[Snort-devel] linux/sparc BUS ERROR [more info]

Fyodor fygrave at ...1...
Tue Jan 15 18:40:02 EST 2002


On Tue, Jan 15, 2002 at 01:12:45PM -0800, Roelof JT Jonkman wrote:
> You might want to try gcc 3.0.3 (compile flags -mcpu=v9 -m32)
> 
> I've had reasonable luck with that on solaris. I'm not sure
> how well adapted linux is to ultrasparcs.... 
> 
> I quickly glanced at the code, and I can't see an
> obvious alignment problem. So a far out guess

Inet_ntoa, declared as:
       char *inet_ntoa(struct in_addr in);

could use opcodes which operate on 4byte aligned values, as the in_addr
struct has s_addr structure member which is of the in_addr_t type,
which, itself is defined as typedef uint32_t in_addr_t; i.g. unsigned
long. I can not think of a better way to patch the problem right now
except of shifting the data to an aligned boundary first. There must be
a more elegant to fix it though.. anyway mind to try attached patch to
see if it fixes the problem?


-------------- next part --------------
Index: decode.h
===================================================================
RCS file: /cvsroot/snort/snort/Attic/decode.h,v
retrieving revision 1.36.2.1
diff -u -r1.36.2.1 decode.h
--- decode.h	2002/01/11 00:17:35	1.36.2.1
+++ decode.h	2002/01/16 02:36:44
@@ -366,13 +366,22 @@
 /* force word-aligned ntohl parameter */
     #define EXTRACT_32BITS(p)  ({ u_int32_t __tmp; memmove(&__tmp, (p), sizeof(u_int32_t)); (u_int32_t) ntohl(__tmp);})
 
+    #define ALIGN_UINT(a) ({ u_int32_t _uint; memcpy((void *)&_uint, \
+        (void *)(&a), sizeof(u_int32_t));})
+    #define ALIGN_INADDR(a) ({ struct in_addr _ina; memcpy((void *)&_ina, \
+        (void *)(&a), sizeof(struct in_addr));})
+
+
 #else
 
 /* allows unaligned ntohl parameter - dies w/SIGBUS on SPARCs */
     #define EXTRACT_32BITS(p) ((u_int32_t) ntohl (*(u_int32_t *)(p)))
+    #define ALIGN_UNIT(a)   (a)
+    #define ALIGN_INADDR(a) (a)
 
 #endif                /* WORDS_MUSTALIGN */
 
+#define INET_NTOA(arg)      INET_NTOA(ALIGN_INADDR(arg))
 
 /* packet status flags */
 #define PKT_REBUILT_FRAG     0x00000001  /* is a rebuilt fragment */
Index: log.c
===================================================================
RCS file: /cvsroot/snort/snort/Attic/log.c,v
retrieving revision 1.79
diff -u -r1.79 log.c
--- log.c	2001/11/20 04:44:26	1.79
+++ log.c	2002/01/16 02:37:09
@@ -96,7 +96,7 @@
         {
             snprintf(log_path, STD_BUF, "%s%s/%s",
                     chrootdir == NULL ? "" : chrootdir, pv.log_dir, 
-                                             inet_ntoa(p->iph->ip_src));
+                                             INET_NTOA(p->iph->ip_src));
         }
         else
         {
@@ -104,13 +104,13 @@
             {
                 snprintf(log_path, STD_BUF, "%s%s/%s",
                         chrootdir == NULL ? "" : chrootdir,  pv.log_dir, 
-                                                 inet_ntoa(p->iph->ip_src));
+                                                 INET_NTOA(p->iph->ip_src));
             }
             else
             {
                 snprintf(log_path, STD_BUF, "%s%s/%s",
                         chrootdir == NULL ? "" : chrootdir, pv.log_dir, 
-                                                 inet_ntoa(p->iph->ip_dst));
+                                                 INET_NTOA(p->iph->ip_dst));
             }
         }
     }
@@ -120,7 +120,7 @@
         {
             snprintf(log_path, STD_BUF, "%s%s/%s",
                     chrootdir == NULL ? "" : chrootdir,  pv.log_dir, 
-                                             inet_ntoa(p->iph->ip_dst));
+                                             INET_NTOA(p->iph->ip_dst));
         }
         else
         {
@@ -128,13 +128,13 @@
             {
                 snprintf(log_path, STD_BUF, "%s%s/%s",
                         chrootdir == NULL ? "" : chrootdir, pv.log_dir, 
-                                                 inet_ntoa(p->iph->ip_src));
+                                                 INET_NTOA(p->iph->ip_src));
             }
             else
             {
                 snprintf(log_path, STD_BUF, "%s%s/%s",
                         chrootdir == NULL ? "" : chrootdir, pv.log_dir, 
-                                                 inet_ntoa(p->iph->ip_dst));
+                                                 INET_NTOA(p->iph->ip_dst));
             }
         }
     }
@@ -888,9 +888,9 @@
         if(p->frag_flag)
         {
             /* just print the straight IP header */
-            fputs(inet_ntoa(p->iph->ip_src), file);
+            fputs(INET_NTOA(p->iph->ip_src), file);
             fwrite(" -> ", 4, 1, file);
-            fputs(inet_ntoa(p->iph->ip_dst), file);
+            fputs(INET_NTOA(p->iph->ip_dst), file);
         }
         else
         {
@@ -899,17 +899,17 @@
                 case IPPROTO_UDP:
                 case IPPROTO_TCP:
                     /* print the header complete with port information */
-                    fputs(inet_ntoa(p->iph->ip_src), file);
+                    fputs(INET_NTOA(p->iph->ip_src), file);
                     fprintf(file, ":%d -> ", p->sp);
-                    fputs(inet_ntoa(p->iph->ip_dst), file);
+                    fputs(INET_NTOA(p->iph->ip_dst), file);
                     fprintf(file, ":%d", p->dp);
                     break;
                 case IPPROTO_ICMP:
                 default:
                     /* just print the straight IP header */
-                    fputs(inet_ntoa(p->iph->ip_src), file);
+                    fputs(INET_NTOA(p->iph->ip_src), file);
                     fwrite(" -> ", 4, 1, file);
-                    fputs(inet_ntoa(p->iph->ip_dst), file);
+                    fputs(INET_NTOA(p->iph->ip_dst), file);
             }
         }
     }               /* end of if (p) */
@@ -950,11 +950,11 @@
     if(p && p->iph)
     {
         /*
-         * have to do this since inet_ntoa is fucked up and writes to a static
+         * have to do this since INET_NTOA is fucked up and writes to a static
          * memory location
          */
-        strlcpy(sip, inet_ntoa(p->iph->ip_src), 16);
-        strlcpy(dip, inet_ntoa(p->iph->ip_dst), 16);
+        strlcpy(sip, INET_NTOA(p->iph->ip_src), 16);
+        strlcpy(dip, INET_NTOA(p->iph->ip_dst), 16);
 
         if(event != NULL)
         {
@@ -1102,8 +1102,8 @@
 
         if(p && p->iph)
         {
-            strncpy(sip, inet_ntoa(p->iph->ip_src), 16);
-            strncpy(dip, inet_ntoa(p->iph->ip_dst), 16);
+            strncpy(sip, INET_NTOA(p->iph->ip_src), 16);
+            strncpy(dip, INET_NTOA(p->iph->ip_dst), 16);
 
             if(p->frag_flag || 
               (p->iph->ip_proto != IPPROTO_TCP && 
@@ -1481,7 +1481,7 @@
     {
         case ARPOP_REQUEST:
             bcopy((void *)p->ah->arp_tpa, (void *) &ip_addr, sizeof(ip_addr));
-            fprintf(fp, "ARP who-has %s", inet_ntoa(ip_addr));
+            fprintf(fp, "ARP who-has %s", INET_NTOA(ip_addr));
 
             if(memcmp((char *) ezero, (char *) p->ah->arp_tha, 6) != 0)
             {
@@ -1491,7 +1491,7 @@
             }
             bcopy((void *)p->ah->arp_spa, (void *) &ip_addr, sizeof(ip_addr));
 
-            fprintf(fp, " tell %s", inet_ntoa(ip_addr));
+            fprintf(fp, " tell %s", INET_NTOA(ip_addr));
 
             if(memcmp((char *) p->eh->ether_src, (char *) p->ah->arp_sha, 6) 
                     != 0)
@@ -1504,7 +1504,7 @@
 
         case ARPOP_REPLY:
             bcopy((void *)p->ah->arp_spa, (void *) &ip_addr, sizeof(ip_addr));
-            fprintf(fp, "ARP reply %s", inet_ntoa(ip_addr));
+            fprintf(fp, "ARP reply %s", INET_NTOA(ip_addr));
 
             if(memcmp((char *) p->eh->ether_src, (char *) p->ah->arp_sha, 6) 
                     != 0)
@@ -1539,7 +1539,7 @@
             fprintf(fp, "RARP reply %X:%X:%X:%X:%X:%X at %s",
                     p->ah->arp_tha[0], p->ah->arp_tha[1], p->ah->arp_tha[2],
                     p->ah->arp_tha[3], p->ah->arp_tha[4], p->ah->arp_tha[5],
-                    inet_ntoa(ip_addr));
+                    INET_NTOA(ip_addr));
 
             break;
 
@@ -1573,27 +1573,27 @@
     if(p->frag_flag)
     {
         /* just print the straight IP header */
-        fputs(inet_ntoa(p->iph->ip_src), fp);
+        fputs(INET_NTOA(p->iph->ip_src), fp);
         fwrite(" -> ", 4, 1, fp);
-        fputs(inet_ntoa(p->iph->ip_dst), fp);
+        fputs(INET_NTOA(p->iph->ip_dst), fp);
     }
     else
     {
         if(p->iph->ip_proto != IPPROTO_TCP && p->iph->ip_proto != IPPROTO_UDP)
         {
             /* just print the straight IP header */
-            fputs(inet_ntoa(p->iph->ip_src), fp);
+            fputs(INET_NTOA(p->iph->ip_src), fp);
             fwrite(" -> ", 4, 1, fp);
-            fputs(inet_ntoa(p->iph->ip_dst), fp);
+            fputs(INET_NTOA(p->iph->ip_dst), fp);
         }
         else
         {
             if(!pv.obfuscation_flag)
             {
                 /* print the header complete with port information */
-                fputs(inet_ntoa(p->iph->ip_src), fp);
+                fputs(INET_NTOA(p->iph->ip_src), fp);
                 fprintf(fp, ":%d -> ", p->sp);
-                fputs(inet_ntoa(p->iph->ip_dst), fp);
+                fputs(INET_NTOA(p->iph->ip_dst), fp);
                 fprintf(fp, ":%d", p->dp);
             }
             else


More information about the Snort-devel mailing list