Viewing all changes in revision 3421.
- Committer: Timo Teräs
- Date: 2019-12-27 07:20:48 UTC
- Revision ID: git-v1:f38865dfaf81db600ed87eebf590929bbe29a140
nhrpd: offset value not checked for min size
If the extension offset points to a location within the packet header,
we end up with an integer underflow leading to heap buffer read
overflow.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
If the extension offset points to a location within the packet header,
we end up with an integer underflow leading to heap buffer read
overflow.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
- files modified:
- nhrpd/nhrp_peer.c
expand all
collapse all
added
removed
