The Tcpdump Group git mirrors

]> The Tcpdump Group git mirrors - tcpdump/commit

author	Guy Harris <[email protected]>
	Mon, 6 Mar 2017 18:13:22 +0000 (10:13 -0800)
committer	Denis Ovsienko <[email protected]>
	Wed, 13 Sep 2017 11:25:44 +0000 (12:25 +0100)
commit	db8c799f6dfc68765c9451fcbfca06e662f5bd5f
tree	43b7e5a63fc35bbc473a73134ee1cb381d0659fd	tree
parent	5edf405d7ed9fc92f4f43e8a3d44baa4c6387562	commit \| diff

CVE-2017-13009/IPv6 mobility: Add a bounds check.

This fixes a buffer over-read discovered by Brian 'geeknik' Carpenter.

Add a test using the capture file supplied by the reporter(s).

While we're at it:

Add a comment giving the RFC for IPv6 mobility headers.

Clean up some bounds checks to make it clearer what they're checking, by
matching the subsequent EXTRACT_ calls or memcpy.

For the binding update, if none of the flag bits are set, don't check
the individual flag bits.

print-mobility.c		diff \| blob \| history
tests/TESTLIST		diff \| blob \| history
tests/ipv6-mobility-header-oobr.out	[new file with mode: 0644]	blob
tests/ipv6-mobility-header-oobr.pcap	[new file with mode: 0644]	blob

[mirror] the TCPdump network dissector

RSS Atom