firesheep
firesheep copied to clipboard
Double headers, Buffer overflow vulnerability
I got some warnings on double header entries and investigated on this. I Found that sometimes 2 HTTP packets are send in 1 "packet" captured. The parser ignores this and goes on parsing. This leads to uncomplete packages and crap afterwards breaking the whole capturing session. Related to this i found that Firesheep is ignoring the captured packet size. So it may occur, that it reads past the end of the captured packet since it is not fully received yet (e.g. to small buffer) This may not cause serious problems but also breaks firesheep from that point. It's not that hard to fix, and would be good to see it done (I'll do it anyways) It
Do you have a patch? Otherwise I'll get on this..
Yes. I've just finished it. First (for compiling under windows... should not have any sideeffects for other OSes but other patch is based on this) http://www.sendspace.com/file/obhiae
Second (the real patch for this) http://www.sendspace.com/file/rot0kv
I skip the whole packet if its not complete. Otherwhise it will create a partial packet, that will mess up the parser since the rest of the packet will never come...
Could you please fork the project, commit & push your changes, and send a pull request?
I'll try tomorrow. But i'm not used to Git...