]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 5f7a5aa) | patch
CVE-2017-13032/RADIUS: Check whether a byte exists before testing its value.
authorGuy Harris <[email protected]>
Wed, 22 Mar 2017 22:38:02 +0000 (15:38 -0700)
committerDenis Ovsienko <[email protected]>
Sun, 3 Sep 2017 23:08:58 +0000 (00:08 +0100)
commit027433c0d862c3699635944f4240628ba44d8341
tree0949f798c828532a5399fcaa76f5983afdc73917tree
parent5f7a5aabca2a890e5f6a1ba7941e796ba17eb12bcommit | diff
CVE-2017-13032/RADIUS: Check whether a byte exists before testing its value.

Reverse the test in a for loop to test the length before testing whether
we have a null byte.

This fixes a buffer over-read discovered by Bhargava Shastry.

Add a test using the capture file supplied by the reporter(s), modified
so the capture file won't be rejected as an invalid capture.

Clean up other length tests while we're at it.
print-radius.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/radius_attr_asan.out [new file with mode: 0644] blob
tests/radius_attr_asan.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector