]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 0d838a8) | patch
CVE-2017-13000/IEEE 802.15.4: Add more bounds checks.
authorGuy Harris <[email protected]>
Sat, 18 Feb 2017 01:43:10 +0000 (17:43 -0800)
committerDenis Ovsienko <[email protected]>
Sun, 3 Sep 2017 23:08:58 +0000 (00:08 +0100)
commit8fb9f546323a814970cc9b3e40b4ae76c6216cf0
tree2c41382fac6b54587b241e5612b5e4a0cae13ec5tree
parent0d838a844f41903bb935167960505153a89e2fa7commit | diff
CVE-2017-13000/IEEE 802.15.4: Add more bounds checks.

While we're at it, add a bunch of macros for the frame control field's
subfields, have the reserved frame types show the frame type value, use
the same code path for processing source and destination addresses
regardless of whether -v was specified (just leave out the addresses in
non-verbose mode), and return the header length in all cases.

This fixes a buffer over-read discovered by Forcepoint's security
researchers Otto Airamo & Antti Levomäki.

Add tests using the capture files supplied by the reporter(s).
print-802_15_4.c diff | blob | history
tests/802_15_4-oobr-1.out [new file with mode: 0644] blob
tests/802_15_4-oobr-1.pcap [new file with mode: 0644] blob
tests/802_15_4-oobr-2.out [new file with mode: 0644] blob
tests/802_15_4-oobr-2.pcap [new file with mode: 0644] blob
tests/TESTLIST diff | blob | history
[mirror] the TCPdump network dissector