[Oisf-devel] Suricata latest git version: core dump.

Marcos Rodriguez marcos.e.rodriguez at gmail.com
Mon Apr 23 14:26:49 UTC 2012

Hi Everyone,

I just got a core dump with Suricata during testing.  I have attached the
backtrace and I have a core file, but it's 11GB!  :o)

I'm using the latest development version, and am running on RHEL 5.7 with a
DAG 7.5G4.  I only have one rule enabled, and Suricata's snarfing files
like crazy (good thing).

alert http any any -> any any (msg: "EXE Detected over HTTP 1";
filemagic:"executable for MS Windows"; fileext:"exe"; filestore; sid:
2000000; rev:1;)

I'm sure I'm missing something, but please let me know if you need
additional data.   Anything you want me to do with the core file, just let
me know.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20120423/356a9401/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: marcos_suricata_backtrace
Type: application/octet-stream
Size: 9100 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20120423/356a9401/attachment.obj>

More information about the Oisf-devel mailing list