summaryrefslogtreecommitdiff
path: root/usr.sbin/tcpdump
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2007-05-06 09:51:34 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2007-05-06 09:51:34 +0000
commit8fd24f309580a8dd4b73d0cb9db1fae5eea4b5d0 (patch)
tree615ccd5e567b1823af834f0557b36c0935336c4e /usr.sbin/tcpdump
parente6068d6fd56decd3d865008c9db028de99b415d1 (diff)
Fix the out of bounds check when parsing IPv6 headers. Fixes a SIGSEGV
when parsing IPv6 headers with unknown or corrupted header options. OK henning@ mcbride@
Diffstat (limited to 'usr.sbin/tcpdump')
-rw-r--r--usr.sbin/tcpdump/print-ip6.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.sbin/tcpdump/print-ip6.c b/usr.sbin/tcpdump/print-ip6.c
index d7465fba090..fa343a1fe69 100644
--- a/usr.sbin/tcpdump/print-ip6.c
+++ b/usr.sbin/tcpdump/print-ip6.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: print-ip6.c,v 1.7 2006/09/19 14:25:04 naddy Exp $ */
+/* $OpenBSD: print-ip6.c,v 1.8 2007/05/06 09:51:33 claudio Exp $ */
/*
* Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994
@@ -113,7 +113,7 @@ ip6_print(register const u_char *bp, register int length)
cp = (const u_char *)ip6;
nh = ip6->ip6_nxt;
- while (cp < snapend) {
+ while (cp + hlen < snapend) {
cp += hlen;
if (cp == (u_char *)(ip6 + 1) &&
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-05 00:11:12 +0000