Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: snort 3.1.1.0 - Segmentation Fault

From: "Deepak Ramadass Deepak Ramadass \(deramada\) via Snort-devel" <snort-devel () lists snort org>
Date: Fri, 12 Mar 2021 19:41:05 +0000
Hi Ozkan,

Thank you, for reporting the issue.

I’m going to try to reproduce the issue locally, It would be great if you could share the following:

1. snort.lua file (the config file that you are running snort with)
2. The entire snort command (command line options)
3. A sample of the traffic that causes the crash (a pcap would be great)

Thank you,
Deepak
From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of Özkan KIRIK via Snort-devel <snort-devel () 
lists snort org>
Date: Tuesday, March 9, 2021 at 1:26 AM
To: snort-devel () lists snort org <snort-devel () lists snort org>
Subject: [Snort-devel] snort 3.1.1.0 - Segmentation Fault
Hello,

I'm using snort 3.1.1.0 on FreeBSD stable/12 with netmap daq inline.
Snort is going to crash within about 2 hours.
The bug is repeatable but we should wait about 2 hours to repeat.
I compiled snort with debug symbols and binary not stripped.

# file /usr/local/bin/snort
/usr/local/bin/snort: ELF 64-bit LSB executable, x86-64, version 1 (FreeBSD), dynamically linked, interpreter 
/libexec/ld-elf.so.1, FreeBSD-style, with debug_info, not stripped

There was no core file dumped. Output is below.
Additionally, i couldn't get these messages in daemon mode. I think logging in daemon mode should be improved.

Snort (PID 74073) caught fatal signal: SIGSEGV (11)
Version: 3.1.1.0

Backtrace:
  #0 0x7ffffffff003
  #1 0x8010901bf (/lib/libc.so.7 @0x800eed000)
  #2 0x4bc5d8 (/usr/local/bin/snort @0x200000)
  #3 0x4b8eea (/usr/local/bin/snort @0x200000)
  #4 0x4b8dab (/usr/local/bin/snort @0x200000)
  #5 0x37a35f (/usr/local/bin/snort @0x200000)
  #6 0x37a490 (/usr/local/bin/snort @0x200000)
  #7 0x3759b6 (/usr/local/bin/snort @0x200000)
  #8 0x37550c (/usr/local/bin/snort @0x200000)
  #9 0x434a97 (/usr/local/bin/snort @0x200000)
  #10 0x3e2081 (/usr/local/bin/snort @0x200000)
  #11 0x349b90 (/usr/local/bin/snort @0x200000)
  #12 0x3bfa65 (/usr/local/bin/snort @0x200000)
  #13 0x3bf996 (/usr/local/bin/snort @0x200000)
  #14 0x3bfb0f (/usr/local/bin/snort @0x200000)
  #15 0x3c1045 (/usr/local/bin/snort @0x200000)
  #16 0x3c0ad6 (/usr/local/bin/snort @0x200000)
  #17 0x3c0a1d (/usr/local/bin/snort @0x200000)
  #18 0x5559b5 (/usr/local/bin/snort @0x200000)
  #19 0x801466fdc (/lib/libthr.so.3 @0x801458000)
  #20 0x0

= Current DAQ Message (Type 1) =

== Header (48) ==
b24a 4660 0000 0000 1402 0900 0000 0000
3c00 0000 0000 0000 0100 0000 ffff ffff
0000 0000 0000 0000 0000 0000 0000 0000

== Data (60) ==
000c 2964 b208 0050 56a1 a259 0800 4500
0029 f150 4000 8006 c15e 0a0a 320a 0808
0404 cda4 01bb 1468 b75b 2c5f dc4d 5010
2012 a3d1 0000 0000 0000 0000

Segmentation fault

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: