rpms / tcpdump

Clone
Source Code
GIT

Files

  1.   8ab437b22eb857899d21d84e1bd2327a30b7ca6e
  2.   tcpdump-cve-2015-2153.patch
Blob Blame History Raw 
From 72d1f5b571c26699186dffbb8b01174179a011c9 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 25 Mar 2015 16:45:43 +0100
Subject: [PATCH 2/4] Fix for CVE-2015-2153

(cherry picked from 1a4e86d0a273cc81b3236d9f8a5f47b586fec84c)

See: http://www.ca.tcpdump.org/cve/0002-test-case-files-for-CVE-2015-2153-2154-2155.patch
---
 print-rpki-rtr.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/print-rpki-rtr.c b/print-rpki-rtr.c
index c705c05..8f22189 100644
--- a/print-rpki-rtr.c
+++ b/print-rpki-rtr.c
@@ -184,6 +184,7 @@ rpki_rtr_pdu_print (const u_char *tptr, u_int indent)
     pdu_header = (rpki_rtr_pdu *)tptr;
     pdu_type = pdu_header->pdu_type;
     pdu_len = EXTRACT_32BITS(pdu_header->length);
+    TCHECK2(tptr, pdu_len);
     hexdump = FALSE;
 
     printf("%sRPKI-RTRv%u, %s PDU (%u), length: %u",
@@ -292,6 +293,7 @@ rpki_rtr_pdu_print (const u_char *tptr, u_int indent)
 		tptr += 4;
 		tlen -= 4;
 	    }
+            printf("text_length: %u tlen %u\n", text_length, tlen);
 	    if (text_length && (text_length <= tlen )) {
 		memcpy(buf, tptr, MIN(sizeof(buf)-1, text_length));
 		buf[text_length] = '\0';
@@ -312,6 +314,11 @@ rpki_rtr_pdu_print (const u_char *tptr, u_int indent)
     if (vflag > 1 || (vflag && hexdump)) {
 	print_unknown_data(tptr,"\n\t  ", pdu_len);
     }
+    return;
+
+ trunc:
+    printf("|trunc");
+    return;
 }
 
 void
-- 
2.3.4
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.