Please sign in to comment.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CVE-2017-13044/HNCP: add DHCPv4-Data bounds checks
dhcpv4_print() in print-hncp.c had the same bug as dhcpv6_print(), apply a fix along the same lines. This fixes a buffer over-read discovered by Bhargava Shastry, SecT/TU Berlin. Add a test using the capture file supplied by the reporter(s).
- Loading branch information
Showing with 10 additions and 0 deletions.
|@@ -0,0 +1,4 @@|
|IP truncated-ip - 260 bytes missing! (tos 0x12,ECT(0), ttl 48, id 21323, offset 0, flags [+, DF, rsvd], proto UDP (17), length 296, bad cksum 8e0f (->cd08)!)|
|184.108.40.206.1812 > 220.127.116.11.8231: hncp (268)|
|DNS-server (98) (invalid)|
BIN +170 Bytes tests/hncp_dhcpv4data-oobr.pcap
Binary file not shown.