CVE-2017-5484/ATM: fix an incorrect bounds check

The function sig_print() did receive a correct caplen parameter value
but didn't use it correctly and could overread by one byte as Brian
Carpenter has demonstrated. Fix it by switching to the standard macros.

3 files changed, 2 insertions, 0 deletions

diff --git a/tests/TESTLIST b/tests/TESTLIST
index e8856c01..8808a3fa 100644
--- a/tests/TESTLIST
+++ b/tests/TESTLIST
@@ -425,6 +425,7 @@ ipv6hdr-heapoverflow-v	ipv6hdr-heapoverflow.pcap	ipv6hdr-heapoverflow-v.out	-t -
 otv-heapoverflow-1	otv-heapoverflow-1.pcap		otv-heapoverflow-1.out		-t -c10
 otv-heapoverflow-2	otv-heapoverflow-2.pcap		otv-heapoverflow-2.out		-t -c10
 q933-heapoverflow-2	q933-heapoverflow-2.pcap	q933-heapoverflow-2.out		-t
+atm-heapoverflow	atm-heapoverflow.pcap		atm-heapoverflow.out		-t -c1 -e
 
 # bad packets from Kamil Frankowicz
 snmp-heapoverflow-1	snmp-heapoverflow-1.pcap	snmp-heapoverflow-1.out		-t
diff --git a/tests/atm-heapoverflow.out b/tests/atm-heapoverflow.out
new file mode 100644
index 00000000..c9b12fdf
--- /dev/null
+++ b/tests/atm-heapoverflow.out
@@ -0,0 +1 @@
+Rx: VPI:0 VCI:5  [|atm]
diff --git a/tests/atm-heapoverflow.pcap b/tests/atm-heapoverflow.pcap
new file mode 100644
index 00000000..6918f3ed
--- /dev/null
+++ b/tests/atm-heapoverflow.pcap