I compared the code in the commit with the code in the tree and I think the code never was affected by CVE-2016-7939 since all length checks use the buffer length.
However, should you know a gre packet that crashes tcpdump(8) please don't hesitate and contact [email protected]. mbuhl On Fri, Feb 02, 2024 at 03:30:55PM +0000, ChenHao Lu wrote: > The tcpdump used in openbsd is an old verison which contains > CVE-2016-7939<https://nvd.nist.gov/vuln/detail/CVE-2016-7939> . Though some > of the functions modified in the > patch<https://github.com/the-tcpdump-group/tcpdump/commit/237efcf593ee369519e9dfdc9166702219dabfec> > doesn't exist in the corresponding file, i.e. > print-gre.c<https://github.com/openbsd/src/blob/master/usr.sbin/tcpdump/print-gre.c> > , functions such as gre_sre_ip_print is in it. > I believe this can be easily avoid by applying the patch above, or just > update the tcpdump to a newer version. Would you please fix this? I'm looking > forward to your reply.
