]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 061e737) | patch
CVE-2017-13690/IKEv2: Fix some bounds checks.
authorGuy Harris <[email protected]>
Thu, 24 Aug 2017 04:08:42 +0000 (21:08 -0700)
committerDenis Ovsienko <[email protected]>
Wed, 13 Sep 2017 11:25:44 +0000 (12:25 +0100)
commit8dca25d26c7ca2caf6138267f6f17111212c156e
treee90971963d56ec99cd0d1f2fd3d2b6fcfb2d6ef5tree
parent061e7371a944588f231cb1b66d6fb070b646e376commit | diff
CVE-2017-13690/IKEv2: Fix some bounds checks.

Use a pointer of the correct type in ND_TCHECK(), or use ND_TCHECK2()
and provide the correct length.

While we're at it, remove the blank line between some checks and the
UNALIGNED_MEMCPY()s they protect.

Also, note the places where we print the entire payload.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s).
print-isakmp.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/isakmp-various-oobr.out [new file with mode: 0644] blob
tests/isakmp-various-oobr.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector