CVE-2017-13045/VQP: add some bounds checks

[tcpdump] / print-smb.c

diff --git a/print-smb.c b/print-smb.c
index af86cddbafd78ff21b9d2c1ed0a6f91ebcbcbb22..723b9a032415c00f1503db0b5334e13bdb301a80 100644 (file)
--- a/print-smb.c
+++ b/print-smb.c
@@ -1167,10 +1167,12 @@ nbt_udp137_print(netdissect_options *ndo,
            p = smb_fdata(ndo, p, "Name=[n1]\n#", maxbuf, 0);
            if (p == NULL)
                goto out;
+           ND_TCHECK_16BITS(p);
            restype = EXTRACT_16BITS(p);
            p = smb_fdata(ndo, p, "ResType=[rw]\nResClass=[rw]\nTTL=[rD]\n", p + 8, 0);
            if (p == NULL)
                goto out;
+           ND_TCHECK_16BITS(p);
            rdlen = EXTRACT_16BITS(p);
            ND_PRINT((ndo, "ResourceLength=%d\nResourceData=\n", rdlen));
            p += 2;