]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: a4a99ce) | patch
CVE-2017-13029/PPP: Fix a bounds check, and clean up other bounds checks.
authorGuy Harris <[email protected]>
Wed, 22 Mar 2017 18:48:06 +0000 (11:48 -0700)
committerDenis Ovsienko <[email protected]>
Sun, 3 Sep 2017 23:08:58 +0000 (00:08 +0100)
commit35591264d7e5fa727fbed3b20ef427e1b648c1a2
treef1c8335a4389a3bfbb0dc885ee4be2d3f8eee772tree
parenta4a99cec345ed92c8ca73a7bf129686f76afde2fcommit | diff
CVE-2017-13029/PPP: Fix a bounds check, and clean up other bounds checks.

For configuration protocol options, use ND_TCHECK() and
ND_TCHECK_nBITS() macros, passing them the appropriate pointer argument.
This fixes one case where the ND_TCHECK2() call they replace was not
checking enough bytes.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s), modified
so the capture file won't be rejected as an invalid capture.
print-ppp.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/ppp_ccp_config_deflate_option_asan.out [new file with mode: 0644] blob
tests/ppp_ccp_config_deflate_option_asan.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector