Please sign in to comment.
CVE-2017-12994/BGP: Move a test inside a loop.
The loop can be executed more than once (that's kinda the whole point of a loop), so the check has to be made each time through the loop, not just once before the loop is executed. Do some additional length checks while we're at it. This fixes a buffer over-read discovered by Forcepoint's security researchers Otto Airamo & Antti Levomäki. Add a test using the capture file supplied by the reporter(s).
- Loading branch information...
Showing with 10,149 additions and 6 deletions.
Oops, something went wrong.