bug in libnetfilter_log
aton at packetdropped.org
Tue Feb 7 23:09:39 CET 2006
the file libnetfilter_log-0.0.12/utils/nfulnl_test.c uses nflog_get_payload();
if i just compile it and run it, it will segfault, while returning from cb().
if i comment out the call to nflog_get_payload(), it wont segfault.
so i guess this function call somehow overwrites the return address of the cb() function on the stack.
i dont understand the nflog_get_payload() code by looking at it, and dont have time to read into it,
so i just wanted to inform the one who wrote it.
please have a look at it, i think this perhaps even could be a security risk?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : /pipermail/netfilter-devel/attachments/20060207/f7c3c6c3/attachment.pgp
More information about the netfilter-devel