Internet Bug Bounty: CVE-2017-13010 The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().

Reported to the devs on 6 March 2017.
Tcpdump 4.9.2 released on 8 September 2017.
Patch: https://github.com/the-tcpdump-group/tcpdump/commit/877b66b398518d9501513e0860c9f3a8acc70892

The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().

./tcpdump -n -r test005

==28756==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60600000f004 at pc 0x000000448f71 bp 0x7ffe8e433bd0 sp 0x7ffe8e433388
READ of size 1 at 0x60600000f004 thread T0
    #0 0x448f70 in strncmp (/root/tcpdump/tcpdump+0x448f70)
    #1 0x508343 in l_strnstart /root/tcpdump/./print-beep.c:37:10
    #2 0x508343 in beep_print /root/tcpdump/./print-beep.c:44
    #3 0x671447 in tcp_print /root/tcpdump/./print-tcp.c:703:17
    #4 0x57617c in ip6_print /root/tcpdump/./print-ip6.c:345:4
    #5 0x57453c in ipN_print /root/tcpdump/./print-ip.c:700:3
    #6 0x626c07 in raw_if_print /root/tcpdump/./print-raw.c:42:2
    #7 0x4de2e9 in pretty_print_packet /root/tcpdump/./print.c:339:18
    #8 0x4cc5fb in print_packet /root/tcpdump/./tcpdump.c:2556:2
    #9 0x773e00 in pcap_offline_read /root/libpcap/./savefile.c:527:4
    #10 0x6a257c in pcap_loop /root/libpcap/./pcap.c:1657:8
    #11 0x4c8a6e in main /root/tcpdump/./tcpdump.c:2059:12
    #12 0x7f651cfa4b44 in __libc_start_main /build/glibc-qK83Be/glibc-2.19/csu/libc-start.c:287
    #13 0x4c3ccc in _start (/root/tcpdump/tcpdump+0x4c3ccc)

0x60600000f004 is located 4 bytes to the right of 64-byte region [0x60600000efc0,0x60600000f000)
allocated by thread T0 here:
    #0 0x4a664b in __interceptor_malloc (/root/tcpdump/tcpdump+0x4a664b)
    #1 0x775753 in pcap_check_header /root/libpcap/./sf-pcap.c:401:14
    #2 0x773462 in pcap_fopen_offline_with_tstamp_precision /root/libpcap/./savefile.c:400:7
    #3 0x7731f4 in pcap_open_offline_with_tstamp_precision /root/libpcap/./savefile.c:307:6

SUMMARY: AddressSanitizer: heap-buffer-overflow ??:0 strncmp