]> The Tcpdump Group git mirrors - tcpdump/blobdiff - print-telnet.c
projects / tcpdump / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
(for 4.9.3) CVE-2018-14880/OSPFv3: Fix a bounds check
[tcpdump] / print-telnet.c
diff --git a/print-telnet.c b/print-telnet.c
index f8df48671f873871feb9eb12e80fc91fa9102933..10fad9fef7f6a5b8c9a045c8f59eeeccb0873829 100644 (file)
--- a/print-telnet.c
+++ b/print-telnet.c
@@ -437,10 +437,12 @@ telnet_parse(netdissect_options *ndo, const u_char *sp, u_int length, int print)
                /* IAC SB .... IAC SE */
                p = sp;
                while (length > (u_int)(p + 1 - sp)) {
+                       ND_TCHECK2(*p, 2);
                        if (p[0] == IAC && p[1] == SE)
                                break;
                        p++;
                }
+               ND_TCHECK(*p);
                if (*p != IAC)
                        goto pktend;
 
[mirror] the TCPdump network dissector