]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 26b9567) | patch
CVE-2017-13688/OLSR: Do bounds checks before we fetch data.
authorGuy Harris <[email protected]>
Thu, 24 Aug 2017 02:26:37 +0000 (19:26 -0700)
committerDenis Ovsienko <[email protected]>
Wed, 13 Sep 2017 11:25:44 +0000 (12:25 +0100)
commit0cb1b8a434b599b8d636db029aadb757c24e39d6
tree6d07ec8eda5132fb0834f858ca77a1dfe8a4f90dtree
parent26b956739a77641634964e90aa765884daef0d0fcommit | diff
CVE-2017-13688/OLSR: Do bounds checks before we fetch data.

While we're at it, clean up some other bounds checks, so we check that
we have a complete IPv4 message header if it's IPv4 and a complete IPv6
message header if it's IPv6.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add tests using the capture files supplied by the reporter(s).
print-olsr.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/olsr-oobr-1.out [new file with mode: 0644] blob
tests/olsr-oobr-1.pcap [new file with mode: 0644] blob
tests/olsr-oobr-2.out [new file with mode: 0644] blob
tests/olsr-oobr-2.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector