Skip to content

Commit 8934a7d

Browse files
guyharrisinfrastation
authored andcommitted
CVE-2017-12988/TELNET: Add a missing bounds check.
This fixes a buffer over-read discovered by Forcepoint's security researchers Otto Airamo & Antti Levomäki. Add a test using the capture file supplied by the reporter(s).
1 parent c2ef693 commit 8934a7d

File tree

4 files changed

+4
-0
lines changed

4 files changed

+4
-0
lines changed

Diff for: print-telnet.c

+1
Original file line numberDiff line numberDiff line change
@@ -442,6 +442,7 @@ telnet_parse(netdissect_options *ndo, const u_char *sp, u_int length, int print)
442442
break;
443443
p++;
444444
}
445+
ND_TCHECK(*p);
445446
if (*p != IAC)
446447
goto pktend;
447448

Diff for: tests/TESTLIST

+1
Original file line numberDiff line numberDiff line change
@@ -466,6 +466,7 @@ eigrp-tlv-oobr eigrp-tlv-oobr.pcap eigrp-tlv-oobr.out -vvv -e
466466
zephyr-oobr zephyr-oobr.pcap zephyr-oobr.out -vvv -e
467467
bgp-as-path-oobr bgp-as-path-oobr.pcap bgp-as-path-oobr.out -vvv -e
468468
isakmp-no-none-np isakmp-no-none-np.pcap isakmp-no-none-np.out -vvv -e
469+
telnet-iac-check-oobr telnet-iac-check-oobr.pcap telnet-iac-check-oobr.out -vvv -e
469470

470471
# RTP tests
471472
# fuzzed pcap

Diff for: tests/telnet-iac-check-oobr.out

+2
Large diffs are not rendered by default.

Diff for: tests/telnet-iac-check-oobr.pcap

64 KB
Binary file not shown.

0 commit comments

Comments
 (0)