Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.1:Staging:B:DVD
tcpdump
0002-test-case-files-for-CVE-2015-2153-2154-215...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0002-test-case-files-for-CVE-2015-2153-2154-2155.patch of Package tcpdump
From 1a4e86d0a273cc81b3236d9f8a5f47b586fec84c Mon Sep 17 00:00:00 2001 From: Michael Richardson <mcr@sandelman.ca> Date: Mon, 9 Mar 2015 16:02:54 -0400 Subject: [PATCH 2/3] test case files for CVE-2015-2153,2154,2155 backport of patches from tcpdump 4.7 for CVE-2015-2153,2154,2155 issues Index: tcpdump-4.4.0/print-forces.c =================================================================== --- tcpdump-4.4.0.orig/print-forces.c 2013-02-21 04:54:34.000000000 +0100 +++ tcpdump-4.4.0/print-forces.c 2015-03-20 10:51:32.016420873 +0100 @@ -281,7 +281,7 @@ pdatacnt_print(register const u_char * p chk_op_type(type, op_msk, ops->op_msk); - if (ops->print((const u_char *)pdtlv, + if (ops->print!=NULL && ops->print((const u_char *)pdtlv, tll + pad + TLV_HDRL, op_msk, indent + 2) == -1) return -1; @@ -503,7 +503,9 @@ int otlv_print(const struct forces_tlv * } - rc = ops->print(dp, tll, ops->op_msk, indent + 1); + if(ops->print) { + rc = ops->print(dp, tll, ops->op_msk, indent + 1); + } return rc; trunc: Index: tcpdump-4.4.0/print-isoclns.c =================================================================== --- tcpdump-4.4.0.orig/print-isoclns.c 2013-02-21 04:54:34.000000000 +0100 +++ tcpdump-4.4.0/print-isoclns.c 2015-03-20 10:52:11.106979859 +0100 @@ -3091,10 +3091,16 @@ osi_print_cksum (const u_int8_t *pptr, u u_int checksum_offset, u_int length) { u_int16_t calculated_checksum; - - /* do not attempt to verify the checksum if it is zero */ - if (!checksum) { - printf("(unverified)"); + /* do not attempt to verify the checksum if it is zero, + * if the total length is nonsense, + * if the offset is nonsense, + * or the base pointer is not sane + */ + if (!checksum + || length > snaplen + || checksum_offset > snaplen + || checksum_offset > length) { + printf(" (unverified)"); } else { calculated_checksum = create_osi_cksum(pptr, checksum_offset, length); if (checksum == calculated_checksum) { Index: tcpdump-4.4.0/print-rpki-rtr.c =================================================================== --- tcpdump-4.4.0.orig/print-rpki-rtr.c 2013-02-21 04:54:35.000000000 +0100 +++ tcpdump-4.4.0/print-rpki-rtr.c 2015-03-20 10:51:32.017420888 +0100 @@ -184,6 +184,7 @@ rpki_rtr_pdu_print (const u_char *tptr, pdu_header = (rpki_rtr_pdu *)tptr; pdu_type = pdu_header->pdu_type; pdu_len = EXTRACT_32BITS(pdu_header->length); + TCHECK2(tptr, pdu_len); hexdump = FALSE; printf("%sRPKI-RTRv%u, %s PDU (%u), length: %u", @@ -292,6 +293,7 @@ rpki_rtr_pdu_print (const u_char *tptr, tptr += 4; tlen -= 4; } + printf("text_length: %u tlen %u\n", text_length, tlen); if (text_length && (text_length <= tlen )) { memcpy(buf, tptr, MIN(sizeof(buf)-1, text_length)); buf[text_length] = '\0'; @@ -312,6 +314,11 @@ rpki_rtr_pdu_print (const u_char *tptr, if (vflag > 1 || (vflag && hexdump)) { print_unknown_data(tptr,"\n\t ", pdu_len); } + return; + + trunc: + printf("|trunc"); + return; } void
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor