]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: c39c1d9) | patch
CVE-2017-5483/SNMP: improve ASN.1 bounds checks
authorDenis Ovsienko <[email protected]>
Thu, 12 Jan 2017 13:47:50 +0000 (13:47 +0000)
committerFrancois-Xavier Le Bail <[email protected]>
Wed, 18 Jan 2017 08:16:41 +0000 (09:16 +0100)
commiteec1624f7be88008f519d92150ee0eb85633518b
tree77656a46eec698c55703affe9be45d6f51c363d8tree
parentc39c1d99ac3b6d5d9519b39da6717180651650d3commit | diff
CVE-2017-5483/SNMP: improve ASN.1 bounds checks

Kamil Frankowicz had found that truncated BE_STR and BE_SEQ ASN.1
elements could lead to an overread, from the source code it looked like
other ids could have this problem too. Move the checks introduced in
commit 72e501f out of the switch blocks to cover all ids by default.
This fixes GH#559 and GH#566.
print-snmp.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/snmp-heapoverflow-1.out [new file with mode: 0644] blob
tests/snmp-heapoverflow-1.pcap [new file with mode: 0644] blob
tests/snmp-heapoverflow-2.out [new file with mode: 0644] blob
tests/snmp-heapoverflow-2.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector