The Tcpdump Group git mirrors

]> The Tcpdump Group git mirrors - tcpdump/commit

author	hannes <hannes>
	Wed, 7 Jan 2004 08:00:51 +0000 (08:00 +0000)
committer	hannes <hannes>
	Wed, 7 Jan 2004 08:00:51 +0000 (08:00 +0000)
commit	e0d20f2c0824412b64738c6fa14f87bc8d0ef54d
tree	81b81bbdd74092247b0219bb5bf88bf2e1ee51b5	tree
parent	de464d5e30af607532a416432695415b1c0a8de5	commit \| diff

bugfix from Jonathan Heusser <[email protected]>

  The first critical piece of code is found in print-isakmp.c:332. The
  function rawprint() does not check its arguments thus it's easy for
  an attacker to pass a big 'len' or a bogus 'loc' leading to a
  segmentation fault in the for loop.

  The second bug is located in print-radius.c:471. The for loop of
  print_attr_string() is written in an unsafe manner. 'length'
  and 'data' should be checked.

CREDITS		diff \| blob \| history
print-isakmp.c		diff \| blob \| history
print-radius.c		diff \| blob \| history

[mirror] the TCPdump network dissector

RSS Atom