IEEE 802.11: Add a bounds check

author Francois-Xavier Le Bail <[email protected]>

Mon, 18 Jun 2018 19:47:43 +0000 (21:47 +0200)

committer Francois-Xavier Le Bail <[email protected]>

Mon, 18 Jun 2018 19:47:43 +0000 (21:47 +0200)
author Francois-Xavier Le Bail <[email protected]>
Mon, 18 Jun 2018 19:47:43 +0000 (21:47 +0200)
committer Francois-Xavier Le Bail <[email protected]>
Mon, 18 Jun 2018 19:47:43 +0000 (21:47 +0200)
diff --git a/print-802_11.c b/print-802_11.c

index b668d0c60e6fdc11638b757564607b6a47973ba8..7f6a2301f0e51188eb19487b06ac8430aa44040a 100644 (file)
--- a/print-802_11.c
+++ b/print-802_11.c
@@ -2045,6 +2045,10 @@ ieee802_11_print(netdissect_options *ndo,
                 hdrlen = roundup2(hdrlen, 4);
         if (ndo->ndo_Hflag && FC_TYPE(fc) == T_DATA &&
             DATA_FRAME_IS_QOS(FC_SUBTYPE(fc))) {
+               if(!ND_TTEST_1(p + hdrlen)) {
+                       nd_print_trunc(ndo);
+                       return hdrlen;
+               }
                 meshdrlen = extract_mesh_header_length(p+hdrlen);
                 hdrlen += meshdrlen;
         } else
author	Francois-Xavier Le Bail <[email protected]>
	Mon, 18 Jun 2018 19:47:43 +0000 (21:47 +0200)
committer	Francois-Xavier Le Bail <[email protected]>
	Mon, 18 Jun 2018 19:47:43 +0000 (21:47 +0200)