]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 41df3b2) | patch
CVE-2017-13001/NFS: Don't copy more data than is in the file handle.
authorGuy Harris <[email protected]>
Sun, 19 Feb 2017 21:56:12 +0000 (13:56 -0800)
committerDenis Ovsienko <[email protected]>
Sun, 3 Sep 2017 23:08:58 +0000 (00:08 +0100)
commit090254b2d83f44110bccd3a9939aeae5ae2301bf
treefd73b7b4652d5c1d91af1aa63e8b12e344360cc8tree
parent41df3b219070d05aac0eea0bbc8f48ff72dddff5commit | diff
CVE-2017-13001/NFS: Don't copy more data than is in the file handle.

Also, put the buffer on the stack; no reason to make it static.  (65
bytes isn't a lot.)

This fixes a buffer over-read discovered by Kamil Frankowicz.

Add a test using the capture file supplied by the reporter(s).
print-nfs.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/hoobr_nfs_printfh.out [new file with mode: 0644] blob
tests/hoobr_nfs_printfh.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector