tcpdump/lldp-infinite-loop-1.pcap at 97c31661edb100fefcf20383f057e25edd7f4e11

mirror of https://github.com/the-tcpdump-group/tcpdump.git synced 2025-01-08 00:38:23 +08:00

Guy Harris 34cec721d3 CVE-2017-12997/LLDP: Don't use an 8-bit loop counter.

If you have a

	for (i = 0; i < N; i++)

loop, you'd better make sure that i is big enough to hold N - not N-1,
N.

The TLV length here is 9 bits long, not 8 bits long, so an 8-bit loop
counter will overflow and you can loop infinitely.

This fixes an infinite loop discovered by Forcepoint's security
researchers Otto Airamo & Antti Levomäki.

Add tests using the capture files supplied by the reporter(s).

Clean up the output a bit while we're at it.

2017-09-13 12:25:44 +01:00

1.8 KiB

Raw History

View Raw

1.8 KiB Raw History

1.8 KiB

Raw History