The Tcpdump Group git mirrors

]> The Tcpdump Group git mirrors - tcpdump/commit

author	Denis Ovsienko <[email protected]>
	Thu, 6 Sep 2018 20:26:21 +0000 (21:26 +0100)
committer	Francois-Xavier Le Bail <[email protected]>
	Mon, 28 Oct 2019 19:10:56 +0000 (20:10 +0100)
commit	756d0a1356a49efbd1a9f461f478913cb8163b23
tree	9b629716cc195ac001e069cd979b798ff4f48534	tree
parent	8d32220a44bfd218758f8e9ca615ab73eefa0ca8	commit \| diff

BGP: prevent stack exhaustion

Enforce a limit on how many times bgp_attr_print() can recurse.

This change fixes CVE-2018-16300.

This fixes a stack exhaustion discovered by Include Security working
under the Mozilla SOS program in 2018 by means of code audit.

Cherry picked from af2cf04a9394c1a56227c2289ae8da262828294a
in 4.9 branch.

print-bgp.c

diff | blob | history

[mirror] the TCPdump network dissector

RSS Atom