[Snort-devel] now a crash in spp_tcp_stream3

tlewis at ...255... tlewis at ...255...
Tue May 15 20:25:38 EDT 2001


Invalid, yes, but not NULL.  It's a shame that the value's not "42<<24" or
something generally greppable; 16 could be stuck in there almost anywhere.

--
Todd Lewis
tlewis at ...255...

On Tue, 15 May 2001, Eugene Tsyrklevich wrote:

> values 0x16 and 0x22 mean that you are dereferencing a NULL/invalid pointer
> 
> 
> On Tue, May 15, 2001 at 12:09:54PM -0500, Steve Halligan wrote:
> > I got it again, the number is 1441792 (oddly that is 0x160000)
> > 
> > > > The saga continues, I still have it sitting in gdb if anyone 
> > > > needs more
> > > > data.
> > > > CVS from 30 min ago:
> > > > Program received signal SIGSEGV, Segmentation fault.
> > > > TcpStream3FillBuffer (sptr=0x5a5800, buf=0x5b103c "", 
> > > > psize=20000, server=1)
> > > > at spp_tcp_stream3.c:1391
> > > > 1391        first_seq = pdata->seq;
> > > > 
> > > It appears to me that something nasty is getting in 
> > > sptr->s_data->seq.  This
> > > seg fault happens when server=1 so pdata=sptr->s_data.  If I print
> > > sptr->s_data->seq after the crash it has been an unusually low value
> > > (14????? (I forget the actual number), and 22 in another case).  Any
> > > thoughts?
> > > -Steve
> 





More information about the Snort-devel mailing list