search

appneta / tcpreplay

Pcap editing and replay tools for *NIX and Windows - Users please download source from
http://tcpreplay.appneta.com/wiki/installation.html#downloads
1.15k stars 268 forks source link

[Bug] heap-overflow in get.c:150 #736

Closed chluo1997 closed 1 year ago

chluo1997 commented 1 year ago

You are opening a bug report against the Tcpreplay project: we use GitHub Issues for tracking bug reports and feature requests.

If you have a question about how to use Tcpreplay, you are at the wrong site. You can ask a question on the tcpreplay-users mailing list or on Stack Overflow with [tcpreplay] tag. General help is available here.

If you have a build issue, consider downloading the latest release

Otherwise, to report a bug, please fill out the reproduction steps (below) and delete these introductory paragraphs. Thanks!

Describe the bug A clear and concise description of what the bug is. There is a heap-overflow bug in get.c:150. This bug is different from #719 that crashes in get.c:118.

To Reproduce Steps to reproduce the behavior:

  1. export CC=clang && export CFLAGS="-fsanitize=address -g"
  2. ./autogen.sh && ./configure --disable-shared --disable-local-libopts && make clean && make -j8
  3. ./src/tcpprep --auto=bridge --pcap=POC --cachefile=/dev/null

Expected behavior A clear and concise description of what you expected to happen. The program does not crash.

Screenshots If applicable, add screenshots to help explain your problem.

Screen Shot 2022-07-24 at 22 39 00

System (please complete the following information):

Additional context Add any other context about the problem here. POC poc.zip

fklassen commented 1 year ago

Fixed in #718