| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Add a sanity check on packet header length | Francois-Xavier Le Bail | 2018-02-07 | 1 | -0/+0 |
| | | | | | | | | | | | | | | | | | | | The packet length must be <= MAXIMUM_SNAPLEN. Currently, there is no D-Bus printer, thus no need for a bigger length. Now a pachet is valid if: capture length != 0, packet length != 0, capture length <= MAXIMUM_SNAPLEN, packet length <= MAXIMUM_SNAPLEN, packet length >= capture length. Moreover: Fix the packet header lengths of some fuzzed pcap files: If the lengths are > MAXIMUM_SNAPLEN, set them to MAXIMUM_SNAPLEN. Thus they will be always usable with this new sanity check. | ||||
| * | CVE-2017-11541: In safeputs(), check the length before checking for a NUL ↵ | Guy Harris | 2017-09-02 | 1 | -0/+0 |
| terminator. safeputs() doesn't do packet bounds checking of its own; it assumes that the caller has checked the availability in the packet data of all maxlen bytes of data. This means we should check that we're within the specified limit before looking at the byte. This fixes a buffer over-read discovered by Kamil Frankowicz. Add a test using the capture file supplied by the reporter(s). | |||||
 |
index : delta/tcpdump.git | |
| github.com: the-tcpdump-group/tcpdump.git |
| summaryrefslogtreecommitdiff |