diff options
| author | Holger Weiss <holger@zedat.fu-berlin.de> | 2026-06-30 16:20:12 +0200 |
|---|---|---|
| committer | Holger Weiss <holger@zedat.fu-berlin.de> | 2026-06-30 16:20:12 +0200 |
| commit | f732906649f8b6a5ee5636ece10d19e4519b790b (patch) | |
| tree | 9b54a22ac5bc32668c1cc7dbe2f4fbcfcb9fcf20 /contrib/aix/check_queue | |
| parent | a675995b19a6315f1b033a7c1ca980b5fbdc408d (diff) | |
| download | monitoring-plugins-f732906649f8b6a5ee5636ece10d19e4519b790b.tar.gz | |
check_icmp: Reject negative ICMP data length
The -b/--size handler checks the lower bound after casting the value to
unsigned long while checking the upper bound as a signed comparison. A
negative argument such as "-b -65536" therefore satisfies both checks.
The value is then truncated to an undersized icmp_data_size, which later
serves as the size of the ICMP send buffer, so building the packet
overflows that buffer.
Compare the size as a signed long against both bounds so negative values
are rejected.
Reported-by: Christopher Kreft <Email@ChristopherKreft.de>
Diffstat (limited to 'contrib/aix/check_queue')
0 files changed, 0 insertions, 0 deletions
