[Snort-devel] [ snort-Support Requests-1153875 ] Snort code dumped in spp_sfportscan.c on Sun Solaris OS

SourceForge.net noreply at ...12...
Tue Mar 1 08:17:29 EST 2005


Support Requests item #1153875, was opened at 2005-02-28 15:25
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=203357&aid=1153875&group_id=3357

Category: None
Group: None
Status: Open
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Nobody/Anonymous (nobody)
Summary: Snort code dumped in spp_sfportscan.c on Sun Solaris OS

Initial Comment:
Hello,

When I ran snort V2.3.0 on my Solaris 9 system, the 
program core dumped. The following is the details; please 
advise how to fix or bypass this problem.

dbx -I. snort core

Reading snort
core file header read successfully
Reading ld.so.1
Reading libpcre.so.0.0.1
Reading libm.so.1
Reading libsocket.so.1
Reading libnsl.so.1
Reading libc.so.1
Reading libdl.so.1
Reading libmp.so.2
Reading libc_psr.so.1
Reading nss_files.so.1

program terminated by signal BUS (invalid address 
alignment)

Current function is MakePortscanPkt

  350           g_tmp_pkt->pkth->ts.tv_sec = p->pkth-
>ts.tv_sec;

(dbx) where

=>[1] MakePortscanPkt(ps_pkt = 0xffbff640, proto = 
0x24bbc40, proto_type = 2, user = (nil)), line 350 
in "spp_sfportscan.c"

  [2] PortscanAlert(ps_pkt = 0xffbff640, proto = 0x24bbc40, 
proto_type = 2), line 639 in "spp_sfportscan.c"

  [3] PortscanDetect(p = 0xffbff72c), line 681 
in "spp_sfportscan.c"

  [4] Preprocess(p = 0xffbff72c), line 137 in "detect.c"

  [5] ProcessPacket(user = (nil), pkthdr = 0xffbffae8, pkt = 
0x31794a ""), line 708 in "snort.c"

  [6] pcap_read_dlpi(0x311e48, 0xffffffff, 0x7b958, 0x0, 
0x0, 0xc6503d), at 0x115f5c 

  [7] pcap_loop(0x311e48, 0xffffffff, 0x7b958, 0x0, 0x0, 
0xffbffc18), at 0x1172d4 

  [8] InterfaceThread(arg = (nil)), line 1746 in "snort.c"

  [9] SnortMain(argc = 3, argv = 0xffbffd74), line 635 
in "snort.c"

  [10] main(argc = 3, argv = 0xffbffd74), line 179 in "snort.c"

(dbx)



----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=203357&aid=1153875&group_id=3357




More information about the Snort-devel mailing list