Snort mailing list archives
Re: snortcvs crash in InsertFrag
From: Francois Baligant <francois () be wanadoo com>
Date: Wed, 25 Jul 2001 02:51:39 +0200 (CEST)
If of any help:
/* $Id: spp_frag2.c,v 1.9 2001/07/20 19:28:04 roesch Exp $ */
regards,
Francois
--
Francois Baligant _ Wanadoo Belgium NV/SA,
Network Operation Center ( ) a subsidiary of France Telecom
/_\/ Lozenberg 22 - B-1932 Zaventem
francois () be wanadoo com (__/\ tel: +32 2 717 17 17
FB1-6BONE fax: +32 2 717 17 77
- "if you hold a unix shell to your ear, do you hear the c?"
On Tue, 24 Jul 2001, Martin Roesch wrote:
What build is this? -Marty Francois Baligant wrote:During a severe DoS attack, snort crashed several times there: #0 0x08078320 in InsertFrag (p=0xbffff3d8, ft=0x86ac830) at spp_frag2.c:535 535 (ubi_btNodePtr)newfrag, (ubi_btNodePtr*)dup) == FALSE) (gdb) bt #0 0x08078320 in InsertFrag (p=0xbffff3d8, ft=0x86ac830) at spp_frag2.c:535 #1 0x08078137 in Frag2Defrag (p=0xbffff3d8) at spp_frag2.c:430 #2 0x0805602a in Preprocess (p=0xbffff3d8) at rules.c:3427 #3 0x0804b6ab in ProcessPacket (user=0x0, pkthdr=0xbffff888, pkt=0x80d9f10 "") at snort.c:512 #4 0x0807907a in pcap_read_packet () #5 0x08079e13 in pcap_loop () #6 0x0804caf4 in InterfaceThread (arg=0x0) at snort.c:1441 #7 0x0804b57b in main (argc=8, argv=0xbffffa3c) at snort.c:445 #8 0x401aaf11 in __libc_start_main (main=0x804af1c <main>, argc=8, ubp_av=0xbffffa3c, init=0x804a2e0 <_init>, fini=0x8082fdc <_fini>, rtld_fini=0x4000e214 <_dl_fini>, stack_end=0xbffffa34) at ../sysdeps/generic/libc-start.c:129 Is this a know problem ? Francois -- Francois Baligant _ Wanadoo Belgium NV/SA, Network Operation Center ( ) a subsidiary of France Telecom /_\/ Lozenberg 22 - B-1932 Zaventem francois () be wanadoo com (__/\ tel: +32 2 717 17 17 FB1-6BONE fax: +32 2 717 17 77 - "if you hold a unix shell to your ear, do you hear the c?" _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users-- Martin Roesch roesch () sourcefire com http://www.sourcefire.com - http://www.snort.org _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snortcvs crash in InsertFrag Francois Baligant (Jul 24)
- Re: snortcvs crash in InsertFrag Martin Roesch (Jul 24)
- Re: snortcvs crash in InsertFrag Francois Baligant (Jul 24)
- Re: snortcvs crash in InsertFrag Martin Roesch (Jul 24)
- Re: snortcvs crash in InsertFrag Francois Baligant (Jul 24)
- Re: snortcvs crash in InsertFrag Martin Roesch (Jul 24)