Overview

File tcpdump-CVE-2019-1010220.patch of Package tcpdump.22834

From 511915bef7e4de2f31b8d9f581b4a44b0cfbcf53 Mon Sep 17 00:00:00 2001
From: Guy Harris <guy@alum.mit.edu>
Date: Sat, 1 Jun 2019 14:42:09 -0700
Subject: [PATCH] If decode_prefix6() returns a negative number, don't print
 buf.

If it returns a negative number, it hasn't necessarily filled in buf, so
just return immediately; this is similar to the IPv4 code path, wherein
we just return a negative number, and print nothing, on an error.

This should fix GitHub issue #763.
---
 print-hncp.c | 2 ++
 1 file changed, 2 insertions(+)

Index: tcpdump-4.9.2/print-hncp.c
===================================================================
--- tcpdump-4.9.2.orig/print-hncp.c
+++ tcpdump-4.9.2/print-hncp.c
@@ -231,6 +231,8 @@ print_prefix(netdissect_options *ndo, co
         plenbytes += 1 + IPV4_MAPPED_HEADING_LEN;
     } else {
         plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf));
+        if (plenbytes < 0)
+            return plenbytes;
     }
 
     ND_PRINT((ndo, "%s", buf));
openSUSE Build Service is sponsored by
Places