CVE-2017-13036/OSPFv3: Add a bounds check before fetching data

This fixes a buffer over-read discovered by Bhargava Shastry, SecT/TU Berlin. Add a test using the capture file supplied by the reporter(s), modified so the capture file won't be rejected as an invalid capture.
author: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> 2017-03-24 00:55:18 +0100
committer: Denis Ovsienko <denis@ovsienko.info> 2017-09-13 12:25:44 +0100
commit: 88b2dac837e81cf56dce05e6e7b5989332c0092d (patch)
tree: 8da67b71244580404b9e688280496d1f5a4f5cd4 /tests/ospf6_decode_v3_asan.pcap
parent: 571a6f33f47e7a2394fa08f925e534135c29cf1e (diff)
download: tcpdump-88b2dac837e81cf56dce05e6e7b5989332c0092d.tar.gz
1 files changed, 0 insertions, 0 deletions
diff --git a/tests/ospf6_decode_v3_asan.pcap b/tests/ospf6_decode_v3_asan.pcap
new file mode 100644
index 00000000..2d50b9c1
--- /dev/null
+++ b/tests/ospf6_decode_v3_asan.pcap
author	Francois-Xavier Le Bail <devel.fx.lebail@orange.fr>	2017-03-24 00:55:18 +0100
committer	Denis Ovsienko <denis@ovsienko.info>	2017-09-13 12:25:44 +0100
commit	88b2dac837e81cf56dce05e6e7b5989332c0092d (patch)
tree	8da67b71244580404b9e688280496d1f5a4f5cd4 /tests/ospf6_decode_v3_asan.pcap
parent	571a6f33f47e7a2394fa08f925e534135c29cf1e (diff)
download	tcpdump-88b2dac837e81cf56dce05e6e7b5989332c0092d.tar.gz