CVE-2016-7924/Add some bounds checks.

[tcpdump] / print-pim.c

diff --git a/print-pim.c b/print-pim.c
index c93f165617fd697ce21280df1210b61694d8be26..092c41fe196397ff2759ddb57dc5889adabd6b95 100644 (file)
--- a/print-pim.c
+++ b/print-pim.c
@@ -19,6 +19,8 @@
  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
+/* \summary: Protocol Independent Multicast (PIM) printer */
+
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
@@ -620,11 +622,16 @@ enum checksum_status {
 };
 
 static enum checksum_status
-pimv2_check_checksum(netdissect_options *ndo, const u_char *bp, const u_char *bp2, u_int len)
+pimv2_check_checksum(netdissect_options *ndo, const u_char *bp,
+                    const u_char *bp2, u_int len)
 {
        const struct ip *ip;
        u_int cksum;
 
+       if (!ND_TTEST2(bp[0], len)) {
+               /* We don't have all the data. */
+               return (UNVERIFIED);
+       }
        ip = (const struct ip *)bp2;
        if (IP_V(ip) == 4) {
                struct cksum_vec vec[1];