diff options
author | Guy Harris <guy@alum.mit.edu> | 2017-03-05 20:21:48 -0800 |
---|---|---|
committer | Denis Ovsienko <denis@ovsienko.info> | 2017-09-13 12:25:44 +0100 |
commit | ca336198e8bebccc18502de27672fdbd6eb34856 (patch) | |
tree | bbe918f6b617e9bab0ce1e7c40bd9f53c4224740 /tests/pktap-heap-overflow.out | |
parent | cc4a7391c616be7a64ed65742ef9ed3f106eb165 (diff) | |
download | tcpdump-ca336198e8bebccc18502de27672fdbd6eb34856.tar.gz |
CVE-2017-13007/PKTAP: Pass a properly updated struct pcap_pkthdr to the sub-dissector.
The sub-dissector expects that the length and captured length will
reflect the actual remaining data in the packet, not the raw amount
including the PKTAP header; pass an updated header, just as we do for
PPI.
This fixes a buffer over-read discovered by Yannick Formaggio.
Add a test using the capture file supplied by the reporter(s).
Diffstat (limited to 'tests/pktap-heap-overflow.out')
-rw-r--r-- | tests/pktap-heap-overflow.out | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/tests/pktap-heap-overflow.out b/tests/pktap-heap-overflow.out new file mode 100644 index 00000000..e23ed919 --- /dev/null +++ b/tests/pktap-heap-overflow.out @@ -0,0 +1,3 @@ +[|pktap] +[|ppp] +EXIT CODE 00000100 |