Skip to content
This repository has been archived by the owner on Apr 16, 2021. It is now read-only.

Segmentation fault /opt/bro/bin/capstats #1052

Closed
bugcrash opened this issue Dec 22, 2016 · 6 comments
Closed

Segmentation fault /opt/bro/bin/capstats #1052

bugcrash opened this issue Dec 22, 2016 · 6 comments

Comments

@bugcrash
Copy link

bugcrash@seconion:/opt/bro/bin$ ./capstats -h
./capstats: invalid option -- 'h'
capstats [Options] -i interface

-i| --interface Listen on interface
-f| --filter BPF filter
-I| --interval Stats logging interval
-l| --syslog Use syslog rather than print to stderr
-n| --number Stop after outputting intervals
-N| --select Use select() for live pcap (for testing only)
-p| --payload Verifies that packets' payloads consist entirely of bytes of the given value.
-q| --quiet Suppress output, exit code indicates >= count packets received.
-S| --size Verify packets to have given
-s| --snaplen Use pcap snaplen =
-v| --version Print version and exit
-w| --write Write packets to file

bugcrash@seconion:/opt/bro/bin$ gdb -q /opt/bro/bin/capstats
Reading symbols from /opt/bro/bin/capstats...(no debugging symbols found)...done.
(gdb) r -p ruby -e 'puts "A" * 10024'
Starting program: /opt/bro/bin/capstats -p ruby -e 'puts "A" * 10024'
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
__GI_____strtol_l_internal (nptr=0x0, endptr=0x0, base=10, group=,
loc=0x7ff22c6ed060 <_nl_global_locale>) at ../stdlib/strtol_l.c:298
298 ../stdlib/strtol_l.c: No such file or directory.
(gdb) i r
rax 0x7ff22c6ea740 140678104262464
rbx 0x3 3
rcx 0x0 0
rdx 0xa 10
rsi 0x0 0
rdi 0x0 0
rbp 0x0 0x0
rsp 0x7ffed39e2640 0x7ffed39e2640
r8 0x7ff22c6ed060 140678104272992
r9 0x0 0
r10 0x7ffed39e2460 140732448777312
r11 0x7ff22c36b3e0 140678100595680
r12 0x401dca 4201930
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0x7ff22c36b467 0x7ff22c36b467 <__GI_____strtol_l_internal+55>
eflags 0x10283 [ CF SF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
@dougburks
Copy link
Contributor

Hi @bugcrash ,

Are you trying to report an issue within Bro itself? If so, please submit it to the Bro developers directly:
https://www.bro.org/contact/index.html

Thanks!

@bugcrash
Copy link
Author

@dougburks
Because securityonion is using the code. Why wait for the third party to fix the issue.

@dougburks
Copy link
Contributor

I've submitted this to the Bro team on your behalf:
https://bro-tracker.atlassian.net/browse/BIT-1774

@bugcrash
Copy link
Author

@dougburks
on my behalf? i'm not a user of security-onion or bro. does security-onion not have a team to do any qa of code being implemented in it's solution? just add what works and hope for the best?

@dougburks
Copy link
Contributor

Hi @bugcrash ,

Replies inline.

on my behalf? i'm not a user of security-onion or bro.

I was simply giving you credit for discovering and reporting the bug.

does security-onion not have a team to do any qa of code being implemented in it's solution? just add what works and hope for the best?

Yes, we do have a QA team. No QA team is perfect, just like no software is perfect.

@dougburks
Copy link
Contributor

published:
http://blog.securityonion.net/2017/07/bro-251-now-available-for-security-onion.html

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dougburks @bugcrash