tcpdump

mirrors/tcpdump

Fork 0

mirror of https://github.com/the-tcpdump-group/tcpdump.git synced 2024-11-24 10:33:28 +08:00

Commit Graph

Author	SHA1	Message	Date
Guy Harris	21d702a136	CVE-2017-11541: In safeputs(), check the length before checking for a NUL terminator. safeputs() doesn't do packet bounds checking of its own; it assumes that the caller has checked the availability in the packet data of all maxlen bytes of data. This means we should check that we're within the specified limit before looking at the byte. This fixes a buffer over-read discovered by Kamil Frankowicz. Add a test using the capture file supplied by the reporter(s).	2017-09-02 21:36:44 +01:00

Author

SHA1

Message

Date

Guy Harris

21d702a136

CVE-2017-11541: In safeputs(), check the length before checking for a NUL terminator.

safeputs() doesn't do packet bounds checking of its own; it assumes that
the caller has checked the availability in the packet data of all maxlen
bytes of data.  This means we should check that we're within the
specified limit before looking at the byte.

This fixes a buffer over-read discovered by Kamil Frankowicz.

Add a test using the capture file supplied by the reporter(s).

2017-09-02 21:36:44 +01:00

1 Commits