tcpdump

mirrors/tcpdump

Fork 0

mirror of https://github.com/the-tcpdump-group/tcpdump.git synced 2024-11-23 18:14:29 +08:00

Commit Graph

Author	SHA1	Message	Date
Guy Harris	730fc35968	CVE-2017-12894/In lookup_bytestring(), take the length of the byte string into account. Otherwise, if, in our search of the hash table, we come across a byte string that's shorter than the string we're looking for, we'll search past the end of the string in the hash table. This fixes a buffer over-read discovered by Forcepoint's security researchers Otto Airamo & Antti Levomäki. Add a test using the capture file supplied by the reporter(s).	2017-09-13 12:25:44 +01:00

Author

SHA1

Message

Date

Guy Harris

730fc35968

CVE-2017-12894/In lookup_bytestring(), take the length of the byte string into account.

Otherwise, if, in our search of the hash table, we come across a byte
string that's shorter than the string we're looking for, we'll search
past the end of the string in the hash table.

This fixes a buffer over-read discovered by Forcepoint's security
researchers Otto Airamo & Antti Levomäki.

Add a test using the capture file supplied by the reporter(s).

2017-09-13 12:25:44 +01:00

1 Commits