Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-analyzer/tcpdump/files/tcpdump-3.9.6-bgp-integer-overflow.patch
diff options
context:
space:
mode:
Diffstat (limited to 'net-analyzer/tcpdump/files/tcpdump-3.9.6-bgp-integer-overflow.patch')
-rw-r--r--net-analyzer/tcpdump/files/tcpdump-3.9.6-bgp-integer-overflow.patch21
1 files changed, 21 insertions, 0 deletions
diff --git a/net-analyzer/tcpdump/files/tcpdump-3.9.6-bgp-integer-overflow.patch b/net-analyzer/tcpdump/files/tcpdump-3.9.6-bgp-integer-overflow.patch
new file mode 100644
index 000000000000..76cd330c0aa3
--- /dev/null
+++ b/net-analyzer/tcpdump/files/tcpdump-3.9.6-bgp-integer-overflow.patch
@@ -0,0 +1,21 @@
+diff -Nuar tcpdump-3.9.5.orig/print-bgp.c tcpdump-3.9.5/print-bgp.c
+--- tcpdump-3.9.5.orig/print-bgp.c 2007-07-10 17:16:02.000000000 +0400
++++ tcpdump-3.9.5/print-bgp.c 2007-07-10 17:16:45.000000000 +0400
+@@ -669,7 +669,7 @@
+ tlen-=15;
+
+ /* ok now the variable part - lets read out TLVs*/
+- while (tlen>0) {
++ while (tlen>0 && strlen <= buflen) {
+ if (tlen < 3)
+ return -1;
+ TCHECK2(pptr[0], 3);
+@@ -684,7 +684,7 @@
+ tlv_type,
+ tlv_len);
+ ttlv_len=ttlv_len/8+1; /* how many bytes do we need to read ? */
+- while (ttlv_len>0) {
++ while (ttlv_len>0 && strlen <= buflen) {
+ TCHECK(pptr[0]);
+ strlen+=snprintf(buf+strlen,buflen-strlen, "%02x",*pptr++);
+ ttlv_len--;