]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: a220099) | patch
CVE-2017-13012/ICMP: Add a missing bounds check.
authorGuy Harris <[email protected]>
Thu, 16 Mar 2017 06:45:38 +0000 (23:45 -0700)
committerDenis Ovsienko <[email protected]>
Sun, 3 Sep 2017 23:08:58 +0000 (00:08 +0100)
commit407aaf69199dac107eae9274ed2abe07f922a2fc
treef6756216ff76c98a8f0eefb71ac3058eb017cd77tree
parenta2200990356bf273594d0f0a066ffc6911e7e0cacommit | diff
CVE-2017-13012/ICMP: Add a missing bounds check.

Check before fetching the length from the included packet's IPv4 header.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s), modified
so the capture file won't be rejected as an invalid capture.
print-icmp.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/extract_read2_asan.out [new file with mode: 0644] blob
tests/extract_read2_asan.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector