Project

General

Profile

Actions
Copy link

Bug #874

closed

Segfault with git master

Added by Peter Manev over 11 years ago. Updated over 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Anoop Saldanha
Target version:
2.0beta1
Affected Versions:
Effort:
Difficulty:
Label:

Description

Compiling suri with ->

./autogen.sh && ./configure --prefix=/usr/ --sysconfdir=/etc/ --localstatedir=/var/ --disable-gccmarch-native --enable-geoip --with-libnss-libraries=/usr/lib --with-libnss-includes=/usr/include/nss/ --with-libnspr-libraries=/usr/lib --with-libnspr-includes=/usr/include/nspr && make clean && make && make install && ldconfig

and starting it with ->

suricata -c /etc/suricata/suricata.yaml -r 21-packet-core-dump.pcap

We get segfaults and a coredump is produced with the attached pcap (21-packet-core-dump.pcap).

With htp-autotools branch ->

suricata --build-info
This is Suricata version 2.0dev (rev 4749420)
Features: PCAP_SET_BUFF LIBPCAP_VERSION_MAJOR=1 AF_PACKET HAVE_PACKET_FANOUT LIBCAP_NG LIBNET1.1 HAVE_HTP_URI_NORMALIZE_HOOK HAVE_HTP_TX_GET_RESPONSE_HEADERS_RAW HAVE_NSS HAVE_LIBJANSSON
64-bits, Little-endian architecture
GCC version 4.6.3, C version 199901
  __GCC_HAVE_SYNC_COMPARE_AND_SWAP_1
  __GCC_HAVE_SYNC_COMPARE_AND_SWAP_2
  __GCC_HAVE_SYNC_COMPARE_AND_SWAP_4
  __GCC_HAVE_SYNC_COMPARE_AND_SWAP_8
compiled with -fstack-protector
compiled with _FORTIFY_SOURCE=2
L1 cache line size (CLS)=64
compiled with libhtp 0.2.12, linked against 0.2.11

also with the git master -


root@ubuntu64LTS:~/work/oisf# suricata --build-info
This is Suricata version 2.0dev (rev 73e27c1)
Features: PCAP_SET_BUFF LIBPCAP_VERSION_MAJOR=1 AF_PACKET HAVE_PACKET_FANOUT LIBCAP_NG LIBNET1.1 HAVE_HTP_URI_NORMALIZE_HOOK HAVE_HTP_TX_GET_RESPONSE_HEADERS_RAW HAVE_NSS HAVE_LIBJANSSON
64-bits, Little-endian architecture
GCC version 4.6.3, C version 199901
  __GCC_HAVE_SYNC_COMPARE_AND_SWAP_1
  __GCC_HAVE_SYNC_COMPARE_AND_SWAP_2
  __GCC_HAVE_SYNC_COMPARE_AND_SWAP_4
  __GCC_HAVE_SYNC_COMPARE_AND_SWAP_8
compiled with -fstack-protector
compiled with _FORTIFY_SOURCE=2
L1 cache line size (CLS)=64
compiled with libhtp 0.2.12, linked against 0.2.11

Files

21-packet-core-dump.pcap (13.8 KB) 21-packet-core-dump.pcap Peter Manev, 07/13/2013 10:34 AM
Actions
Copy link
 #1

Updated by Victor Julien over 11 years ago

  • Subject changed from Segfault with gitmaster to Segfault with git master
  • Status changed from New to Assigned
  • Assignee set to Anoop Saldanha
  • Target version set to 2.0beta1

@Anoop, can you check this?
@Peter Pan, how about 1.4.x master?

Actions
Copy link
 #2

Updated by Anoop Saldanha over 11 years ago

Victor Julien wrote:

@Anoop, can you check this?

Sure.

Actions
Copy link
 #3

Updated by Peter Manev over 11 years ago

1.4.3 does not segfault.

Actions
Copy link
 #4

Updated by Anoop Saldanha over 11 years ago

Unable to reproduce this with the master-

--enable-geoip, --disable-gccmarch-native configured on all runs.
etpro ruleset/as well as no ruleset.
checksum disabled/enabled.

Actions
Copy link
 #5

Updated by Anoop Saldanha over 11 years ago

  • Update

Valgrind isn't showing any errors either with the above runs.

Actions
Copy link
 #6

Updated by Anoop Saldanha over 11 years ago

  • Status changed from Assigned to Closed

Not an issue.

Compiled against bundled headers but linked against 0.2.11. You can't do this with the current master. With the current git master you can only use the bundled htp, since the git master needs certain libhtp features that have only been pushed to the bundled htp.

Closing bug.

Actions
Copy link

Also available in: Atom PDF