If you have a build issue, consider downloading the latest release
Otherwise, to report a bug, please fill out the reproduction steps
(below) and delete these introductory paragraphs. Thanks!
Describe the bug
A clear and concise description of what the bug is.
There is a heap-overflow bug in get_ipv6_next. Different from #716 (The crash point is in line 322, ntohs(eth_hdr->ether_type);), this bug is triggered in line 344 (pktdata[l2_net_off] >> 4).
You are opening a bug report against the Tcpreplay project: we use GitHub Issues for tracking bug reports and feature requests.
If you have a question about how to use Tcpreplay, you are at the wrong site. You can ask a question on the tcpreplay-users mailing list or on Stack Overflow with [tcpreplay] tag. General help is available here.
If you have a build issue, consider downloading the latest release
Otherwise, to report a bug, please fill out the reproduction steps (below) and delete these introductory paragraphs. Thanks!
Describe the bug A clear and concise description of what the bug is. There is a heap-overflow bug in get_ipv6_next. Different from #716 (The crash point is in line 322,
ntohs(eth_hdr->ether_type);
), this bug is triggered in line 344 (pktdata[l2_net_off] >> 4
).To Reproduce Steps to reproduce the behavior:
Expected behavior A clear and concise description of what you expected to happen. The program does not crash.
Screenshots If applicable, add screenshots to help explain your problem.
System (please complete the following information):
Additional context Add any other context about the problem here. POC poc.zip