Package: iftop Version: 0.16-4 Severity: normal Tags: patch If my ~/.iftoprc contains dns-resolution or port-resolution lines, like this:
dns-resolution: yes
And I'm running iftop on an arm machine, it segfaults reading the config
file. This is because of this broken code:
int is_cfgdirective_valid(const char *s) {
char* t;
for (t = config_directives[0]; t != NULL; ++t)
if (strcmp(s, t) == 0) return 1;
return 0;
}
++t does not do what the author of this code thinks it does; it just
increments the pointer by one character, not to the next word in
config_directives[0]. So if the config file contains an invalid config
directive, it walks through the entire program memory like this. On i386
this happens to not crash (although it takes it a lot longer to start up
than it should due to this); on arm it eventually walks off the programs's
memory space and segfaults. Here's an ltrace of ntop on i386 showing it
looking at completly inappropriate parts of memory:
strcmp("port-resolution", "\376\377\377o\340\220\004\b\377\377\377o\003") = -1
strcmp("port-resolution", "\377\377o\340\220\004\b\377\377\377o\003") = -1
strcmp("port-resolution", "\377o\340\220\004\b\377\377\377o\003") = -1
strcmp("port-resolution", "o\340\220\004\b\377\377\377o\003") = 1
Here's how the function should be written:
int is_cfgdirective_valid(const char *s) {
int t;
for (t = 0; config_directives[t] != NULL; t++)
if (strcmp(s, config_directives[t]) == 0) return 1;
return 0;
}
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: arm
Shell: /bin/sh linked to /bin/bash
Kernel: 2.6.15-1-nslu2
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages iftop depends on:
ii libc6 2.3.5-12 GNU C Library: Shared libraries an
ii libncurses5 5.5-1 Shared libraries for terminal hand
ii libpcap0.7 0.7.2-7 System interface for user-level pa
iftop recommends no packages.
-- no debconf information
--
see shy jo
signature.asc
Description: Digital signature
