diff options
| author |   jsg <jsg@openbsd.org> | 2014-11-20 04:01:01 +0000 |
|---|---|---|
| committer | jsg <jsg@openbsd.org> | 2014-11-20 04:01:01 +0000 |
| commit | 7cafb86f4537fbb7ceb0757ada6cfec4f86fef83 (patch) | |
| tree | 64c67101c48767cf0375b28653163080d9062992 | |
| parent | Make ip6_print() take an unsigned length matching (diff) | |
| download | wireguard-openbsd-7cafb86f4537fbb7ceb0757ada6cfec4f86fef83.tar.xz wireguard-openbsd-7cafb86f4537fbb7ceb0757ada6cfec4f86fef83.zip | |
sanity check the length of the packet in the pcap header
fixes a crash found by the afl fuzzer
ok djm@ miod@
| -rw-r--r-- | usr.sbin/tcpdump/print-sl.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.sbin/tcpdump/print-sl.c b/usr.sbin/tcpdump/print-sl.c index c0879337c7e..3cd7f85a02c 100644 --- a/usr.sbin/tcpdump/print-sl.c +++ b/usr.sbin/tcpdump/print-sl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-sl.c,v 1.16 2014/08/14 12:44:44 mpi Exp $ */ +/* $OpenBSD: print-sl.c,v 1.17 2014/11/20 04:01:01 jsg Exp $ */ /* * Copyright (c) 1989, 1990, 1991, 1993, 1994, 1995, 1996, 1997 @@ -75,7 +75,7 @@ sl_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p) ts_print(&h->ts); - if (caplen < SLIP_HDRLEN) { + if (caplen < SLIP_HDRLEN || length < SLIP_HDRLEN) { printf("[|slip]"); goto out; } |