[tcpdump-workers] Libpcap pcap-linux.c buffer overflow

Sun, 26 Nov 2000 16:44:06 -0800 


Date: Sun, 26 Nov 2000 22:00:58 +0200
From: Jarno Huuskonen <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Libpcap pcap-linux.c buffer overflow

Sorry I sent the previous message w/out the patch.

Libpcap has buffer overflow in pcap-linux.c. The code uses strcpy to
copy interface name to ifr.ifr_name (16-byte buffer). Easy test for
this should be tcpdump -i `perl -e "print 'A'x1000"` . This is
not a big deal (unless someone has a setuid program that uses libpcap
and passes userdefined interface to pcap_open_live).

I'm including a patch that hopefully fixes this. Also I think pcap-dlpi.c
has a similar problem.

-Jarno

-- 
Jarno Huuskonen - System Administrator   |  [EMAIL PROTECTED]
University of Kuopio - Computer Centre   |  Work:   +358 17 162822
PO BOX 1627, 70211 Kuopio, Finland       |  Mobile: +358 40 5388169

... (patch sent to patches) ...
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe

Reply via email to