CVE-2017-13023/IPv6 mobility: Add a bounds check before fetching data

[tcpdump] / print-mobility.c

diff --git a/print-mobility.c b/print-mobility.c
index 7a12901f8fffa639550f868189e90415805bc2b6..36dfbeb8bec8f102f8248ace63e2c54a5aedb8a7 100644 (file)
--- a/print-mobility.c
+++ b/print-mobility.c
@@ -150,6 +150,7 @@ mobility_opt_print(netdissect_options *ndo,
                                goto trunc;
                        }
                        /* units of 4 secs */
+                       ND_TCHECK_16BITS(&bp[i+2]);
                        ND_PRINT((ndo, "(refresh: %u)",
                                EXTRACT_16BITS(&bp[i+2]) << 2));
                        break;