The Tcpdump Group git mirrors

]> The Tcpdump Group git mirrors - tcpdump/commit

author	Denis Ovsienko <[email protected]>
	Sun, 6 Aug 2017 19:54:42 +0000 (20:54 +0100)
committer	Denis Ovsienko <[email protected]>
	Sun, 3 Sep 2017 23:08:58 +0000 (00:08 +0100)
commit	f18bb41c8e95477268467a48cd606c472873ddfc
tree	c7415f66becea74b125f50964db959a148f61acf	tree
parent	05ebfefdb19ee4514060311289c12b459841b68a	commit \| diff

CVE-2017-13047/ES-IS: put an existing bounds check right

The bounds check in esis_print() tested one pointer at the beginning of
a loop that incremented another, make the trivial fix. While at it, make
the function print a standard marker when it detects truncated data and
update some existing ES-IS tests respectively.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s).

print-isoclns.c		diff \| blob \| history
tests/TESTLIST		diff \| blob \| history
tests/esis_opt_prot-oobr.out	[new file with mode: 0644]	blob
tests/esis_opt_prot-oobr.pcap	[new file with mode: 0644]	blob
tests/esis_snpa_asan-3.out		diff \| blob \| history
tests/esis_snpa_asan-4.out		diff \| blob \| history
tests/esis_snpa_asan-5.out		diff \| blob \| history

[mirror] the TCPdump network dissector

RSS Atom