mirror of
https://github.com/the-tcpdump-group/tcpdump.git
synced 2024-12-13 20:04:28 +08:00
6fca58f5f9
We do bounds checks based on the TLV length, so if the TLV's length is too short, and we don't check for that, we could end up fetching data past the end of the TLV - including past the length of the captured data in the packet. This fixes a buffer over-read discovered by Forcepoint's security researchers Otto Airamo & Antti Levomäki. Add tests using the capture files supplied by the reporter(s).
64 KiB
64 KiB