From Aromal Raj via Tcprplay-users

Hi,

This mail is to report a Buffer Overflow Vulnerability which i found in 'tcpcapinfo' utility which comes with latest Tcpreplay 4.1.2 version. This happens when tcpcapinfo process a specially crafted pcap file.

​Steps to reproduce:
raras@ubuntu:~$ tcpcapinfo bogus.pcap ​

Expected Output:
Invalid file should not be parsed.

Actual Output:
Buffer Overflow

​The following files attached:
bogus.pcap - Which is the crafted pcap file
gdb.log - GDB output
valgrind.log - Valgrind output

Can ​this have a patch upstream?

--
Thanks & Regards,
Aromal Raj