]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: db24063) | patch
CVE-2017-12992/RIPng: Clean up bounds checking.
authorGuy Harris <[email protected]>
Tue, 7 Feb 2017 11:03:34 +0000 (03:03 -0800)
committerDenis Ovsienko <[email protected]>
Wed, 13 Sep 2017 11:25:44 +0000 (12:25 +0100)
commite942fb84fbe3a73a98a00d2a279425872b5fb9d2
tree4a414ff4e1986ebb42ca16e7410ab3e94db4d79atree
parentdb24063b01cba8e9d4d88b7d8ac70c9000c104e4commit | diff
CVE-2017-12992/RIPng: Clean up bounds checking.

Do bounds checking as we access items.

Scan the list of netinfo6 entries based on the supplied packet length,
without taking the captured length into account; let the aforementioned
bounds checking handle that.

This fixes a buffer over-read discovered by Kamil Frankowicz.

Add a test using the capture file supplied by the reporter(s).
print-ripng.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/hoobr_ripng_print.out [new file with mode: 0644] blob
tests/hoobr_ripng_print.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector