Please sign in to comment.
CVE-2017-13018/PGM: Add a missing bounds check.
This fixes a buffer over-read discovered by Bhargava Shastry, SecT/TU Berlin. Add a test using the capture file supplied by the reporter(s), modified so the capture file won't be rejected as an invalid capture.
- Loading branch information...
Showing with 7 additions and 0 deletions.
|@@ -0,0 +1,2 @@|
|IP (tos 0x41,ECT(1), id 0, offset 0, flags [none], proto PGM (113), length 32639, options (unknown 89 [bad length 232]), bad cksum 5959 (->9eb9)!)|
|18.104.22.168 > 22.214.171.124: 126.96.36.199.4 > 188.8.131.52.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f OPTS LEN 225 OPT_1F  OPT_06  PATH_NLA  [|OPT]|
BIN +135 Bytes tests/pgm_opts_asan.pcap
Binary file not shown.