New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CVE-2017-12468] ccn-lite-ccnb2xml.c: Buffer Overflow #134

Closed

blacksheeep opened this issue Aug 7, 2017 · 1 comment

Labels

bug vulnerability

Contributor

blacksheeep commented Aug 7, 2017

oid
print_blob(unsigned char **buf, int *len, int typ, int num, int offset,
bool ignoreBlobTag)
{
int vallen;
unsigned char *valptr;

if (!ignoreBlobTag) print_tag(offset, typ, num, true, false);
ccnl_ccnb_consume(typ, num, buf, len, &valptr, &vallen);
if (vallen > *len) { return; }

vallen > *len is not checked

The text was updated successfully, but these errors were encountered:

blacksheeep added the bug label

Contributor Author

blacksheeep commented Aug 7, 2017

fixed in ccnlv2-master

blacksheeep closed this as completed

blacksheeep added the vulnerability label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment