diff options
author | Guy Harris <guy@alum.mit.edu> | 2015-07-03 15:54:14 -0700 |
---|---|---|
committer | Francois-Xavier Le Bail <fx.lebail@yahoo.com> | 2017-01-18 09:16:36 +0100 |
commit | 6bc44295cfbe1f7b6633c755841518f4b159aa8a (patch) | |
tree | 859fda193d4664cfce2892e3c3c219847ada789b /tests/calm-fast-mac-lookup-heapoverflow.out | |
parent | 237efcf593ee369519e9dfdc9166702219dabfec (diff) | |
download | tcpdump-6bc44295cfbe1f7b6633c755841518f4b159aa8a.tar.gz |
CVE-2016-7985,7986/Change the way protocols print link-layer addresses.
If a protocol that runs under a link-layer protocol would print the
link-layer addresses for the packet as source and destination addresses
for the packet, don't have it blithely assume those link-layer addresses
are present or are at a particular offset from the beginning of that
protocol's data; Ethertypes, for example, are used by a number of
protocols, not all of which have Ethernet headers and not all of which
have any MAC headers.
Instead, pass the printers for those protocols structures with a pointer
to the address data and a pointer to a routine that prints the address.
Fixes some heap overflows found with American Fuzzy Lop by Hanno Böck.
Diffstat (limited to 'tests/calm-fast-mac-lookup-heapoverflow.out')
-rw-r--r-- | tests/calm-fast-mac-lookup-heapoverflow.out | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/tests/calm-fast-mac-lookup-heapoverflow.out b/tests/calm-fast-mac-lookup-heapoverflow.out new file mode 100644 index 00000000..a6e6f418 --- /dev/null +++ b/tests/calm-fast-mac-lookup-heapoverflow.out @@ -0,0 +1,5 @@ +Q.922, invalid address +CALM FAST; SrcNwref:48; DstNwref:48; + 0x0000: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 + 0x0010: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 + 0x0020: 3030 3030 3030 3030 3030 0000000000 |