Please sign in to comment.
CVE-2017-13022/IP: Add bounds checks to ip_printroute().
This fixes a buffer over-read discovered by Bhargava Shastry, SecT/TU Berlin. Add a test using the capture file supplied by the reporter(s), modified so the capture file won't be rejected as an invalid capture.
- Loading branch information...
Showing with 13 additions and 3 deletions.
|@@ -0,0 +1,2 @@|
|IP (tos 0x0, ttl 254, id 25615, offset 65480, flags [DF, rsvd], proto UDP (17), length 32768, options (LSRR [bad length 25] [bad ptr 15] 18.104.22.168, 0.172.0.116, 0.16.36.36, 22.214.171.124 126.96.36.199[|ip]))|
|251.73.86.0 > 0.172.128.5: ip-proto-17|
BIN +100 Bytes tests/ip_printroute_asan.pcap
Binary file not shown.