Package: dsniff
Version: 2.4b1+debian-18
Severity: important
Doing the following on amd64...
,----
| $ sudo dsniff -m -n -i lo &
| [2] 20889
| $ dsniff: listening on lo
| $ echo -ne '\x00\x00\x00\x00\x00\x06\x06' | nc -q1 -u localhost 3333
`----
...will casue dsniff to get stuck in the "while(...)" loop beginning in
decode_pcanywhere.c:50. I haven't been able to reproduce this on an i386
box.
The "else {...}" branch beginning decode_pcanywhere.c:48 seems to have
been contributed after the initial implementation. Unfortunately, the
comments disagree with the code. Since I haven't been able to find any
specification or description of the protocol itself, it's hard to say
what the code is supposed to do. My best guess is that there ought to be
a check for reaching the end of the buffer somewhere around the
buf_skip() call in decode_pcanywhere.c:54.
Cheers,
-Hilko
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
