From: Guy Harris <guy@alum.mit.edu>
Date: Thu, 28 Mar 2019 21:30:33 +0000 (-0700)
Subject: Add a length check.
X-Git-Tag: tcpdump-4.99-bp~866
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/7fbec6b880d00f074fc056c3754a19a5a4c5b25c?hp=48644533f2fba9a9b4d6e72d3f21f3b5cbcfe438

Add a length check.
---

diff --git a/print-esp.c b/print-esp.c
index 4d86022f..d1231070 100644
--- a/print-esp.c
+++ b/print-esp.c
@@ -791,6 +791,13 @@ esp_print(netdissect_options *ndo,
 	/* length of the IV, if there is one; 0, if there isn't */
 	ivlen = sa->ivlen;
 	secret = sa->secret;
+	/*
+	 * Make sure the authentication data/integrity check value length
+	 * isn't bigger than the total amount of data available and, if
+	 * not, slice that off.
+	 */
+	if (ep - bp < sa->authlen)
+		return;
 	ep = ep - sa->authlen;
 
 	if (sa->evp) {