]> The Tcpdump Group git mirrors - tcpdump/commit
CVE-2017-13000/IEEE 802.15.4: Add more bounds checks.
authorGuy Harris <[email protected]>
Sat, 18 Feb 2017 01:43:10 +0000 (17:43 -0800)
committerDenis Ovsienko <[email protected]>
Wed, 13 Sep 2017 11:25:44 +0000 (12:25 +0100)
commit9be4e0b5938b705e7e36cfcb110a740c6ff0cb97
tree7e8de032b68e960b82a5fcc9edfc36ef0bab7001
parentb1928b44a51455706bcfcce676e5e79571f65ae3
CVE-2017-13000/IEEE 802.15.4: Add more bounds checks.

While we're at it, add a bunch of macros for the frame control field's
subfields, have the reserved frame types show the frame type value, use
the same code path for processing source and destination addresses
regardless of whether -v was specified (just leave out the addresses in
non-verbose mode), and return the header length in all cases.

This fixes a buffer over-read discovered by Forcepoint's security
researchers Otto Airamo & Antti Levomäki.

Add tests using the capture files supplied by the reporter(s).
print-802_15_4.c
tests/802_15_4-oobr-1.out [new file with mode: 0644]
tests/802_15_4-oobr-1.pcap [new file with mode: 0644]
tests/802_15_4-oobr-2.out [new file with mode: 0644]
tests/802_15_4-oobr-2.pcap [new file with mode: 0644]
tests/TESTLIST