| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The packet length must be <= MAXIMUM_SNAPLEN.
Currently, there is no D-Bus printer, thus no need for a bigger length.
Now a pachet is valid if:
capture length != 0,
packet length != 0,
capture length <= MAXIMUM_SNAPLEN,
packet length <= MAXIMUM_SNAPLEN,
packet length >= capture length.
Moreover:
Fix the packet header lengths of some fuzzed pcap files:
If the lengths are > MAXIMUM_SNAPLEN, set them to MAXIMUM_SNAPLEN.
Thus they will be always usable with this new sanity check.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It was, its name nonwithstanding, a pcapng file, and had an SHB option
that was damaged by fuzzing. Converting it to pcap
1) means it has the appropriate extension;
2) means that old libpcaps that can't read pcapng can handle it;
3) means that a future libpcap that fully supports pcapng *and* thus
fails on that file can handle it.
|
| |
|
|
|
|
| |
They will be always usable with the new interface capture length sanity
check.
(old length: 808464432, new length: 262144)
|
| |
|
|
|
|
| |
They will be always usable with the upcoming libpcap versions sanity checks.
pcap: old version: 12336.12336, new version: 2.4
pcap-ng: old version: 1.12336, new version: 1.0
|
|
|
It might not be, either because an unusual hardware type is using ARP or
because a maliciously-constructed packet was sent. Instead of comparing
against a 6-octet string of zeros with memcmp(), check each octet of the
address against 0.
Fixes a heap overflow found with American Fuzzy Lop by Hanno Böck.
|
