Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[CVE-2017-12473]: ccnl_ccntlv_bytes2pkt program crash #139

Open
blacksheeep opened this issue Aug 7, 2017 · 0 comments
Open

[CVE-2017-12473]: ccnl_ccntlv_bytes2pkt program crash #139

blacksheeep opened this issue Aug 7, 2017 · 0 comments

Comments

@blacksheeep
Copy link
Contributor

ccnl_ccntlv_bytes2pkt: this parsing is not safe for all input data - needs more bound checks, as some packets with wrong L values can bring this to crash

line: 160 and 276

@blacksheeep blacksheeep added the bug label Aug 7, 2017
@blacksheeep blacksheeep changed the title [Use CVE-2017-12473]: ccnl_ccntlv_bytes2pkt program crash [CVE-2017-12473]: ccnl_ccntlv_bytes2pkt program crash Feb 1, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants