2 files changed, 29 insertions, 1 deletions

diff --git a/net-analyzer/tcpreplay/files/tcpreplay-4.1.2-CVE-2017-6429.patch b/net-analyzer/tcpreplay/files/tcpreplay-4.1.2-CVE-2017-6429.patch
new file mode 100644
index 000000000000..42c74d650712
--- /dev/null
+++ b/net-analyzer/tcpreplay/files/tcpreplay-4.1.2-CVE-2017-6429.patch
@@ -0,0 +1,27 @@
+--- a/src/tcpcapinfo.c
++++ b/src/tcpcapinfo.c
+@@ -281,6 +281,15 @@ main(int argc, char *argv[])
+                 caplen = pcap_ph.caplen;
+             }
+ 
++            if (caplentoobig) {
++                printf("\n\nCapture file appears to be damaged or corrupt.\n"
++                        "Contains packet of size %u, bigger than snap length %u\n",
++                        caplen, pcap_fh.snaplen);
++
++                close(fd);
++                break;
++            }
++
+             /* check to make sure timestamps don't go backwards */
+             if (last_sec > 0 && last_usec > 0) {
+                 if ((pcap_ph.ts.tv_sec == last_sec) ? 
+@@ -306,7 +315,7 @@ main(int argc, char *argv[])
+                 }
+ 
+                 close(fd);
+-                continue;
++                break;
+             }
+ 
+             /* print the frame checksum */
diff --git a/net-analyzer/tcpreplay/tcpreplay-4.1.2.ebuild b/net-analyzer/tcpreplay/tcpreplay-4.1.2-r1.ebuild
index a27f9136a0bf..90d4ff01657e 100644
--- a/net-analyzer/tcpreplay/tcpreplay-4.1.2.ebuild
+++ b/net-analyzer/tcpreplay/tcpreplay-4.1.2-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=6
@@ -27,6 +27,7 @@ DOCS=(
 )
 PATCHES=(
 	"${FILESDIR}"/${PN}-4.1.0-enable-pcap_findalldevs.patch
+	"${FILESDIR}"/${PN}-4.1.2-CVE-2017-6429.patch
 )
 
 src_prepare() {