]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: de0389e) | patch
OSPF6: Fix an undefined behavior
authorBill Fenner <[email protected]>
Tue, 11 Oct 2022 20:16:20 +0000 (13:16 -0700)
committerFrancois-Xavier Le Bail <[email protected]>
Wed, 24 May 2023 08:16:06 +0000 (10:16 +0200)
commit7f3c0900e38225fe3a50937c943a7d38bf3f2b22
tree829efcf96a489426196f8c6957b5958134152da5tree
parentde0389e19a3fa8639f5b064ce0bf445cf3fc9a31commit | diff
OSPF6: Fix an undefined behavior

Handle ls_length shorter than sizeof(lsa_hdr) in the same way as OSPF.

Use a u_int32 to hold a loop variable initialized with GET_BE_U_4.

print-ospf6.c:815:46: runtime error: signed integer overflow:
-2147483648 - 1 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior print-ospf6.c:817:46

[Part of the PR #1012]
print-ospf6.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/ospf-signed-integer-ubsan.out [new file with mode: 0644] blob
tests/ospf-signed-integer-ubsan.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector