Snort code dumped in spp_sfportscan.c on Sun Solaris OS

[Frank Zhang <fzhang () systemsintegrated com>]

Hello,

 

When I ran snort V2.3.0 on my Solaris 9 system, the program core dumped. The
following is the details; please advise how to fix or bypass this problem.

 

dbx -I. snort core

Reading snort

core file header read successfully

Reading ld.so.1

Reading libpcre.so.0.0.1

Reading libm.so.1

Reading libsocket.so.1

Reading libnsl.so.1

Reading libc.so.1

Reading libdl.so.1

Reading libmp.so.2

Reading libc_psr.so.1

Reading nss_files.so.1

program terminated by signal BUS (invalid address alignment)

Current function is MakePortscanPkt

  350           g_tmp_pkt->pkth->ts.tv_sec = p->pkth->ts.tv_sec;

(dbx) where

=>[1] MakePortscanPkt(ps_pkt = 0xffbff640, proto = 0x24bbc40, proto_type =
2, user = (nil)), line 350 in "spp_sfportscan.c"

  [2] PortscanAlert(ps_pkt = 0xffbff640, proto = 0x24bbc40, proto_type = 2),
line 639 in "spp_sfportscan.c"

  [3] PortscanDetect(p = 0xffbff72c), line 681 in "spp_sfportscan.c"

  [4] Preprocess(p = 0xffbff72c), line 137 in "detect.c"

  [5] ProcessPacket(user = (nil), pkthdr = 0xffbffae8, pkt = 0x31794a ""),
line 708 in "snort.c"

  [6] pcap_read_dlpi(0x311e48, 0xffffffff, 0x7b958, 0x0, 0x0, 0xc6503d), at
0x115f5c 

  [7] pcap_loop(0x311e48, 0xffffffff, 0x7b958, 0x0, 0x0, 0xffbffc18), at
0x1172d4 

  [8] InterfaceThread(arg = (nil)), line 1746 in "snort.c"

  [9] SnortMain(argc = 3, argv = 0xffbffd74), line 635 in "snort.c"

  [10] main(argc = 3, argv = 0xffbffd74), line 179 in "snort.c"

(dbx)

 

Thanks,

 

Frank.