Description of problem: While working with iptables. Version-Release number of selected component: dsniff-2.4-0.14.b1.fc18 Additional info: reporter: libreport-2.1.6 backtrace_rating: 4 cmdline: arpspoof -i wlan0 -t 192.168.2. 24 192.168.2.21 crash_function: ___vsnprintf_chk executable: /usr/sbin/arpspoof kernel: 3.10.11-100.fc18.x86_64 runlevel: N 5 uid: 0 Truncated backtrace: Thread no. 1 (4 frames) #0 ___vsnprintf_chk at vsnprintf_chk.c:55 #1 ___snprintf_chk at snprintf_chk.c:35 #2 snprintf at /usr/include/bits/stdio2.h:64 #3 libnet_name2addr4 at libnet_resolve.c:136
Created attachment 799892 [details] File: backtrace
Created attachment 799893 [details] File: cgroup
Created attachment 799894 [details] File: core_backtrace
Created attachment 799895 [details] File: dso_list
Created attachment 799896 [details] File: environ
Created attachment 799897 [details] File: exploitable
Created attachment 799898 [details] File: limits
Created attachment 799899 [details] File: maps
Created attachment 799900 [details] File: open_fds
Created attachment 799901 [details] File: proc_pid_status
Created attachment 799902 [details] File: var_log_messages
Even I am able to reproduce this issue, I am likely unable to fix it. The cause is IMHO libnet_name2addr4() from libnet when a non-resolvable string is passed. I also do not know if this is a libnet issue or a dsniff one.
If I am not mistaken, this issue is introduced by dsniff-2.4-libnet_11.patch; libnet_name_resolve() was replaced by libnet_name2addr4() while there must be the structure libnet_t passed now additionally. And if that structure is not initialized using libnet_init() and the passed name can not be resolved (like "192.168.2."), it causes a snprintf() to NULL. The fix is to rewrite some more code than the API patch does...while one must afterwards ensure that the stuff is still working. It also feels a bit like a chicken-egg issue as of circular dependencies in the source code. Finally that likely affects arpspoof(1), macof(1), sshmitm(1), webmitm(1) and webspy(1). If I am able to fix that I also need help with proper testing.
dsniff-2.4-0.17.b1.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/dsniff-2.4-0.17.b1.fc20
dsniff-2.4-0.17.b1.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/dsniff-2.4-0.17.b1.fc19
dsniff-2.4-0.17.b1.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/dsniff-2.4-0.17.b1.fc18
dsniff-2.4-0.17.b1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/dsniff-2.4-0.17.b1.el6
dsniff-2.4-0.17.b1.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/dsniff-2.4-0.17.b1.el5
This message is a reminder that Fedora 18 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 18. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '18'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 18's end of life. Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 18 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior to Fedora 18's end of life. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Package dsniff-2.4-0.17.b1.el5: * should fix your issue, * was pushed to the Fedora EPEL 5 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing dsniff-2.4-0.17.b1.el5' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-12442/dsniff-2.4-0.17.b1.el5 then log in and leave karma (feedback).
dsniff-2.4-0.17.b1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
dsniff-2.4-0.17.b1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
dsniff-2.4-0.17.b1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
dsniff-2.4-0.17.b1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
dsniff-2.4-0.17.b1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.