]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 8512734) | patch
CVE-2017-13001/NFS: Don't copy more data than is in the file handle.
authorGuy Harris <[email protected]>
Sun, 19 Feb 2017 21:56:12 +0000 (13:56 -0800)
committerDenis Ovsienko <[email protected]>
Wed, 13 Sep 2017 11:25:44 +0000 (12:25 +0100)
commit7a923447fd49a069a0fd3b6c3547438ab5ee2123
tree2381eef1ccb894a1abf5eb81bc816593cc28347etree
parent8512734883227c11568bb35da1d48b9f8466f43fcommit | diff
CVE-2017-13001/NFS: Don't copy more data than is in the file handle.

Also, put the buffer on the stack; no reason to make it static.  (65
bytes isn't a lot.)

This fixes a buffer over-read discovered by Kamil Frankowicz.

Add a test using the capture file supplied by the reporter(s).
print-nfs.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/hoobr_nfs_printfh.out [new file with mode: 0644] blob
tests/hoobr_nfs_printfh.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector