File tcpdump-CVE-2018-14463.patch of Package tcpdump.19046

From 3de07c772166b7e8e8bb4b9d1d078f1d901b570b Mon Sep 17 00:00:00 2001
From: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr>
Date: Sun, 8 Oct 2017 13:28:05 +0200
Subject: [PATCH] (for 4.9.3) CVE-2018-14463/VRRP: Add a missing bounds check

In vrrp_print().

This fixes a buffer over-read discovered by Bhargava Shastry.

Add a test using the capture file supplied by the reporter(s).
---
 print-vrrp.c                    |   4 +++-
 tests/TESTLIST                  |   1 +
 tests/vrrp-vrrp_print-oobr.out  |   6 ++++++
 tests/vrrp-vrrp_print-oobr.pcap | Bin 0 -> 3877 bytes
 4 files changed, 10 insertions(+), 1 deletion(-)
 create mode 100644 tests/vrrp-vrrp_print-oobr.out
 create mode 100644 tests/vrrp-vrrp_print-oobr.pcap

diff --git a/print-vrrp.c b/print-vrrp.c
index d8ba42650..d6114e57b 100644
--- a/print-vrrp.c
+++ b/print-vrrp.c
@@ -142,9 +142,11 @@ vrrp_print(netdissect_options *ndo,
 
 			vec[0].ptr = bp;
 			vec[0].len = len;
-			if (in_cksum(vec, 1))
+			if (in_cksum(vec, 1)) {
+				ND_TCHECK_16BITS(&bp[6]);
 				ND_PRINT((ndo, ", (bad vrrp cksum %x)",
 					EXTRACT_16BITS(&bp[6])));
+			}
 		}
 
 		if (version == 3 && ND_TTEST2(bp[0], len)) {