Please sign in to comment.
CVE-2017-13007/PKTAP: Pass a properly updated struct pcap_pkthdr to t…
…he sub-dissector. The sub-dissector expects that the length and captured length will reflect the actual remaining data in the packet, not the raw amount including the PKTAP header; pass an updated header, just as we do for PPI. This fixes a buffer over-read discovered by Yannick Formaggio. Add a test using the capture file supplied by the reporter(s).
- Loading branch information...
Showing with 9 additions and 1 deletion.
|@@ -0,0 +1,3 @@|
|EXIT CODE 00000100|
BIN +3.14 KB tests/pktap-heap-overflow.pcap
Binary file not shown.