[Bro-Dev] [JIRA] (BIT-198) Segmentation fault on last bro svn with dhcp.bro and --use-binpac
Vlad Grigorescu (JIRA)
jira at bro-tracker.atlassian.net
Thu Aug 8 07:38:06 PDT 2013
[ https://bro-tracker.atlassian.net/browse/BIT-198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Vlad Grigorescu updated BIT-198:
--------------------------------
Resolution: Fixed
Status: Closed (was: Open)
> Segmentation fault on last bro svn with dhcp.bro and --use-binpac
> -----------------------------------------------------------------
>
> Key: BIT-198
> URL: https://bro-tracker.atlassian.net/browse/BIT-198
> Project: Bro Issue Tracker
> Issue Type: Problem
> Components: Bro
> Affects Versions: 1.5.2
> Reporter: rmkml
> Labels: 140, all, and, fault, include, last, seg, version
> Attachments: bro150pre10oct2009_crashdhcp2nov2009.pcap
>
>
> Hi,
> When I run bro150pre (compiled with ipv6) with \--use-binpac and \-r joignedfile.pcap and dhcp(.bro) option, I have a segmentation fault.
> Same pb with bro v1.4.0.
> Program received signal SIGSEGV, Segmentation fault.
> Connection::Weird (this=0x201, name=0x82565ee "DHCP_no_type_option")
> at Conn.cc:636
> 636 weird = 1;
> (gdb) bt full
> #0 Connection::Weird (this=0x201, name=0x82565ee "DHCP_no_type_option")
> at Conn.cc:636
> No locals.
> BIT-1 0x081e9711 in binpac::DHCP::DHCP_Flow::get_dhcp_msgtype (this=0x9dc0e78,
> options=0x9dc10f8) at ../src/Analyzer.h:245
> type = <value optimized out>
> BIT-2 0x081eb303 in binpac::DHCP::DHCP_Message::Parse (this=0x9dc2980,
> t_begin_of_data=0x9daff0c "\001\001\006", t_end_of_data=0x9db0038 "",
> t_context=0x9dc1758) at dhcp_pac.cc:559
> t_options+elem+size = <value optimized out>
> t_options+elem+dataptr = (const_byteptr) 0x9dafffd ""
> t_DHCP_Message+size = 241
> t_dataptr_after_options = <value optimized out>
> +PRETTY_FUNCTION+ = "int binpac::DHCP::DHCP_Message::Parse(const
> binpac::uint8*, const binpac::uint8*, binpac::DHCP::ContextDHCP*)"
> BIT-3 0x081eb48c in binpac::DHCP::DHCP_Flow::NewData (this=0x9dc0e78,
> t_begin_of_data=0x9daff0c "\001\001\006", t_end_of_data=0x9db0038 "")
> at dhcp_pac.cc:635
> No locals.
> BIT-4 0x08071c8d in Analyzer::NextPacket (this=0x9dc0e20, len=300,
> data=0x9daff0c "\001\001\006", is_orig=true, seq=-1, ip=0xbfaaec7c,
> caplen=136668654) at Analyzer.cc:334
> No locals.
> \---Type <return> to continue, or q <return> to quit--\-
> BIT-5 0x08071e9a in Analyzer::ForwardPacket (this=0x9dc1d10, len=300,
> data=0x9daff0c "\001\001\006", is_orig=true, seq=-1, ip=0xbfaaec7c,
> caplen=300) at Analyzer.cc:426
> current = (Analyzer *) 0x9dc0e20
> i = <value optimized out>
> BIT-6 0x081b3842 in UDP_Analyzer::DeliverPacket (this=0x9dc1d10, len=300,
> data=0x9daff04 "", is_orig=true, seq=-1, ip=0xbfaaec7c,
> caplen=<value optimized out>) at UDP.cc:166
> vl = (val_list *) 0x9dc1cfc
> port_val = \{<Val> = \{<BroObj> = \{<SerialObj> = \{
> _vptr.SerialObj = 0xb88120, static NEVER = 0, static ALWAYS = 1,
> static factories = 0x9b4e930, static names = 0x9b4e950,
> static time_counter = 483}, in_ser_cache = 8, location = 0xbfaaea98,
> ref_cnt = 11144894, static suppress_runtime = 0},
> static register_type = \{<No data fields>}, tid = \{id = 171810783520,
> static counter = 44910}, val = \{int_val = 165422456,
> uint_val = 165422456, addr_val = 0x9dc2578, subnet_val = \{net = \{
> 165422456, 165412884, 8, 3215649464}, width = 135472165},
> double_val = 3.5568581552422788e-261, string_val = 0x9dc2578,
> func_val = 0x9dc2578, file_val = 0x9dc2578, re_val = 0x9dc2578,
> table_val = 0x9dc2578, val_list_val = 0x9dc2578,
> vector_val = 0x9dc2578}, type = 0x28, attribs = 0x9dc1cfc},
> bq. static register_type = \{<No data fields>}, tid = \{id = 710444731003305986,
> \---Type <return> to continue, or q <return> to quit--\-
> static counter = 44910}}
> result = <value optimized out>
> ulen = 300
> +PRETTY_FUNCTION__ = "virtual void UDP_Analyzer::DeliverPacket(int,
> const u_char*, bool, int, const IP_Hdr*, int)"
> BIT-7 0x08071c8d in Analyzer::NextPacket (this=0x9dc1d10, len=308,
> data=0x9daff04 "", is_orig=true, seq=-1, ip=0xbfaaec7c, caplen=136668654)
> at Analyzer.cc:334
> No locals.
> BIT-8 0x080858e5 in Connection::NextPacket (this=0x9dc1c6c, t=1257158012.610261,
> is_orig=1, ip=0xbfaaec7c, len=308, caplen=308, data=@0xbfaaebdc,
> record_packet=@0xbfaaebd8, record_content=@0xbfaaebd4, hdr=0x9dafa40,
> pkt=0x9dafee2 "", hdr_size=14) at Conn.cc:247
> No locals.
> BIT-9 0x08183a8d in NetSessions::DoNextPacket (this=0x9dbfee8,
> t=1257158012.610261, hdr=0x9dafa40, ip_hdr=0xbfaaec7c,
> pkt=0x9dafee2 "", hdr_size=14) at Sessions.cc:663
> ih = <value optimized out>
> caplen = 308
> ip4 = (const ip *) 0x9dafef0
> len = <value optimized out>
> proto = 17
> f = (class FragReassembler *) 0x0
> \---Type <return> to continue, or q <return> to quit--\-
> frag_field = <value optimized out>
> min_hdr_len = <value optimized out>
> data = (const u_char *) 0x9daff04 ""
> id = \{src_addr = 0xbfaaec84, dst_addr = 0xbfaaec94, src_port = 17408,
> bq. dst_port = 17152, is_one_way = false}
> d = (class Dictionary *) 0x9dc0008
> pass_to_conn_compressor = <value optimized out>
> h = (HashKey *) 0x9d2eb58
> conn = (class Connection *) 0x9dc1c6c
> record_packet = 1
> record_content = 1
> BIT-10 0x081841ed in NetSessions::NextPacket (this=0x9dbfee8,
> t=1257158012.610261, hdr=0x9dafa40, pkt=0x9dafee2 "", hdr_size=14,
> pkt_elem=0x0) at Sessions.cc:305
> ip_hdr = \{ip4 = 0x9dafef0, ip6 = 0x0, src_addr = \{0, 0, 0, 0},
> bq. dst_addr = \{0, 0, 0, 4294967295}, del = 0}
> BIT-11 0x0813f2a1 in net_packet_dispatch (t=1257158012.610261, hdr=0x9dafa40,
> pkt=0x9dafee2 "", hdr_size=14, src_ps=0x9dafa08, pkt_elem=0x0)
> at Net.cc:435
> tmgr = <value optimized out>
> sp = <value optimized out>
> load_freq = 0
> BIT-12 0x0813f7a9 in net_packet_arrival (t=1257158012.610261, hdr=0x9dafa40,
> \---Type <return> to continue, or q <return> to quit--\-
> pkt=0x9dafee2 "", hdr_size=14, src_ps=0x9dafa08) at Net.cc:498
> No locals.
> BIT-13 0x0814e5bf in PktSrc::Process (this=0x9dafa08) at PktSrc.cc:199
> No locals.
> BIT-14 0x0813f527 in net_run () at Net.cc:528
> ts = 1257158012.610261
> src = (IOSource *) 0x201
> BIT-15 0x0804f80f in main (argc=1346586692, argv=0xbfaaf144) at main.cc:999
> flow = FLOW_NEXT
> f = \{<BroObj> = \{<SerialObj> = \{_vptr.SerialObj = 0x8249f28,
> static NEVER = 0, static ALWAYS = 1, static factories = 0x9b4e930,
> static names = 0x9b4e950, static time_counter = 483},
> in_ser_cache = false, location = 0x0, ref_cnt = 1,
> static suppress_runtime = 0}, frame = 0x9dc0478, size = 1194,
> bq. function = 0x0, func_args = 0x0, next_stmt = 0x0,
> bq. break_before_next_stmt = false, break_on_return = false, trigger = 0x0,
> bq. call = 0x0, delayed = false}
> interfaces = \{<BaseList> = \{entry = 0x9b52538, chunk_size = 10,
> max_entries = 10, num_entries = 0}, <No data fields>}
> read_files = \{<BaseList> = \{entry = 0x9b52568, chunk_size = 10,
> max_entries = 10, num_entries = 1}, <No data fields>}
> netflows = \{<BaseList> = \{entry = 0x9b52598, chunk_size = 10,
> max_entries = 10, num_entries = 0}, <No data fields>}
> \---Type <return> to continue, or q <return> to quit--\-
> flow_files = \{<BaseList> = \{entry = 0x9b525c8, chunk_size = 10,
> max_entries = 10, num_entries = 0}, <No data fields>}
> rule_files = \{<BaseList> = \{entry = 0x9b525f8, chunk_size = 10,
> max_entries = 10, num_entries = 1}, <No data fields>}
> transformed_writefile = 0x0
> bst_file = 0x0
> id_name = 0x0
> events_file = 0x0
> seed_load_file = 0x0
> seed_save_file = 0x0
> seed = 0
> dump_cfg = 0
> do_watchdog = 0
> override_ignore_checksums = 0
> rule_debug = 0
> RE_level = 4
> dns_type = DNS_FAKE
> oldhandler = <value optimized out>
> p = <value optimized out>
> long_optsind = 35
> opts = "A:a:B:D:e:f:I:i:K:n:p:R:r:s:T:t:U:w:x:X:y:Y:z:CFGHLOPSWdghlv",
> '\0' <repeats 195 times>
> op = <value optimized out>
> \---Type <return> to continue, or q <return> to quit--\-
> script_rule_files = <value optimized out>
> tmp = 0x0
> s = <value optimized out>
> bro_alarm_file = <value optimized out>
> bro_init = \{handler = 0x9b6d138}
> dead_handlers = <value optimized out>
> alive_handlers = <value optimized out>
> long_opts = {{name = 0x82251d9 "debug-policy", has_arg = 0,
> flag = 0x0, val = 100}, \{name = 0x82251e6 "dump-config", has_arg = 0,
> flag = 0x0, val = 103}, \{name = 0x82251f2 "exec", has_arg = 1, flag = 0x0,
> val = 101}, \{name = 0x823bc9d "filter", has_arg = 1, flag = 0x0,
> val = 102}, \{name = 0x82251f7 "help", has_arg = 0, flag = 0x0, val = 104},
> bq. \{name = 0x82251fc "iface", has_arg = 1, flag = 0x0, val = 105}, \{
> name = 0x8225202 "print-scripts", has_arg = 0, flag = 0x0, val = 108}, \{
> name = 0x82507d3 "prefix", has_arg = 1, flag = 0x0, val = 112}, \{
> name = 0x8225210 "readfile", has_arg = 1, flag = 0x0, val = 114}, \{
> name = 0x8225219 "flowfile", has_arg = 1, flag = 0x0, val = 121}, \{
> name = 0x8225222 "netflow", has_arg = 1, flag = 0x0, val = 89}, \{
> name = 0x822522a "rulefile", has_arg = 1, flag = 0x0, val = 115}, \{
> name = 0x8225233 "tracefile", has_arg = 1, flag = 0x0, val = 116}, \{
> name = 0x822523d "writefile", has_arg = 1, flag = 0x0, val = 119}, \{
> name = 0x824698f "version", has_arg = 0, flag = 0x0, val = 118}, \{
> name = 0x8225247 "print-state", has_arg = 1, flag = 0x0, val = 120}, \{
> \---Type <return> to continue, or q <return> to quit--\-
> name = 0x8225253 "analyze", has_arg = 1, flag = 0x0, val = 122}, \{
> name = 0x822525b "transfile", has_arg = 1, flag = 0x0, val = 65}, \{
> name = 0x8225265 "no-checksums", has_arg = 0, flag = 0x0, val = 67}, \{
> name = 0x8225272 "dfa-cache", has_arg = 1, flag = 0x0, val = 68}, \{
> name = 0x822527c "force-dns", has_arg = 0, flag = 0x0, val = 70}, \{
> name = 0x8225286 "load-seeds", has_arg = 1, flag = 0x0, val = 71}, \{
> name = 0x8225291 "save-seeds", has_arg = 1, flag = 0x0, val = 72}, \{
> name = 0x822529c "set-seed", has_arg = 1, flag = 0x0, val = 74}, \{
> name = 0x82252a5 "md5-hashkey", has_arg = 1, flag = 0x0, val = 75}, \{
> name = 0x82252b1 "rule-benchmark", has_arg = 0, flag = 0x0, val = 76}, \{
> name = 0x82252c0 "optimize", has_arg = 0, flag = 0x0, val = 79}, \{
> name = 0x82252c9 "prime-dns", has_arg = 0, flag = 0x0, val = 80}, \{
> name = 0x82252d3 "replay", has_arg = 1, flag = 0x0, val = 82}, \{
> name = 0x82252da "debug-rules", has_arg = 0, flag = 0x0, val = 83}, \{
> name = 0x82252e6 "re-level", has_arg = 1, flag = 0x0, val = 82}, \{
> name = 0x82252ef "watchdog", has_arg = 0, flag = 0x0, val = 87}, \{
> name = 0x82252f8 "print-id", has_arg = 1, flag = 0x0, val = 73}, \{
> name = 0x8225301 "status-file", has_arg = 1, flag = 0x0, val = 85}, \{
> name = 0x822530d "pseudo-realtime", has_arg = 2, flag = 0x0, val = 69}, \{
> name = 0x822531d "use-binpac", has_arg = 0, flag = 0x82b3d48, val = 1}, \{
> name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
> Regards
> Rmkml
> Crusoe-Researches.com
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://bro-tracker.atlassian.net/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the bro-dev
mailing list