[Snort-devel] [ snort-Bugs-458644 ] Segfault in FlushStream

noreply at ...12... noreply at ...12...
Wed Sep 5 05:50:03 EDT 2001


Bugs item #458644, was opened at 2001-09-05 02:06
You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=103357&aid=458644&group_id=3357

Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Nobody/Anonymous (nobody)
Summary: Segfault in FlushStream

Initial Comment:
Hi,

We have been running snort on a busy network for 
about a month, and it segfaults and dies fairly 
randomly, about once every hour or two. One stack 
trace I captured was:

Program received signal SIGSEGV, Segmentation fault.
0x42424238 in ?? ()
(gdb) bt
#0  0x42424238 in ?? ()
#1  0x08073c65 in FlushStream (s=0x80d2d88, 
p=0xbffff75c, direction=0)
    at spp_stream4.c:2499
#2  0x080722a6 in ReassembleStream4 (p=0xbffff75c) at 
spp_stream4.c:1084
#3  0x08054ac3 in Preprocess (p=0xbffff75c) at 
rules.c:3427
#4  0x0804a8dc in ProcessPacket (user=0x0, 
pkthdr=0xbffffc04, pkt=0x80cddca "")
    at snort.c:512
#5  0x08075522 in pcap_read ()
#6  0x08075d23 in pcap_loop ()
#7  0x0804bb93 in InterfaceThread (arg=0x0) at 
snort.c:1441
#8  0x0804a7d8 in main (argc=15, argv=0xbffffd84) at 
snort.c:445
#9  0x4007ed4c in __libc_start_main (main=0x804a200 
<main>, argc=15...

As you can see, the top frame's address is completely 
bogus, and looks worryingly like a buffer overflow on 
the stack. This looks like it might be a bug in 
stream4. Any ideas?

Cheers, Chris.


----------------------------------------------------------------------

You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=103357&aid=458644&group_id=3357




More information about the Snort-devel mailing list