]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 527e63d) | patch
CVE-2017-12992/RIPng: Clean up bounds checking.
authorGuy Harris <[email protected]>
Tue, 7 Feb 2017 11:03:34 +0000 (03:03 -0800)
committerDenis Ovsienko <[email protected]>
Sun, 3 Sep 2017 23:08:58 +0000 (00:08 +0100)
commit490f2e6030f75b00f2acf3a3757a2994e2ecef3d
tree6e9a72a97fed32d1c73b52e2e7b222ab158fafc2tree
parent527e63d35882e162bce652afc9f692ff5f4529c1commit | diff
CVE-2017-12992/RIPng: Clean up bounds checking.

Do bounds checking as we access items.

Scan the list of netinfo6 entries based on the supplied packet length,
without taking the captured length into account; let the aforementioned
bounds checking handle that.

This fixes a buffer over-read discovered by Kamil Frankowicz.

Add a test using the capture file supplied by the reporter(s).
print-ripng.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/hoobr_ripng_print.out [new file with mode: 0644] blob
tests/hoobr_ripng_print.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector