Please sign in to comment.
[server] Enforce proper bounds checking on digest cache file import
Bug fix to ensure that proper bounds are enforced when importing digest cache files from previous fwknopd executions. This bug was discovered through fuzzing with American Fuzzy Lop (AFL) as driven by the test/afl/fuzzing-wrappers/server-digest-cache.sh wrapper. Previous to this fix, fwknopd could be made to crash through a malicious digest cache file (normally in /var/run/fwknop/digest.cache) upon initial import.
- Loading branch information...
Showing with 13 additions and 4 deletions.