Guy Harris 8dca25d26c CVE-2017-13690/IKEv2: Fix some bounds checks. ...

Use a pointer of the correct type in ND_TCHECK(), or use ND_TCHECK2()
and provide the correct length.

While we're at it, remove the blank line between some checks and the
UNALIGNED_MEMCPY()s they protect.

Also, note the places where we print the entire payload.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s).

2017-09-13 12:25:44 +01:00

206 B

Raw History

View Raw