Guy Harris 7029d15f14 CVE-2017-13029/PPP: Fix a bounds check, and clean up other bounds checks. ...

For configuration protocol options, use ND_TCHECK() and
ND_TCHECK_nBITS() macros, passing them the appropriate pointer argument.
This fixes one case where the ND_TCHECK2() call they replace was not
checking enough bytes.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s), modified
so the capture file won't be rejected as an invalid capture.

2017-09-13 12:25:44 +01:00

63 B

Raw History

View Raw