]> The Tcpdump Group git mirrors - tcpdump/commitdiff
projects / tcpdump / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 350b3a0)
Add some bounds checks.
authorguy <guy>
Fri, 27 Aug 2004 03:29:41 +0000 (03:29 +0000)
committerguy <guy>
Fri, 27 Aug 2004 03:29:41 +0000 (03:29 +0000)
print-pppoe.c patch | blob | history

diff --git a/print-pppoe.c b/print-pppoe.c
index d450eebc1788eaeb893320a7b2fb26876605346d..1479512290417662667b7b6292f14e1fb821c404 100644 (file)
--- a/print-pppoe.c
+++ b/print-pppoe.c
@@ -23,7 +23,7 @@
 
 #ifndef lint
 static const char rcsid[] _U_ =
-"@(#) $Header: /tcpdump/master/tcpdump/print-pppoe.c,v 1.24.2.4 2004-03-24 03:04:22 guy Exp $ (LBL)";
+"@(#) $Header: /tcpdump/master/tcpdump/print-pppoe.c,v 1.24.2.5 2004-08-27 03:29:41 guy Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -160,6 +160,7 @@ pppoe_print(register const u_char *bp, u_int length)
                 */
                while (tag_type && p + 4 < pppoe_payload + length &&
                    p + 4 < snapend) {
+                       TCHECK2(*p, 4);
                        tag_type = EXTRACT_16BITS(p);
                        tag_len = EXTRACT_16BITS(p + 2);
                        p += 4;
@@ -172,6 +173,7 @@ pppoe_print(register const u_char *bp, u_int length)
                                unsigned tag_str_len = 0;
 
                                /* TODO print UTF-8 decoded text */
+                               TCHECK2(*p, tag_len);
                                for (v = p; v < p + tag_len && tag_str_len < MAXTAGPRINT-1; v++)
                                        if (*v >= 32 && *v < 127) {
                                                tag_str[tag_str_len++] = *v;
[mirror] the TCPdump network dissector