]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 857ec6e) | patch
CVE-2017-5482/Q.933: add a missing bounds check
authorDenis Ovsienko <[email protected]>
Thu, 12 Jan 2017 10:09:34 +0000 (10:09 +0000)
committerFrancois-Xavier Le Bail <[email protected]>
Wed, 18 Jan 2017 08:16:41 +0000 (09:16 +0100)
commitc39c1d99ac3b6d5d9519b39da6717180651650d3
tree9a68359cfb9c57c3b8c7f28c76c82fc9178a26abtree
parent857ec6e800ec772f5a6b9f76268d189d70f000b6commit | diff
CVE-2017-5482/Q.933: add a missing bounds check

Brian Carpenter had found that regardless of CVE-2016-8575 q933_print()
still could overread the buffer trying to parse a short packet. This
change fixes the problem.
print-fr.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/q933-heapoverflow-2.out [new file with mode: 0644] blob
tests/q933-heapoverflow-2.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector