New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Segmentation fault /opt/xplico/bin/mpaltalk #1051

Closed
bugcrash opened this Issue Dec 22, 2016 · 9 comments

Comments

Projects
None yet
3 participants
@bugcrash

bugcrash commented Dec 22, 2016

bugcrash@seconion:/opt/xplico/bin$ ./mpaltalk
mpaltalk v1.1.1
Internet Traffic Decoder (NFAT).
See http://www.xplico.org for more information.

Copyright 2007-2014 Gianluca Costa & Andrea de Franceschi and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

This product includes GeoLite data created by MaxMind, available from http://www.maxmind.com/.

usage: ./mpaltalk [-h] [-s] [-l] [-i] [-c <config_file>] -p
-c config file
-s silent
-p connection port
-i info (PEI generated by this manipulator)
-l print all log in the screen
-h this help
NOTE: parameters MUST respect this order!

bugcrash@seconion:/opt/xplico/bin$ gdb -q /opt/xplico/bin/mpaltalk
Reading symbols from /opt/xplico/bin/mpaltalk...(no debugging symbols found)...done.
(gdb) r -c ruby -e 'puts "A" * 9024'
Starting program: /opt/xplico/bin/mpaltalk -c ruby -e 'puts "A" * 9024'
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
mpaltalk v1.1.1
Internet Traffic Decoder (NFAT).
See http://www.xplico.org for more information.

Copyright 2007-2014 Gianluca Costa & Andrea de Franceschi and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

This product includes GeoLite data created by MaxMind, available from http://www.maxmind.com/.

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7425943 in _IO_vfprintf_internal (s=, format=,
ap=ap@entry=0x7fffffffbf18) at vfprintf.c:1661
1661 vfprintf.c: No such file or directory.
(gdb) i r rdi
rdi 0x4141414141414141 4702111234474983745

@dougburks

This comment has been minimized.

Show comment
Hide comment
@dougburks

dougburks Dec 22, 2016

Contributor

Hi @bugcrash ,

Are you trying to report an issue within Xplico itself? If so, please submit it to the Xplico developers directly.

Per the Xplico wiki:

"Don't hesitate to report bugs to bug[@]xplico.org and/or use the forum."
http://wiki.xplico.org/doku.php?id=xplico

Thanks!

Contributor

dougburks commented Dec 22, 2016

Hi @bugcrash ,

Are you trying to report an issue within Xplico itself? If so, please submit it to the Xplico developers directly.

Per the Xplico wiki:

"Don't hesitate to report bugs to bug[@]xplico.org and/or use the forum."
http://wiki.xplico.org/doku.php?id=xplico

Thanks!

@bugcrash

This comment has been minimized.

Show comment
Hide comment
@bugcrash

bugcrash Dec 22, 2016

@dougburks
Because securityonion is using the code. Why wait for the third party to fix the issue.

bugcrash commented Dec 22, 2016

@dougburks
Because securityonion is using the code. Why wait for the third party to fix the issue.

@dougburks

This comment has been minimized.

Show comment
Hide comment
@dougburks

dougburks Dec 22, 2016

Contributor

I've submitted this to bug@xplico.org on your behalf.

Contributor

dougburks commented Dec 22, 2016

I've submitted this to bug@xplico.org on your behalf.

@dougburks

This comment has been minimized.

Show comment
Hide comment
@dougburks

dougburks Dec 26, 2016

Contributor

No response yet from bug@xplico.org, so I've also posted this to:
http://forum.xplico.org/viewtopic.php?f=4&t=572

Contributor

dougburks commented Dec 26, 2016

No response yet from bug@xplico.org, so I've also posted this to:
http://forum.xplico.org/viewtopic.php?f=4&t=572

@dougburks

This comment has been minimized.

Show comment
Hide comment
@dougburks

dougburks Jan 2, 2017

Contributor

Still no response from bug@xplico.org or http://forum.xplico.org/viewtopic.php?f=4&t=572, so I've emailed Gianluca Costa personally.

Contributor

dougburks commented Jan 2, 2017

Still no response from bug@xplico.org or http://forum.xplico.org/viewtopic.php?f=4&t=572, so I've emailed Gianluca Costa personally.

@gnlcosta

This comment has been minimized.

Show comment
Hide comment
@gnlcosta

gnlcosta Jan 2, 2017

Hi @bugcrash ,
can you explain me your command: "-c ruby -e 'puts "A" * 9024'"
All manipulators (msite, mpaltalk, ..) have as parameters these options:
[-h] [-s] [-l] [-i] [-c <config_file>] -p
where [] means optional and other (-p) are mandatory. About that you command is not correct.
In your command line the configuration file has name "ruby", can you send me this configuration file?
Thanks.
Gianluca

gnlcosta commented Jan 2, 2017

Hi @bugcrash ,
can you explain me your command: "-c ruby -e 'puts "A" * 9024'"
All manipulators (msite, mpaltalk, ..) have as parameters these options:
[-h] [-s] [-l] [-i] [-c <config_file>] -p
where [] means optional and other (-p) are mandatory. About that you command is not correct.
In your command line the configuration file has name "ruby", can you send me this configuration file?
Thanks.
Gianluca

@gnlcosta

This comment has been minimized.

Show comment
Hide comment
@gnlcosta

gnlcosta Jan 2, 2017

Hi @bugcrash ,
now I understand your command, ruby generates a very long filename.

gnlcosta commented Jan 2, 2017

Hi @bugcrash ,
now I understand your command, ruby generates a very long filename.

@gnlcosta

This comment has been minimized.

Show comment
Hide comment
@gnlcosta

gnlcosta commented Jan 2, 2017

@dougburks

This comment has been minimized.

Show comment
Hide comment

@dougburks dougburks closed this Jan 30, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment