mirror of
https://github.com/the-tcpdump-group/tcpdump.git
synced 2024-12-03 15:04:34 +08:00
8dca25d26c
Use a pointer of the correct type in ND_TCHECK(), or use ND_TCHECK2() and provide the correct length. While we're at it, remove the blank line between some checks and the UNALIGNED_MEMCPY()s they protect. Also, note the places where we print the entire payload. This fixes a buffer over-read discovered by Bhargava Shastry, SecT/TU Berlin. Add a test using the capture file supplied by the reporter(s).
6 lines
427 B
Plaintext
6 lines
427 B
Plaintext
IP (tos 0xfb,CE, ttl 17, id 21263, offset 0, flags [+, DF, rsvd], proto UDP (17), length 296, bad cksum 1ff (->f67d)!)
|
|
16.0.128.20.500 > 12.251.225.45.49152: isakmp 1.0 msgid 10101010: phase 2/others ? #16[]:
|
|
( [|v2ke]) (len mismatch: isakmp 2130706432/ip 268)
|
|
IP (tos 0x12,ECT(0), ttl 17, id 21263, offset 4096, flags [DF, rsvd], proto UDP (17), length 296, bad cksum 1ff (->939f)!)
|
|
0.0.0.5 > 0.0.0.0: ip-proto-17
|