]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: af2cf04) | patch
(for 4.9.3) CVE-2018-16452/SMB: prevent stack exhaustion
authorDenis Ovsienko <[email protected]>
Fri, 7 Sep 2018 20:10:36 +0000 (21:10 +0100)
committerFrancois-Xavier Le Bail <[email protected]>
Tue, 27 Aug 2019 09:20:43 +0000 (11:20 +0200)
commit24182d959f661327525a20d9a94c98a8ec016778
tree8221f32d85c023c8af4bff53ab62ea5566f21943tree
parentaf2cf04a9394c1a56227c2289ae8da262828294acommit | diff
(for 4.9.3) CVE-2018-16452/SMB: prevent stack exhaustion

Enforce a limit on how many times smb_fdata() can recurse.

This fixes a stack exhaustion discovered by Include Security working
under the Mozilla SOS program in 2018 by means of code audit.
smbutil.c diff | blob | history
[mirror] the TCPdump network dissector