[lwip-devel] [bug #24596] Vulnerability on faulty TCP options length

lwip-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #24596] Vulnerability on faulty TCP options length

From:	Simon Goldschmidt
Subject:	[lwip-devel] [bug #24596] Vulnerability on faulty TCP options length
Date:	Mon, 20 Oct 2008 12:20:38 +0000
User-agent:	Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3

Follow-up Comment #3, bug #24596 (project lwip):

> On the other hand it is a good idea (especially in our scenario)
> to just ignore the wrong parts and accept the rest of the packet
> to increase the robustness.

The main reason for doing so is smaller code, I guess... I'd still vote for
discarding malformed packets, but that's not really related to fixing this
bug.

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?24596>

_______________________________________________
  Nachricht geschickt von/durch Savannah
  http://savannah.nongnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[lwip-devel] [bug #24596] Vulnerability on faulty TCP options length, Simon Goldschmidt, 2008/10/17
- [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length, Simon Goldschmidt, 2008/10/18
  - [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length, Fabian Koch, 2008/10/20
    - [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length, Simon Goldschmidt <=

Prev by Date: [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length
Next by Date: [lwip-devel] Change to tcp_enqueue option support
Previous by thread: [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length
Next by thread: [lwip-devel] Change to tcp_enqueue option support
Index(es):
- Date
- Thread