Skip to content
This repository has been archived by the owner on Apr 16, 2021. It is now read-only.

pads segfaults #267

Closed
GoogleCodeExporter opened this issue Mar 24, 2015 · 8 comments
Closed

pads segfaults #267

GoogleCodeExporter opened this issue Mar 24, 2015 · 8 comments
Labels
auto-migrated Priority-Medium Type-Defect

Comments

@GoogleCodeExporter
Copy link 

pads segfaults straight after starting on my network (pads 1.2.1 from gamelinux 
as in SO 20120511).

gdb shows (after rebuilding with debug):

Program received signal SIGSEGV, Segmentation fault.
0x08051262 in print_arp_asset_fifo (rec=0xb7a58000) at output-fifo.c:189
189     output-fifo.c: No such file or directory.
        in output-fifo.c
(gdb)
(gdb) bt
#0  0x08051262 in print_arp_asset_fifo (rec=0xb7a58000) at output-fifo.c:189
#1  0x080505f3 in print_arp_asset (ip_addr=..., mac_addr=0xb7a58060 
"\320#\333+\324\370\n\024") at output.c:222
#2  0x0804b7d9 in process_eth (pkthdr=0xbfffedf8, packet=0x0) at packet.c:105
#3  0xb7f766ca in ?? () from /usr/lib/libpcap.so.0.8
#4  0xb7f7b2ab in pcap_loop () from /usr/lib/libpcap.so.0.8
#5  0x08049f6d in main_pads () at pads.c:314
#6  0x0804a200 in main (argc=11, argv=0xbffff364) at pads.c:521
(gdb) p rec
$1 = (ArpAsset *) 0xb7a58000
(gdb) p *rec
$2 = {ip_addr = {s_addr = 1}, mac_addr = "<\000\000\000<", mac_resolved = 
0x540046, discovered = 1336734024, next = 0x3ad8310a}
(gdb) p rec->mac_resolved
$5 = (bstring) 0x540046
(gdb) p *rec->mac_resolved
Cannot access memory at address 0x540046

*rec contains garbage. It looks like it's because of an uninitialised pointer.

Fix below:

--- src/output/output.c~        2012-05-11 12:11:30.595014792 +0100
+++ src/output/output.c 2012-05-11 12:09:39.958305615 +0100
@@ -194,7 +194,7 @@

     /* Find Asset */
     ArpAsset *list;
-    ArpAsset *rec;
+    ArpAsset *rec = NULL;

     list = (ArpAsset *)get_arp_pointer();
     while (list != NULL) {

Original issue reported on code.google.com by Stephane...@gmail.com on 11 May 2012 at 11:17
@GoogleCodeExporter
Copy link
Author 

Hi Stephane,

Thanks for tracking this down and patching it!  

Have you sent the patch to Edward?

https://github.com/gamelinux/pads

Thanks,
Doug

Original comment by doug.bu...@gmail.com on 11 May 2012 at 11:23

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

Actually, there was another error in that code which valgrind helped identify. 
New fix attached.

Original comment by Stephane...@gmail.com on 11 May 2012 at 1:16

  • Added labels: ****
  • Removed labels: ****

Attachments:

@GoogleCodeExporter
Copy link
Author 

Thanks again for the additional patch!

Are you sending these patches to Edward?

https://github.com/gamelinux/pads

Original comment by doug.bu...@gmail.com on 11 May 2012 at 1:31

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

How would one apply that patch?

Original comment by Yosha...@gmail.com on 31 Aug 2012 at 8:30

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

Hi Yoshanah,

We're most likely going to remove pads in the new version of Security Onion and 
probably replace it with prads, so I wouldn't worry about patching pads now.

Thanks,
Doug

Original comment by doug.bu...@gmail.com on 31 Aug 2012 at 8:32

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

Thanks Doug.  I'm new to the community.  How often do you release new versions?

Original comment by Yosha...@gmail.com on 31 Aug 2012 at 9:12

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

Nevermind, found the roadmap.  Thank you sir.

Original comment by Yosha...@gmail.com on 31 Aug 2012 at 9:30

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

PADS has been removed in BDR.

Original comment by doug.bu...@gmail.com on 12 Oct 2012 at 4:52

  • Changed state: WontFix
  • Added labels: ****
  • Removed labels: ****

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
auto-migrated Priority-Medium Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter