mirrors/tcpdump
0
0
Fork 0
mirror of https://github.com/the-tcpdump-group/tcpdump.git synced 2024-11-24 10:33:28 +08:00
Code Issues Packages Projects Releases Wiki Activity
050d41a163
tcpdump/tests/hoobr_safeputs.out
Guy Harris 21d702a136 CVE-2017-11541: In safeputs(), check the length before checking for a NUL terminator. 
safeputs() doesn't do packet bounds checking of its own; it assumes that
the caller has checked the availability in the packet data of all maxlen
bytes of data.  This means we should check that we're within the
specified limit before looking at the byte.

This fixes a buffer over-read discovered by Kamil Frankowicz.

Add a test using the capture file supplied by the reporter(s).
2017-09-02 21:36:44 +01:00

3 lines
44 B
Plaintext
Raw Blame History

LLDP, length 808464418: 0000000000
[|LLDP]
Reference in New Issue View Git Blame Copy Permalink