New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Segmentation fault /opt/bro/bin/capstats #1052

Closed
bugcrash opened this Issue Dec 22, 2016 · 6 comments

Comments

Projects
None yet
2 participants
@bugcrash

bugcrash@seconion:/opt/bro/bin$ ./capstats -h
./capstats: invalid option -- 'h'
capstats [Options] -i interface

-i| --interface Listen on interface
-f| --filter BPF filter
-I| --interval Stats logging interval
-l| --syslog Use syslog rather than print to stderr
-n| --number Stop after outputting intervals
-N| --select Use select() for live pcap (for testing only)
-p| --payload Verifies that packets' payloads consist entirely of bytes of the given value.
-q| --quiet Suppress output, exit code indicates >= count packets received.
-S| --size Verify packets to have given
-s| --snaplen Use pcap snaplen =
-v| --version Print version and exit
-w| --write Write packets to file

bugcrash@seconion:/opt/bro/bin$ gdb -q /opt/bro/bin/capstats
Reading symbols from /opt/bro/bin/capstats...(no debugging symbols found)...done.
(gdb) r -p ruby -e 'puts "A" * 10024'
Starting program: /opt/bro/bin/capstats -p ruby -e 'puts "A" * 10024'
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
__GI_____strtol_l_internal (nptr=0x0, endptr=0x0, base=10, group=,
loc=0x7ff22c6ed060 <_nl_global_locale>) at ../stdlib/strtol_l.c:298
298 ../stdlib/strtol_l.c: No such file or directory.
(gdb) i r
rax 0x7ff22c6ea740 140678104262464
rbx 0x3 3
rcx 0x0 0
rdx 0xa 10
rsi 0x0 0
rdi 0x0 0
rbp 0x0 0x0
rsp 0x7ffed39e2640 0x7ffed39e2640
r8 0x7ff22c6ed060 140678104272992
r9 0x0 0
r10 0x7ffed39e2460 140732448777312
r11 0x7ff22c36b3e0 140678100595680
r12 0x401dca 4201930
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0x7ff22c36b467 0x7ff22c36b467 <__GI_____strtol_l_internal+55>
eflags 0x10283 [ CF SF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0

@dougburks

This comment has been minimized.

Show comment
Hide comment
@dougburks

dougburks Dec 22, 2016

Contributor

Hi @bugcrash ,

Are you trying to report an issue within Bro itself? If so, please submit it to the Bro developers directly:
https://www.bro.org/contact/index.html

Thanks!

Contributor

dougburks commented Dec 22, 2016

Hi @bugcrash ,

Are you trying to report an issue within Bro itself? If so, please submit it to the Bro developers directly:
https://www.bro.org/contact/index.html

Thanks!

@bugcrash

This comment has been minimized.

Show comment
Hide comment
@bugcrash

bugcrash Dec 22, 2016

@dougburks
Because securityonion is using the code. Why wait for the third party to fix the issue.

@dougburks
Because securityonion is using the code. Why wait for the third party to fix the issue.

@dougburks

This comment has been minimized.

Show comment
Hide comment
@dougburks

dougburks Dec 22, 2016

Contributor

I've submitted this to the Bro team on your behalf:
https://bro-tracker.atlassian.net/browse/BIT-1774

Contributor

dougburks commented Dec 22, 2016

I've submitted this to the Bro team on your behalf:
https://bro-tracker.atlassian.net/browse/BIT-1774

@bugcrash

This comment has been minimized.

Show comment
Hide comment
@bugcrash

bugcrash Dec 23, 2016

@dougburks
on my behalf? i'm not a user of security-onion or bro. does security-onion not have a team to do any qa of code being implemented in it's solution? just add what works and hope for the best?

@dougburks
on my behalf? i'm not a user of security-onion or bro. does security-onion not have a team to do any qa of code being implemented in it's solution? just add what works and hope for the best?

@dougburks

This comment has been minimized.

Show comment
Hide comment
@dougburks

dougburks Dec 26, 2016

Contributor

Hi @bugcrash ,

Replies inline.

on my behalf? i'm not a user of security-onion or bro.

I was simply giving you credit for discovering and reporting the bug.

does security-onion not have a team to do any qa of code being implemented in it's solution? just add what works and hope for the best?

Yes, we do have a QA team. No QA team is perfect, just like no software is perfect.

Contributor

dougburks commented Dec 26, 2016

Hi @bugcrash ,

Replies inline.

on my behalf? i'm not a user of security-onion or bro.

I was simply giving you credit for discovering and reporting the bug.

does security-onion not have a team to do any qa of code being implemented in it's solution? just add what works and hope for the best?

Yes, we do have a QA team. No QA team is perfect, just like no software is perfect.

@dougburks dougburks closed this Jul 5, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment