mirror of
https://github.com/the-tcpdump-group/tcpdump.git
synced 2024-12-12 19:33:43 +08:00
a25211918f
Do a lot more bounds and length checks. Add a EXTRACT_8BITS() macro, for completeness, and so as not to confuse people into thinking that, to fetch a 1-byte value from a packet, they need to use EXTRACT_16BITS() to fetch a 2-byte value and then use shifting and masking to extract the desired byte. Use that rather than using EXTRACT_16BITS() to fetch a 2-byte value and then shifting and masking to extract the desired byte. Don't treat IPv4 addresses and unnumbered interface IDs the same; the first should be printed as an IPv4 address but the latter should just be printed as numbers. Handle IPv6 addresses in more object types while we're at it. This fixes a buffer over-read discovered by Forcepoint's security researchers Otto Airamo & Antti Levomäki. Add a test using the capture file supplied by the reporter(s).
765 B
765 B