msgsnarf crash on MSN data

Bug #186703 reported by Rusty Shackleford on 2008-01-28
4
Affects Status Importance Assigned to Milestone
dsniff (Ubuntu)
Medium
Unassigned

Bug Description

Binary package hint: dsniff

If you'll google around somewhat, you'll find a lot of people out on the interweb complaining about msgsnarf (part of the dsniff package) getting a segfault when processing MSN data sometimes.

I've discovered that this problem can be fixed by adding a line of code to sniff_msgs in msgsnarf.c.

The fix goes a few lines before SLIST_INSERT_HEAD. You see the malloc for the "c" struct? Immediately after the malloc, but before setting the ip and nick, add:

memset(c, 0, sizeof(*c));

This will cause the structure to be zeroed out correctly and you won't get the crashes any more.

You should be able to create a patch fairly easily for this and fix the bug.

-SG

Daniel T Chen (crimsun) on 2008-11-27
Changed in dsniff:
importance: Undecided → Medium
status: New → Triaged
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers