbalint/ppa/wheezy-lts UNRELEASED/ > > Cheers, > Balint >
wireshark security update for Wheezy LTS
Hi, I have prepared an update for sudo in Wheezy. Please see the diff to previous version and a small test program attached. Changes: sudo (1.8.5p2-1+nmu3+deb7u2) wheezy-security; urgency=medium . * LTS Team upload. * Fix noexec bypass via system() and popen() (CVE-2016-7032) * Fix noexec bypass via wordexp() (CVE-2016-7076) (Closes: #842507) I plan uploading the package tomorrow around 18:00 UTC. The binary packages for amd64 are also available for testing here: deb https://people.debian.org/~rbalint/ppa/wheezy-lts UNRELEASED/ Cheers, Balint diff -Nru sudo-1.8.5p2/debian/changelog sudo-1.8.5p2/debian/changelog --- sudo-1.8.5p2/debian/changelog 2016-01-05 19:48:04.0 +0100 +++ sudo-1.8.5p2/debian/changelog 2016-11-11 15:54:01.0 +0100 @@ -1,3 +1,11 @@ +sudo (1.8.5p2-1+nmu3+deb7u2) wheezy-security; urgency=medium + + * LTS Team upload. + * Fix noexec bypass via system() and popen() (CVE-2016-7032) + * Fix noexec bypass via wordexp() (CVE-2016-7076) (Closes: #842507) + + -- Balint Reczey Fri, 11 Nov 2016 15:52:14 +0100 + sudo (1.8.5p2-1+nmu3+deb7u1) wheezy-security; urgency=medium * Non-maintainer upload diff -Nru sudo-1.8.5p2/debian/patches/CVE-2016-7032-1.patch sudo-1.8.5p2/debian/patches/CVE-2016-7032-1.patch --- sudo-1.8.5p2/debian/patches/CVE-2016-7032-1.patch 1970-01-01 01:00:00.0 +0100 +++ sudo-1.8.5p2/debian/patches/CVE-2016-7032-1.patch 2016-11-11 17:46:36.0 +0100 @@ -0,0 +1,39 @@ +From 31e5576a54a439c943f20998cb319f7101a609e3 Mon Sep 17 00:00:00 2001 +From: "Todd C. Miller" +Date: Mon, 28 Sep 2015 15:10:00 -0600 +Subject: [PATCH 1/3] Also interpose system(3). On glibc systems you cannot + interpose the syscalls used internally by libc. + +Conflicts: + src/sudo_noexec.c +--- + src/sudo_noexec.c | 6 ++ + 1 file changed, 6 insertions(+) + +diff --git a/src/sudo_noexec.c b/src/sudo_noexec.c +index af1915f..c83df44 100644 +--- a/src/sudo_noexec.c b/src/sudo_noexec.c +@@ -40,6 +40,11 @@ + return -1; \ + } + ++#define DUMMY1(fn, t1) \ ++int \ ++fn(t1 a1) \ ++DUMMY_BODY ++ + #define DUMMY2(fn, t1, t2) \ + int \ + fn(t1 a1, t2 a2)\ +@@ -69,6 +74,7 @@ DUMMY_VA(__execle, const char *, const char *) + DUMMY_VA(execlp, const char *, const char *) + DUMMY_VA(_execlp, const char *, const char *) + DUMMY_VA(__execlp, const char *, const char *) ++DUMMY1(system, const char *) + DUMMY3(exect, const char *, char * const *, char * const *) + DUMMY3(_exect, const char *, char * const *, char * const *) + DUMMY3(__exect, const char *, char * const *, char * const *) +-- +2.1.4 + diff -Nru sudo-1.8.5p2/debian/patches/CVE-2016-7032-2.patch sudo-1.8.5p2/debian/patches/CVE-2016-7032-2.patch --- sudo-1.8.5p2/debian/patches/CVE-2016-7032-2.patch 1970-01-01 01:00:00.0 +0100 +++ sudo-1.8.5p2/debian/patches/CVE-2016-7032-2.patch 2016-11-11 17:46:36.0 +0100 @@ -0,0 +1,57 @@ +From 129bf12da13c4f095502ae36b1fc9726eaa23403 Mon Sep 17 00:00:00 2001 +From: "Todd C. Miller" +Date: Mon, 28 Sep 2015 15:34:16 -0600 +Subject: [PATCH 2/3] Also wrap popen(3). + +Back-ported to not use FN_NAME and INTERPOSE by Balint Reczey. + +Conflicts: + src/sudo_noexec.c +--- + src/sudo_noexec.c | 12 +++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/src/sudo_noexec.c b/src/sudo_noexec.c +index c83df44..c6c 100644 +--- a/src/sudo_noexec.c b/src/sudo_noexec.c +@@ -20,6 +20,8 @@ + + #include + #include ++#include ++#include + #ifdef HAVE_SPAWN_H + #include + #endif +@@ -74,7 +76,6 @@ DUMMY_VA(__execle, const char *, const char *) + DUMMY_VA(execlp, const char *, const char *) + DUMMY_VA(_execlp, const char *, const char *) + DUMMY_VA(__execlp, const char *, const char *) +-DUMMY1(system, const char *) + DUMMY3(exect, const char *, char * const *, char * const *) + DUMMY3(_exect, const char *, char * const *, char * const *) + DUMMY3(__exect, const char *, char * const *, char * const *) +@@ -96,6 +97,7 @@ DUMMY3(__execvpe, const char *, char * const *, char * const *) + DUMMY3(fexecve, int , char * const *, char * const *) + DUMMY3(_fexecve, int , char * const *, char * const *) + DUMMY3(__fexecve, int , char * const *, char * const *) ++DUMMY1(system, const char *) + #ifdef HAVE_SPAWN_H + DUMMY6(posix_spawn, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *) + DUMMY6(_posix_spawn, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *) +@@ -104,3 +106,11 @@ DUMMY6(posix_spawnp, pid_t *, const char *, const posix_spawn_file_actions_t *, + DUMMY6(_posix_spawnp, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *) + DUMMY6(__posix_spawnp, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const
wireshark security update for Wheezy LTS
Hi, I have prepared an update for wireshark in Wheezy. Please see the diff to previous version attached. A practically identical changeset has been already accepted to jessie-security. Changes: wireshark (1.12.1+g01b65bf-4+deb8u6~deb7u4) wheezy-security; urgency=medium . * security fixes from Wireshark 2.0.6: - The H.225 dissector could crash (CVE-2016-7176) - The Catapult DCT2000 dissector could crash (CVE-2016-7177) - The UMTS FP dissector could crash (CVE-2016-7178) - The Catapult DCT2000 dissector could crash (CVE-2016-7179) - The IPMI trace dissector could crash (CVE-2016-7180) I plan uploading the package tomorrow around noon UTC. Cheers, Balint diff -Nru wireshark-1.12.1+g01b65bf/debian/changelog wireshark-1.12.1+g01b65bf/debian/changelog --- wireshark-1.12.1+g01b65bf/debian/changelog 2016-08-14 16:20:37.0 +0200 +++ wireshark-1.12.1+g01b65bf/debian/changelog 2016-09-20 18:05:25.0 +0200 @@ -1,3 +1,14 @@ +wireshark (1.12.1+g01b65bf-4+deb8u6~deb7u4) wheezy-security; urgency=medium + + * security fixes from Wireshark 2.0.6: +- The H.225 dissector could crash (CVE-2016-7176) +- The Catapult DCT2000 dissector could crash (CVE-2016-7177) +- The UMTS FP dissector could crash (CVE-2016-7178) +- The Catapult DCT2000 dissector could crash (CVE-2016-7179) +- The IPMI trace dissector could crash (CVE-2016-7180) + + -- Balint Reczey Tue, 20 Sep 2016 18:05:16 +0200 + wireshark (1.12.1+g01b65bf-4+deb8u6~deb7u3) wheezy-security; urgency=medium * security fixes from Wireshark 1.12.13: diff -Nru wireshark-1.12.1+g01b65bf/debian/patches/127_2.0.6_Don-t-snprintf-into-a-string-with-one-of-the-argumen.patch wireshark-1.12.1+g01b65bf/debian/patches/127_2.0.6_Don-t-snprintf-into-a-string-with-one-of-the-argumen.patch --- wireshark-1.12.1+g01b65bf/debian/patches/127_2.0.6_Don-t-snprintf-into-a-string-with-one-of-the-argumen.patch 1970-01-01 01:00:00.0 +0100 +++ wireshark-1.12.1+g01b65bf/debian/patches/127_2.0.6_Don-t-snprintf-into-a-string-with-one-of-the-argumen.patch 2016-09-20 18:04:38.0 +0200 @@ -0,0 +1,695 @@ +From 8b20fac0cdcbeb0266caf5307600e1e1f4912b99 Mon Sep 17 00:00:00 2001 +From: Guy Harris +Date: Tue, 2 Aug 2016 20:39:34 -0700 +Subject: [PATCH 127/131] Don't snprintf() into a string with one of the + arguments being the same string. + +That doesn't work - you could be writing into the string from which +you're reading. + +Conflicts: + asn1/h225/h225.cnf + epan/dissectors/packet-h225.c + +Bug: 12700 + +Change-Id: I2fc6416e0613791dcd37ef70dbf00aae159008de +Reviewed-on: https://code.wireshark.org/review/16852 +Reviewed-by: Guy Harris +Reviewed-on: https://code.wireshark.org/review/17800 +Reviewed-by: Balint Reczey +--- + asn1/h225/h225.cnf| 58 +-- + epan/dissectors/packet-h225.c | 168 +++--- + 2 files changed, 127 insertions(+), 99 deletions(-) + +diff --git a/asn1/h225/h225.cnf b/asn1/h225/h225.cnf +index 2bece14..a6ad36b 100644 +--- a/asn1/h225/h225.cnf b/asn1/h225/h225.cnf +@@ -274,8 +274,12 @@ IsupNumber/nationalStandardPartyNumber isupNationalStandardPartyNumber + dissect_h245_FastStart_OLC(value_tvb, %(ACTX)s->pinfo, tree, codec_str); + } + +-/* Add to packet info */ +-g_snprintf(h225_pi->frame_label, 50, "%%s %%s", h225_pi->frame_label, codec_str); ++ /* Add to packet info */ ++ { ++char temp[50]; ++g_snprintf(temp, 50, "%%s %%s", h225_pi->frame_label, codec_str); ++g_strlcpy(h225_pi->frame_label, temp, 50); ++ } + + contains_faststart = TRUE; + h225_pi->is_faststart = TRUE; +@@ -362,10 +366,12 @@ IsupNumber/nationalStandardPartyNumber isupNationalStandardPartyNumber + #.FN_FTR Progress-UUIE + /* Add to packet info */ + h225_pi->cs_type = H225_PROGRESS; +- if (contains_faststart == TRUE ) +-g_snprintf(h225_pi->frame_label, 50, "%s OLC (%s)", val_to_str(h225_pi->cs_type, T_h323_message_body_vals, ""), h225_pi->frame_label); +- else +-g_snprintf(h225_pi->frame_label, 50, "%s", val_to_str(h225_pi->cs_type, T_h323_message_body_vals, "")); ++ if (contains_faststart) { ++char temp[50]; ++g_snprintf(temp, 50, "%s OLC (%s)", val_to_str(h225_pi->cs_type, T_h323_message_body_vals, ""), h225_pi->frame_label); ++g_strlcpy(h225_pi->frame_label, temp, 50); ++ } else ++g_snprintf(h225_pi->frame_label, 50, "%s", val_to_str(h225_pi->cs_type, T_h323_message_body_vals, "")); + #.END + # + #.FN_FTR SetupAcknowledge-UUIE +@@ -389,28 +395,34 @@ IsupNumber/nationalStandardPartyNumber isupNationalStandardPartyNumber + #.FN_FTR Setup-UUIE + /* Add to packet info */ + h225_pi->cs_type = H225_SETUP; +- if (contains_faststart == TRUE ) +- g_snprintf(h225_pi->frame_label, 50, "%s OLC (%s)", val_to_str(h225_pi->cs_type, T_h323_message_body_vals, ""), h225_pi->frame_label); +- else +- g_snprintf(h225_p
wireshark security update for Wheezy LTS
Hi, I have prepared an update for wireshark in Wheezy. Please see the diff to previous version attached. A practically identical changeset has been already accepted to jessie-security. Changes: wireshark (1.12.1+g01b65bf-4+deb8u6~deb7u3) wheezy-security; urgency=medium . * security fixes from Wireshark 1.12.13: - The NDS dissector could crash (CVE-2016-6504) - The PacketBB dissector could crash (CVE-2016-6505) - The WSP dissector could go into an infinite loop (CVE-2016-6506) - The MMSE dissector could go into an infinite loop (CVE-2016-6507) - The RLC dissector could go into a long loop (CVE-2016-6508) - The LDSS dissector could crash (CVE-2016-6509) - The RLC dissector could crash (CVE-2016-6510) - The OpenFlow dissector could go into a long loop (CVE-2016-6511) * Cherry-pick fix for regressions caused by CVE-2016-6511's fix I plan uploading the package tomorrow around noon UTC. Cheers, Balint diff -Nru wireshark-1.12.1+g01b65bf/debian/changelog wireshark-1.12.1+g01b65bf/debian/changelog --- wireshark-1.12.1+g01b65bf/debian/changelog 2016-06-26 20:37:15.0 +0200 +++ wireshark-1.12.1+g01b65bf/debian/changelog 2016-08-14 16:20:37.0 +0200 @@ -1,3 +1,18 @@ +wireshark (1.12.1+g01b65bf-4+deb8u6~deb7u3) wheezy-security; urgency=medium + + * security fixes from Wireshark 1.12.13: +- The NDS dissector could crash (CVE-2016-6504) +- The PacketBB dissector could crash (CVE-2016-6505) +- The WSP dissector could go into an infinite loop (CVE-2016-6506) +- The MMSE dissector could go into an infinite loop (CVE-2016-6507) +- The RLC dissector could go into a long loop (CVE-2016-6508) +- The LDSS dissector could crash (CVE-2016-6509) +- The RLC dissector could crash (CVE-2016-6510) +- The OpenFlow dissector could go into a long loop (CVE-2016-6511) + * Cherry-pick fix for regressions caused by CVE-2016-6511's fix + + -- Balint Reczey Sun, 14 Aug 2016 16:20:12 +0200 + wireshark (1.12.1+g01b65bf-4+deb8u6~deb7u2) wheezy-security; urgency=high * security fixes from Wireshark 1.12.12: diff -Nru wireshark-1.12.1+g01b65bf/debian/patches/118_1.12.13_dissect_nds_request-Add-NULL-check.patch wireshark-1.12.1+g01b65bf/debian/patches/118_1.12.13_dissect_nds_request-Add-NULL-check.patch --- wireshark-1.12.1+g01b65bf/debian/patches/118_1.12.13_dissect_nds_request-Add-NULL-check.patch 1970-01-01 01:00:00.0 +0100 +++ wireshark-1.12.1+g01b65bf/debian/patches/118_1.12.13_dissect_nds_request-Add-NULL-check.patch 2016-08-12 20:29:06.0 +0200 @@ -0,0 +1,33 @@ +From 471830020143111ca694a1153d9ea477343edde7 Mon Sep 17 00:00:00 2001 +From: Michael Mann +Date: Sat, 2 Jul 2016 10:37:20 -0400 +Subject: [PATCH 118/125] dissect_nds_request: Add NULL check + +Bug: 12576 +Change-Id: If25d65b58ccc3860a48a48d5dbc4a076a79ad459 +Reviewed-on: https://code.wireshark.org/review/16245 +Reviewed-by: Michael Mann +(cherry picked from commit 9eacbb4d48df647648127b9258f9e5aeeb0c7d99) +Reviewed-on: https://code.wireshark.org/review/17015 +Reviewed-by: Balint Reczey +--- + epan/dissectors/packet-ncp.inc | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/epan/dissectors/packet-ncp.inc b/epan/dissectors/packet-ncp.inc +index 35f0fa6..6c7c4c6 100644 +--- a/epan/dissectors/packet-ncp.inc b/epan/dissectors/packet-ncp.inc +@@ -11803,7 +11803,8 @@ dissect_nds_request(tvbuff_t *tvb, packet_info *pinfo, + ; /* nothing */ + break; + } +-ptvcursor_free(ptvc); ++if (ptvc != NULL) ++ptvcursor_free(ptvc); + + /* Free the temporary proto_tree */ + CLEANUP_CALL_AND_POP; +-- +2.1.4 + diff -Nru wireshark-1.12.1+g01b65bf/debian/patches/119_1.12.13_packetbb-Prevent-divide-by-0.patch wireshark-1.12.1+g01b65bf/debian/patches/119_1.12.13_packetbb-Prevent-divide-by-0.patch --- wireshark-1.12.1+g01b65bf/debian/patches/119_1.12.13_packetbb-Prevent-divide-by-0.patch 1970-01-01 01:00:00.0 +0100 +++ wireshark-1.12.1+g01b65bf/debian/patches/119_1.12.13_packetbb-Prevent-divide-by-0.patch 2016-08-12 20:29:06.0 +0200 @@ -0,0 +1,48 @@ +From 5576ce24c69cf38c890f70696285e84d6e4c2932 Mon Sep 17 00:00:00 2001 +From: Michael Mann +Date: Sat, 2 Jul 2016 08:23:34 -0400 +Subject: [PATCH 119/125] packetbb: Prevent divide by 0. + +Bug: 12577 +Change-Id: Ibfa605597b786d8dbf1e256ef2ca6dc691498974 +Reviewed-on: https://code.wireshark.org/review/16241 +Petri-Dish: Michael Mann +Tested-by: Petri Dish Buildbot +Reviewed-by: Michael Mann +(cherry picked from commit 94e97e45cf614c7bb8fe90c23df52910246b2c95) +Reviewed-on: https://code.wireshark.org/review/16244 +(cherry picked from commit 3ce7de0ce8d32ded8e4c0ebf747886b9b5b1b26f) +Reviewed-on: https://code.wireshark.org/review/17016 +Reviewed-by: Balint Reczey +--- + epan/dissectors/packet-packetbb.c | 14 -- + 1 file changed, 8 insertions(+), 6 deletions(-) + +diff --git a/epan/dissec
wireshark security update for Wheezy LTS
Hi, I have prepared an update for wireshark in Wheezy. Please see the diff to previous version attached. I have submitted a practically identical changeset to the Security Team for accepting it as an update to Jessie's version. Changes: wireshark (1.12.1+g01b65bf-4+deb8u6~deb7u2) wheezy-security; urgency=high . * security fixes from Wireshark 1.12.12: - The SPOOLS dissector could go into an infinite loop Discovered by the CESG (CVE-2016-5350) - The IEEE 802.11 dissector could crash (CVE-2016-5351) - The UMTS FP dissector could crash (CVE-2016-5353) - Some USB dissectors could crash. Discovered by Mateusz Jurczyk (CVE-2016-5354) - The Toshiba file parser could crash. Discovered by iDefense Labs (CVE-2016-5355) - The CoSine file parser could crash. Discovered by iDefense Labs (CVE-2016-5356) - The NetScreen file parser could crash. Discovered by iDefense Labs (CVE-2016-5357) - The WBXML dissector could go into an infinite loop. Discovered by Chris Benedict, Aurelien Delaitre, NIST SAMATE Project (CVE-2016-5359) * Fix patch for CVE-2015-8724 released in 1.12.1+g01b65bf-4+deb8u4 to not return error code from a function returning void The binary packages for amd64 are also available for testing here: https://people.debian.org/~rbalint/ppa/wheezy-lts/wheezy-security/ Cheers, Balint diff -Nru wireshark-1.12.1+g01b65bf/debian/changelog wireshark-1.12.1+g01b65bf/debian/changelog --- wireshark-1.12.1+g01b65bf/debian/changelog 2016-05-29 00:19:41.0 +0200 +++ wireshark-1.12.1+g01b65bf/debian/changelog 2016-06-26 20:37:15.0 +0200 @@ -1,3 +1,26 @@ +wireshark (1.12.1+g01b65bf-4+deb8u6~deb7u2) wheezy-security; urgency=high + + * security fixes from Wireshark 1.12.12: +- The SPOOLS dissector could go into an infinite loop + Discovered by the CESG (CVE-2016-5350) +- The IEEE 802.11 dissector could crash (CVE-2016-5351) +- The UMTS FP dissector could crash (CVE-2016-5353) +- Some USB dissectors could crash. Discovered by Mateusz Jurczyk + (CVE-2016-5354) +- The Toshiba file parser could crash. Discovered by iDefense Labs + (CVE-2016-5355) +- The CoSine file parser could crash. Discovered by iDefense Labs + (CVE-2016-5356) +- The NetScreen file parser could crash. Discovered by iDefense Labs + (CVE-2016-5357) +- The WBXML dissector could go into an infinite loop. + Discovered by Chris Benedict, Aurelien Delaitre, + NIST SAMATE Project (CVE-2016-5359) + * Fix patch for CVE-2015-8724 released in 1.12.1+g01b65bf-4+deb8u4 +to not return error code from a function returning void + + -- Balint Reczey Sun, 26 Jun 2016 20:35:36 +0200 + wireshark (1.12.1+g01b65bf-4+deb8u6~deb7u1) wheezy-security; urgency=high * Backport to wheezy-security diff -Nru wireshark-1.12.1+g01b65bf/debian/patches/105_1.12.12_Toshiba_Fix-packet-length-handling.patch wireshark-1.12.1+g01b65bf/debian/patches/105_1.12.12_Toshiba_Fix-packet-length-handling.patch --- wireshark-1.12.1+g01b65bf/debian/patches/105_1.12.12_Toshiba_Fix-packet-length-handling.patch 1970-01-01 01:00:00.0 +0100 +++ wireshark-1.12.1+g01b65bf/debian/patches/105_1.12.12_Toshiba_Fix-packet-length-handling.patch 2016-06-26 20:34:08.0 +0200 @@ -0,0 +1,89 @@ +From 1a8ed46c02e2aad04b30ccaf916b4ad553e28467 Mon Sep 17 00:00:00 2001 +From: Guy Harris +Date: Fri, 29 Apr 2016 15:19:49 -0700 +Subject: [PATCH 105/117] Fix packet length handling. + +Treat the packet length as unsigned - it shouldn't be negative in the +file. If it is, that'll probably cause the sscanf to fail, so we'll +report the file as bad. + +Check it against WTAP_MAX_PACKET_SIZE to make sure we don't try to +allocate a huge amount of memory, just as we do in other file readers. + +Use the now-validated packet size as the length in +ws_buffer_assure_space(), so we are certain to have enough space, and +don't allocate too much space. + +Bug: 12394 +Change-Id: If0b79376fc6fe2f49c7b7d7796dee7b7683485cb +Reviewed-on: https://code.wireshark.org/review/15171 +Reviewed-by: Guy Harris +(cherry picked from commit 303680c3eae0263854c80845a660a1784d731533) +Reviewed-on: https://code.wireshark.org/review/16111 +Reviewed-by: Balint Reczey +--- + wiretap/toshiba.c | 22 ++ + 1 file changed, 14 insertions(+), 8 deletions(-) + +diff --git a/wiretap/toshiba.c b/wiretap/toshiba.c +index 0492514..892a31e 100644 +--- a/wiretap/toshiba.c b/wiretap/toshiba.c +@@ -100,11 +100,6 @@ static const char toshiba_hdr_magic[] = + static const char toshiba_rec_magic[] = { '[', 'N', 'o', '.' }; + #define TOSHIBA_REC_MAGIC_SIZE (sizeof toshiba_rec_magic / sizeof toshiba_rec_magic[0]) + +-/* +- * XXX - is this the biggest packet we can get? +- */ +-#define TOSHIBA_MAX_PACKET_LEN 16384 +- + static gboolean toshiba_read(wtap *wth, int *err, gchar **err_info, + gint64 *data_offset); + static gboolean toshiba_seek_read(wtap