X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=cirros-testvm%2Fsrc-cirros%2Fbuildroot-2015.05%2Fpackage%2Ftcpdump%2F0002-fix-CVE-2014-8767.patch;fp=cirros-testvm%2Fsrc-cirros%2Fbuildroot-2015.05%2Fpackage%2Ftcpdump%2F0002-fix-CVE-2014-8767.patch;h=a88efdf58de3c7ec5e50be21a995e243f07d7e2c;hb=b0a0f15dfaa205161a7fcb20cf1b8cd4948c2ef3;hp=0000000000000000000000000000000000000000;hpb=c6ac3cd55ee2da956195eee393b0882105dfad4e;p=packages%2Ftrusty%2Fcirros-testvm.git

diff --git a/cirros-testvm/src-cirros/buildroot-2015.05/package/tcpdump/0002-fix-CVE-2014-8767.patch b/cirros-testvm/src-cirros/buildroot-2015.05/package/tcpdump/0002-fix-CVE-2014-8767.patch
new file mode 100644
index 0000000..a88efdf
--- /dev/null
+++ b/cirros-testvm/src-cirros/buildroot-2015.05/package/tcpdump/0002-fix-CVE-2014-8767.patch
@@ -0,0 +1,20 @@
+From https://bugzilla.redhat.com/show_bug.cgi?id=1165160
+
+Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
+
+--- tcpdump-tcpdump-4.6/print-olsr.c	2014-10-23 14:07:12.000000000 +0700
++++ tcpdump-4.6.2/print-olsr.c	2014-11-21 14:56:18.205542679 +0700
+@@ -234,6 +234,13 @@
+     ND_PRINT((ndo, "\n\t      neighbor\n\t\t"));
+     neighbor = 1;
+ 
++    u_int caplength;
++
++    /* Checking length of available data before print */
++    caplength = (ndo->ndo_snapend >= msg_data) ? ndo->ndo_snapend - msg_data : 0;
++    if (hello_len > caplength)
++        hello_len = caplength;
++
+     while (hello_len >= sizeof(struct in_addr)) {
+ 
+         /* print 4 neighbors per line */