-
Committer:
Timo Teräs
-
Author(s):
Quentin Young
-
Date:
2019-12-27 07:20:48 UTC
-
Revision ID:
git-v1:f38865dfaf81db600ed87eebf590929bbe29a140
nhrpd: offset value not checked for min size
If the extension offset points to a location within the packet header,
we end up with an integer underflow leading to heap buffer read
overflow.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>