]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 7335163) | patch
CVE-2017-13039/IKEv1: Do more bounds checking.
authorGuy Harris <[email protected]>
Mon, 12 Jun 2017 04:06:55 +0000 (21:06 -0700)
committerDenis Ovsienko <[email protected]>
Wed, 13 Sep 2017 11:25:44 +0000 (12:25 +0100)
commite0a5a02b0fc1900a69d6c37ed0aab36fb8494e6d
tree70a3738fbfc60ff53b04bb373ac622ad46c08f78tree
parent7335163a6ef82d46ff18f3e6099a157747241629commit | diff
CVE-2017-13039/IKEv1: Do more bounds checking.

Have ikev1_attrmap_print() and ikev1_attr_print() do full bounds
checking, and return null on a bounds overflow.  Have their callers
check for a null return.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s), modified
so the capture file won't be rejected as an invalid capture.
print-isakmp.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/isakmpv1-attr-oobr.out [new file with mode: 0644] blob
tests/isakmpv1-attr-oobr.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector