]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 0f17359) | patch
CVE-2017-13032/RADIUS: Check whether a byte exists before testing its value.
authorGuy Harris <[email protected]>
Wed, 22 Mar 2017 22:38:02 +0000 (15:38 -0700)
committerDenis Ovsienko <[email protected]>
Wed, 13 Sep 2017 11:25:44 +0000 (12:25 +0100)
commit1bc78d795cd5cad5525498658f414a11ea0a7e9c
tree5deb1f62c306a102f4377261d1c9a5b2bac8d2datree
parent0f1735981d7ee78af277fab4c29da83a3ce4da5ecommit | diff
CVE-2017-13032/RADIUS: Check whether a byte exists before testing its value.

Reverse the test in a for loop to test the length before testing whether
we have a null byte.

This fixes a buffer over-read discovered by Bhargava Shastry.

Add a test using the capture file supplied by the reporter(s), modified
so the capture file won't be rejected as an invalid capture.

Clean up other length tests while we're at it.
print-radius.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/radius_attr_asan.out [new file with mode: 0644] blob
tests/radius_attr_asan.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector