Fix CVE-2017-11542: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11542 Patch copied from upstream source repository: https://github.com/the-tcpdump-group/tcpdump/commit/bed48062a64fca524156d7684af19f5b4a116fae From bed48062a64fca524156d7684af19f5b4a116fae Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Tue, 7 Feb 2017 11:10:04 -0800 Subject: [PATCH] CVE-2017-11542/PIMv1: Add a bounds check. This fixes a buffer over-read discovered by Kamil Frankowicz. Add a test using the capture file supplied by the reporter(s). --- print-pim.c | 1 + tests/TESTLIST | 1 + tests/hoobr_pimv1.out | 25 +++++++++++++++++++++++++ tests/hoobr_pimv1.pcap | Bin 0 -> 3321 bytes 4 files changed, 27 insertions(+) create mode 100644 tests/hoobr_pimv1.out create mode 100644 tests/hoobr_pimv1.pcap diff --git a/print-pim.c b/print-pim.c index 25525953..ed880ae7 100644 --- a/print-pim.c +++ b/print-pim.c @@ -306,6 +306,7 @@ pimv1_print(netdissect_options *ndo, pimv1_join_prune_print(ndo, &bp[8], len - 8); break; } + ND_TCHECK(bp[4]); if ((bp[4] >> 4) != 1) ND_PRINT((ndo, " [v%d]", bp[4] >> 4)); return;