The Tcpdump Group git mirrors

]> The Tcpdump Group git mirrors - tcpdump/commit

author	Denis Ovsienko <[email protected]>
	Sun, 17 Jun 2018 21:15:19 +0000 (22:15 +0100)
committer	Francois-Xavier Le Bail <[email protected]>
	Tue, 27 Aug 2019 09:20:42 +0000 (11:20 +0200)
commit	9ba91381954ad325ea4fd26b9c65a8bd9a2a85b6
tree	047a57ad58b1684fb2a4043ab454d6fc710f9dbb	tree
parent	d7505276842e85bfd067fa21cdb32b8a2dc3c5e4	commit \| diff

(for 4.9.3) CVE-2018-14879/fix -V to fail invalid input safely

get_next_file() did not check the return value of strlen() and
underflowed an array index if the line read by fgets() from the file
started with \0. This caused an out-of-bounds read and could cause a
write. Add the missing check.

This vulnerability was discovered by Brian Carpenter & Geeknik Labs.

tcpdump.c

diff | blob | history

[mirror] the TCPdump network dissector

RSS Atom