]> The Tcpdump Group git mirrors - tcpdump/commit
projects / tcpdump / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 9ce9f78) | patch
CVE-2017-13031/Check for the presence of the entire IPv6 fragment header.
authorGuy Harris <[email protected]>
Wed, 22 Mar 2017 21:55:12 +0000 (14:55 -0700)
committerDenis Ovsienko <[email protected]>
Sun, 3 Sep 2017 23:08:58 +0000 (00:08 +0100)
commitf70d3198b3ed1e7cdb5c7c08c100a63d42f09baa
tree9971c9ed38668505a9ba6dec7e55a795bbeebca1tree
parent9ce9f78f9953041e4af5681a3c25150820febf01commit | diff
CVE-2017-13031/Check for the presence of the entire IPv6 fragment header.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s), modified
so the capture file won't be rejected as an invalid capture.

Clean up some whitespace in tests/TESTLIST while we're at it.
print-frag6.c diff | blob | history
tests/TESTLIST diff | blob | history
tests/ip6_frag_asan.out [new file with mode: 0644] blob
tests/ip6_frag_asan.pcap [new file with mode: 0644] blob
[mirror] the TCPdump network dissector