diff options
| author | Guy Harris <guy@alum.mit.edu> | 2015-07-07 11:56:48 -0700 |
|---|---|---|
| committer | Francois-Xavier Le Bail <fx.lebail@yahoo.com> | 2017-01-18 09:16:37 +0100 |
| commit | 968776fbf5cd65c7ea2168912bd9f4379727eb11 (patch) | |
| tree | cb04027e3e06a8dc6dcaf230f807515c3509de77 /tests/stp-heapoverflow-1.out | |
| parent | b13ef341f730eb4ffe51c8785d98324d9f72fdee (diff) | |
| download | tcpdump-968776fbf5cd65c7ea2168912bd9f4379727eb11.tar.gz | |
CVE-2016-7940/Add a bunch of bounds checks, and fix some printing.
The bounds checks fix some heap overflows found with American Fuzzy Lop
by Hanno Böck.
Add some ND_TTEST_/ND_TCHECK_ macros to extract.h to simplify writing
bounds checks for code that uses the other macros in that file.
Fix the printing of the SPB BPDU agreement digest - I don't think the
intent was to print the value of the first 4 bytes, that value + 4, that
value + 8, etc., I suspect it was to print the first 4 bytes, the next 4
bytes, etc..
Diffstat (limited to 'tests/stp-heapoverflow-1.out')
| -rw-r--r-- | tests/stp-heapoverflow-1.out | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/tests/stp-heapoverflow-1.out b/tests/stp-heapoverflow-1.out new file mode 100644 index 00000000..f4cc053e --- /dev/null +++ b/tests/stp-heapoverflow-1.out @@ -0,0 +1,27 @@ +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +30:30:30:30:30:30 > 30:30:30:30:30:30, ethertype Unknown (0x3030), length 808464432: + 0x0000: 3030 3030 30 00000 +[|stp 808464415] |