]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: b79317b) | patch
CVE-2017-13690/IKEv2: Fix some bounds checks.
authorGuy Harris <[email protected]>
Thu, 24 Aug 2017 04:08:42 +0000 (21:08 -0700)
committerDenis Ovsienko <[email protected]>
Sun, 3 Sep 2017 23:08:58 +0000 (00:08 +0100)
commit2e44f2becd9ab36bd02e7e3d022453e3564fc5aa
treec9ad57a4b0516561c71621353661d9325fc7617ftree
parentb79317b08c723acc5490212fc529ece3edf4eb73commit | diff
CVE-2017-13690/IKEv2: Fix some bounds checks.

Use a pointer of the correct type in ND_TCHECK(), or use ND_TCHECK2()
and provide the correct length.

While we're at it, remove the blank line between some checks and the
UNALIGNED_MEMCPY()s they protect.

Also, note the places where we print the entire payload.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s).
print-isakmp.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/isakmp-various-oobr.out [new file with mode: 0644] blob
tests/isakmp-various-oobr.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector