Skip to content
Permalink
Browse files

CVE-2017-12991/BGP: Add missing bounds check.

This fixes a buffer over-read discovered by Forcepoint's security
researchers Otto Airamo & Antti Levomäki.

Add a test using the capture file supplied by the reporter(s).
  • Loading branch information...
guyharris authored and infrastation committed Feb 6, 2017
1 parent 99798bd commit 50a44b6b8e4f7c127440dbd4239cf571945cc1e7
Showing with 99,696 additions and 0 deletions.
  1. +1 −0 print-bgp.c
  2. +1 −0 tests/TESTLIST
  3. +99,694 −0 tests/bgp-as-path-oobr.out
  4. BIN tests/bgp-as-path-oobr.pcap
@@ -1406,6 +1406,7 @@ bgp_attr_print(netdissect_options *ndo,
ND_TCHECK(tptr[0]);
ND_PRINT((ndo, "%s", tok2str(bgp_as_path_segment_open_values,
"?", tptr[0])));
ND_TCHECK(tptr[1]);
for (i = 0; i < tptr[1] * as_size; i += as_size) {
ND_TCHECK2(tptr[2 + i], as_size);
ND_PRINT((ndo, "%s ",
@@ -464,6 +464,7 @@ tok2str-oobr-1 tok2str-oobr-1.pcap tok2str-oobr-1.out -vvv -e
tok2str-oobr-2 tok2str-oobr-2.pcap tok2str-oobr-2.out -vvv -e
eigrp-tlv-oobr eigrp-tlv-oobr.pcap eigrp-tlv-oobr.out -vvv -e
zephyr-oobr zephyr-oobr.pcap zephyr-oobr.out -vvv -e
bgp-as-path-oobr bgp-as-path-oobr.pcap bgp-as-path-oobr.out -vvv -e

# RTP tests
# fuzzed pcap
Oops, something went wrong.

0 comments on commit 50a44b6

Please sign in to comment.
You can’t perform that action at this time.