Bug 1301880 - arpwatch buffer overflow
arpwatch buffer overflow
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: arpwatch (Show other bugs)
23
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Jan Synacek
Jan Synacek
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-01-26 04:24 EST by Jan Synacek
Modified: 2016-02-03 15:50 EST (History)
2 users (show)

See Also:
Fixed In Version: arpwatch-2.1a15-35.fc23
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-02-03 15:50:40 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jan Synacek 2016-01-26 04:24:40 EST
Description of problem:
See below.


Version-Release number of selected component (if applicable):
arpwatch-2.1a15-34.fc23.x86_64


Steps to Reproduce:
1. simply run 'arpwatch'


Actual results:
$ gdb arpwatch 
GNU gdb (GDB) Fedora 7.10.1-30.fc23
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from arpwatch...Reading symbols from /usr/lib/debug/usr/sbin/arpwatch.debug...done.
done.
(gdb) r
Starting program: /usr/sbin/arpwatch 
Missing separate debuginfos, use: dnf debuginfo-install glibc-2.22-7.fc23.x86_64
*** buffer overflow detected ***: /usr/sbin/arpwatch terminated
======= Backtrace: =========
/lib64/libc.so.6(+0x77da5)[0x7ffff784fda5]
/lib64/libc.so.6(__fortify_fail+0x37)[0x7ffff78ec5b7]
/lib64/libc.so.6(+0x112740)[0x7ffff78ea740]
/lib64/libc.so.6(+0x111be9)[0x7ffff78e9be9]
/usr/sbin/arpwatch(+0x2e11)[0x555555556e11]
/usr/sbin/arpwatch(+0x2712)[0x555555556712]
/lib64/libc.so.6(__libc_start_main+0xf0)[0x7ffff77f8580]
/usr/sbin/arpwatch(+0x29b9)[0x5555555569b9]
======= Memory map: ========
555555554000-55555555c000 r-xp 00000000 fd:00 1184992                    /usr/sbin/arpwatch
55555575b000-55555575c000 r--p 00007000 fd:00 1184992                    /usr/sbin/arpwatch
55555575c000-55555575d000 rw-p 00008000 fd:00 1184992                    /usr/sbin/arpwatch
55555575d000-55555597e000 rw-p 00000000 00:00 0                          [heap]
7ffff75c1000-7ffff75d7000 r-xp 00000000 fd:00 1198344                    /usr/lib64/libgcc_s-5.3.1-20151207.so.1
7ffff75d7000-7ffff77d6000 ---p 00016000 fd:00 1198344                    /usr/lib64/libgcc_s-5.3.1-20151207.so.1
7ffff77d6000-7ffff77d7000 r--p 00015000 fd:00 1198344                    /usr/lib64/libgcc_s-5.3.1-20151207.so.1
7ffff77d7000-7ffff77d8000 rw-p 00016000 fd:00 1198344                    /usr/lib64/libgcc_s-5.3.1-20151207.so.1
7ffff77d8000-7ffff798f000 r-xp 00000000 fd:00 1186930                    /usr/lib64/libc-2.22.so
7ffff798f000-7ffff7b8f000 ---p 001b7000 fd:00 1186930                    /usr/lib64/libc-2.22.so
7ffff7b8f000-7ffff7b93000 r--p 001b7000 fd:00 1186930                    /usr/lib64/libc-2.22.so
7ffff7b93000-7ffff7b95000 rw-p 001bb000 fd:00 1186930                    /usr/lib64/libc-2.22.so
7ffff7b95000-7ffff7b99000 rw-p 00000000 00:00 0 
7ffff7b99000-7ffff7bd9000 r-xp 00000000 fd:00 1188976                    /usr/lib64/libpcap.so.1.7.4
7ffff7bd9000-7ffff7dd9000 ---p 00040000 fd:00 1188976                    /usr/lib64/libpcap.so.1.7.4
7ffff7dd9000-7ffff7ddb000 r--p 00040000 fd:00 1188976                    /usr/lib64/libpcap.so.1.7.4
7ffff7ddb000-7ffff7ddc000 rw-p 00042000 fd:00 1188976                    /usr/lib64/libpcap.so.1.7.4
7ffff7ddc000-7ffff7dfd000 r-xp 00000000 fd:00 1192192                    /usr/lib64/ld-2.22.so
7ffff7fd8000-7ffff7fdb000 rw-p 00000000 00:00 0 
7ffff7ff6000-7ffff7ff8000 rw-p 00000000 00:00 0 
7ffff7ff8000-7ffff7ffa000 r--p 00000000 00:00 0                          [vvar]
7ffff7ffa000-7ffff7ffc000 r-xp 00000000 00:00 0                          [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00020000 fd:00 1192192                    /usr/lib64/ld-2.22.so
7ffff7ffd000-7ffff7ffe000 rw-p 00021000 fd:00 1192192                    /usr/lib64/ld-2.22.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0 
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0                          [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

Program received signal SIGABRT, Aborted.
0x00007ffff780ca98 in raise () from /lib64/libc.so.6
Missing separate debuginfos, use: dnf debuginfo-install libgcc-5.3.1-2.fc23.x86_64 libpcap-1.7.4-1.fc23.x86_64
(gdb) bt
#0  0x00007ffff780ca98 in raise () from /lib64/libc.so.6
#1  0x00007ffff780e69a in abort () from /lib64/libc.so.6
#2  0x00007ffff784fdaa in __libc_message () from /lib64/libc.so.6
#3  0x00007ffff78ec5b7 in __fortify_fail () from /lib64/libc.so.6
#4  0x00007ffff78ea740 in __chk_fail () from /lib64/libc.so.6
#5  0x00007ffff78e9be9 in __strncpy_chk () from /lib64/libc.so.6
#6  0x0000555555556e11 in strncpy (__len=<optimized out>, __src=0x55555595d860 "bluetooth-monitor", __dest=0x55555575c0b0 <interface> "bluetooth0") at /usr/include/bits/string3.h:126
#7  iterate_dev (arginterface=<optimized out>, pd=0x7fffffffdc38, linktype=0x7fffffffdc34, 
    errbuf=0x7fffffffdc50 "virbr0-nic: You don't have permission to capture on that device (socket: Operation not permitted)") at ./arpwatch.c:205
#8  0x0000555555556712 in main (argc=1, argv=0x7fffffffde78) at ./arpwatch.c:320


Expected results:
No crashes.
Comment 2 Fedora Update System 2016-01-26 08:01:03 EST
arpwatch-2.1a15-35.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-1f85f891c4
Comment 3 Fedora Update System 2016-01-26 14:52:25 EST
arpwatch-2.1a15-35.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-1f85f891c4
Comment 4 Fedora Update System 2016-02-03 15:50:39 EST
arpwatch-2.1a15-35.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.