]> The Tcpdump Group git mirrors - tcpdump/commitdiff
projects / tcpdump / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 7b575ba)
Juniper: Fix an undefined behavior at runtime
authorFrancois-Xavier Le Bail <[email protected]>
Thu, 25 Jul 2019 10:28:14 +0000 (12:28 +0200)
committerFrancois-Xavier Le Bail <[email protected]>
Thu, 25 Jul 2019 10:44:33 +0000 (12:44 +0200)
The error was:
print-juniper.c:1407:21: runtime error: index 8 out of bounds for
type 'uint8_t [8]'

Thix fixes GitHub issue #783.

print-juniper.c patch | blob | history

diff --git a/print-juniper.c b/print-juniper.c
index 7ee82dc22dd5b0443ee0e7856aff7b0bdcb2eefc..416b2f193eab7341370d8a12a7401e89efb4ef40 100644 (file)
--- a/print-juniper.c
+++ b/print-juniper.c
@@ -1399,6 +1399,11 @@ juniper_parse_header(netdissect_options *ndo,
                        lp->s,
                        l2info->cookie_len);
 
+            if (l2info->cookie_len > 8) {
+                nd_print_invalid(ndo);
+                return 0;
+            }
+
             if (l2info->cookie_len > 0) {
                 ND_TCHECK_LEN(p, l2info->cookie_len);
                 if (ndo->ndo_eflag)
[mirror] the TCPdump network dissector