diff options
| author | Guy Harris <guy@alum.mit.edu> | 2017-02-06 15:13:05 -0800 |
|---|---|---|
| committer | Denis Ovsienko <denis@ovsienko.info> | 2017-09-13 12:25:44 +0100 |
| commit | 8934a7d6307267d301182f19ed162563717e29e3 (patch) | |
| tree | 263c4f34aef6542839baf406628feb81cd5d95e7 /print-telnet.c | |
| parent | c2ef693866beae071a24b45c49f9674af1df4028 (diff) | |
| download | tcpdump-8934a7d6307267d301182f19ed162563717e29e3.tar.gz | |
CVE-2017-12988/TELNET: Add a missing bounds check.
This fixes a buffer over-read discovered by Forcepoint's security
researchers Otto Airamo & Antti Levomäki.
Add a test using the capture file supplied by the reporter(s).
Diffstat (limited to 'print-telnet.c')
| -rw-r--r-- | print-telnet.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/print-telnet.c b/print-telnet.c index a6640346..10fad9fe 100644 --- a/print-telnet.c +++ b/print-telnet.c @@ -442,6 +442,7 @@ telnet_parse(netdissect_options *ndo, const u_char *sp, u_int length, int print) break; p++; } + ND_TCHECK(*p); if (*p != IAC) goto pktend; |