diff options
author | Guy Harris <guy@alum.mit.edu> | 2017-02-03 18:54:00 -0800 |
---|---|---|
committer | Denis Ovsienko <denis@ovsienko.info> | 2017-09-13 12:25:44 +0100 |
commit | 730fc35968c5433b9e2a829779057f4f9495dc51 (patch) | |
tree | dce4d3d4a9169a1698bf0269584806c508cdf990 /tests/arp-oobr.pcap | |
parent | 6f5ba2b651cd9d4b7fa8ee5c4f94460645877c45 (diff) | |
download | tcpdump-730fc35968c5433b9e2a829779057f4f9495dc51.tar.gz |
CVE-2017-12894/In lookup_bytestring(), take the length of the byte string into account.
Otherwise, if, in our search of the hash table, we come across a byte
string that's shorter than the string we're looking for, we'll search
past the end of the string in the hash table.
This fixes a buffer over-read discovered by Forcepoint's security
researchers Otto Airamo & Antti Levomäki.
Add a test using the capture file supplied by the reporter(s).
Diffstat (limited to 'tests/arp-oobr.pcap')
-rw-r--r-- | tests/arp-oobr.pcap | bin | 0 -> 172916 bytes |
1 files changed, 0 insertions, 0 deletions
diff --git a/tests/arp-oobr.pcap b/tests/arp-oobr.pcap Binary files differnew file mode 100644 index 00000000..954369e0 --- /dev/null +++ b/tests/arp-oobr.pcap |