From: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr>
Date: Tue, 5 Dec 2017 20:27:31 +0000 (+0100)
Subject: Fix two bounds checks in signature_verify()
X-Git-Tag: tcpdump-4.99-bp~1671
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/4e9236f4775393c3dde064e8d6b3230a4ef47a00

Fix two bounds checks in signature_verify()
---

diff --git a/signature.c b/signature.c
index 2091afb3..204e3456 100644
--- a/signature.c
+++ b/signature.c
@@ -130,7 +130,7 @@ signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
     /*
      * Do we have all the packet data to be checked?
      */
-    if (!ND_TTEST2(pptr, plen)) {
+    if (!ND_TTEST2(*pptr, plen)) {
         /* No. */
         return (CANT_CHECK_SIGNATURE);
     }
@@ -138,7 +138,7 @@ signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
     /*
      * Do we have the entire signature to check?
      */
-    if (!ND_TTEST2(sig_ptr, sizeof(sig))) {
+    if (!ND_TTEST2(*sig_ptr, sizeof(sig))) {
         /* No. */
         return (CANT_CHECK_SIGNATURE);
     }