Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
tcpdump.17077
tcpdump-CVE-2018-14882.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tcpdump-CVE-2018-14882.patch of Package tcpdump.17077
From d7505276842e85bfd067fa21cdb32b8a2dc3c5e4 Mon Sep 17 00:00:00 2001 From: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> Date: Fri, 3 Nov 2017 16:32:30 +0100 Subject: [PATCH] (for 4.9.3) CVE-2018-14882/ICMP6 RPL: Add a missing bounds check Moreover: Add and use *_tstr[] strings. Update four tests outputs accordingly. Fix a space. Wang Junjie of 360 ESG Codesafe Team had independently identified this vulnerability in 2018 by means of fuzzing and provided the packet capture file for the test. --- print-icmp6.c | 29 +++++++++++++++++------------ tests/TESTLIST | 1 + tests/icmp6_mobileprefix_asan.out | 2 +- tests/icmp6_nodeinfo_oobr.out | 2 +- tests/rpl-19-pickdag.out | 2 +- tests/rpl-19-pickdagvvv.out | 2 +- tests/rpl-dao-oobr.out | 1 + tests/rpl-dao-oobr.pcapng | Bin 0 -> 264 bytes 8 files changed, 23 insertions(+), 16 deletions(-) create mode 100644 tests/rpl-dao-oobr.out create mode 100644 tests/rpl-dao-oobr.pcapng Index: tcpdump-4.9.2/print-icmp6.c =================================================================== --- tcpdump-4.9.2.orig/print-icmp6.c +++ tcpdump-4.9.2/print-icmp6.c @@ -41,6 +41,10 @@ #include "udp.h" #include "ah.h" +static const char icmp6_tstr[] = "[|icmp6]"; +static const char rpl_tstr[] = " [|rpl]"; +static const char mldv2_tstr[] = " [|mldv2]"; + /* NetBSD: icmp6.h,v 1.13 2000/08/03 16:30:37 itojun Exp */ /* $KAME: icmp6.h,v 1.22 2000/08/03 15:25:16 jinmei Exp $ */ @@ -686,7 +690,7 @@ rpl_dio_printopt(netdissect_options *ndo } return; trunc: - ND_PRINT((ndo," [|truncated]")); + ND_PRINT((ndo, "%s", rpl_tstr)); return; } @@ -715,7 +719,7 @@ rpl_dio_print(netdissect_options *ndo, } return; trunc: - ND_PRINT((ndo," [|truncated]")); + ND_PRINT((ndo, "%s", rpl_tstr)); return; } @@ -756,7 +760,7 @@ rpl_dao_print(netdissect_options *ndo, return; trunc: - ND_PRINT((ndo," [|truncated]")); + ND_PRINT((ndo, "%s", rpl_tstr)); return; tooshort: @@ -800,7 +804,7 @@ rpl_daoack_print(netdissect_options *ndo return; trunc: - ND_PRINT((ndo," [|dao-truncated]")); + ND_PRINT((ndo, "%s", rpl_tstr)); return; tooshort: @@ -859,7 +863,7 @@ rpl_print(netdissect_options *ndo, #if 0 trunc: - ND_PRINT((ndo," [|truncated]")); + ND_PRINT((ndo, "%s", rpl_tstr)); return; #endif @@ -1157,7 +1161,7 @@ icmp6_print(netdissect_options *ndo, ND_PRINT((ndo,", length %u", length)); return; trunc: - ND_PRINT((ndo, "[|icmp6]")); + ND_PRINT((ndo, "%s", icmp6_tstr)); } static const struct udphdr * @@ -1381,8 +1385,8 @@ icmp6_opt_print(netdissect_options *ndo, } return; - trunc: - ND_PRINT((ndo, "[ndp opt]")); +trunc: + ND_PRINT((ndo, "%s", icmp6_tstr)); return; #undef ECHECK } @@ -1457,7 +1461,7 @@ mldv2_report_print(netdissect_options *n } return; trunc: - ND_PRINT((ndo,"[|icmp6]")); + ND_PRINT((ndo, "%s", mldv2_tstr)); return; } @@ -1523,7 +1527,7 @@ mldv2_query_print(netdissect_options *nd ND_PRINT((ndo,"]")); return; trunc: - ND_PRINT((ndo,"[|icmp6]")); + ND_PRINT((ndo, "%s", mldv2_tstr)); return; } @@ -1810,7 +1814,7 @@ icmp6_nodeinfo_print(netdissect_options return; trunc: - ND_PRINT((ndo, "[|icmp6]")); + ND_PRINT((ndo, "%s", icmp6_tstr)); } static void @@ -1945,7 +1949,7 @@ icmp6_rrenum_print(netdissect_options *n return; trunc: - ND_PRINT((ndo,"[|icmp6]")); + ND_PRINT((ndo, "%s", icmp6_tstr)); } /*
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor