[Oisf-devel] Suricata 1.2.1 + OpenBSD 5.1 = segmentation fault
Henri Wahl
h.wahl at ifw-dresden.de
Thu May 10 08:35:21 UTC 2012
Hi,
I got some more backtrace output:
(gdb) bt full
#0 0x026a3df7 in match () from /usr/local/lib/libpcre.so.2.5
No symbol table info available.
#1 0x026a43b4 in match () from /usr/local/lib/libpcre.so.2.5
No symbol table info available.
#2 0x026abe6b in match () from /usr/local/lib/libpcre.so.2.5
No symbol table info available.
.
.
.
No symbol table info available.
#270 0x026b7a98 in pcre_exec () from /usr/local/lib/libpcre.so.2.5
No symbol table info available.
#271 0x1c0da110 in DetectPcrePayloadMatch (det_ctx=0x8ae01000,
s=0x7d1fde00,
sm=0x88f32ca0, p=0x0, f=0x8367d100,
payload=0x7fc27048 "e;var
c;c=\"sb-\";c+=this.getUserPrefsDialogId();var
i=jQuery(\"#\"+this.getIframeId()).parents(\".containerApplOver\").prev().attr(\"id\");var
e=jQuery(\"#\"+this.getIframeId()).parents(\".containerApplOver\").n"..., payload_len=4024)
at detect-pcre.c:482
ret = 0
ov = {-1, -1, 0, 0, 2091303299, 0 <repeats 12 times>, 503316480,
577369920,
0, 0, 0, 0, 0, -1927018112, 2091303299, -1983759154, 0, 0, 0}
ptr = (
uint8_t *) 0x7fc273f1
"=\"shindig.container.getGadget('+this.id+').handleRemove();return
false;\">Remove</a></li>';if(e!=\"undefined\"&&e!=\"\"&&e!=null){j+='<li><a
href=\"#\" onclick=\"shindig.container.getGadget('+this.id+').moveD"...
len = 3087
pe = (DetectPcreData *) 0x7d857dc0
__FUNCTION__ = "DetectPcrePayloadMatch"
#272 0x1c0a7e26 in DetectEngineContentInspection (de_ctx=0x882a7000,
det_ctx=0x8ae01000, s=0x7d1fde00, sm=0x88f32ca0, f=0x8367d100,
buffer=0x7fc27048 "e;var
c;c=\"sb-\";c+=this.getUserPrefsDialogId();var
i=jQuery(\"#\"+this.getIframeId()).parents(\".containerApplOver\").prev().attr(\"id\");var
e=jQuery(\"#\"+this.getIframeId()).parents(\".containerApplOver\").n"..., buffer_len=4024,
inspection_mode=1 '\001', data=0x0) at
detect-engine-content-inspection.c:355
p = (Packet *) 0x0
pe = (DetectPcreData *) 0x7d857dc0
prev_buffer_offset = 937
prev_offset = 0
r = 0
__FUNCTION__ = "DetectEngineContentInspection"
__func__ = "DetectEngineContentInspection"
#273 0x1c0a7110 in DetectEngineContentInspection (de_ctx=0x882a7000,
det_ctx=0x8ae01000, s=0x7d1fde00, sm=0x88f323c0, f=0x8367d100,
buffer=0x7fc27048 "e;var
c;c=\"sb-\";c+=this.getUserPrefsDialogId();var
i=jQuery(\"#\"+this.getIframeId()).parents(\".containerApplOver\").prev().attr(\"id\");var
e=jQuery(\"#\"+this.getIframeId()).parents(\".containerApplOver\").n"..., buffer_len=4024,
inspection_mode=1 '\001', data=0x0) at
detect-engine-content-inspection.c:298
r = -2050399228
sbuffer = (
uint8_t *) 0x7fc273df "a href=\"#\"
onclick=\"shindig.container.getGadget('+this.id+').handleRemove();return
false;\">Remove</a></li>';if(e!=\"undefined\"&&e!=\"\"&&e!=null){j+='<li><a
href=\"#\" onclick=\"shindig.container.getGadget("...
sbuffer_len = 20
match_offset = 937
depth = 939
prev_offset = 0
prev_buffer_offset = 919
cd = (DetectContentData *) 0x84c92840
found = (
uint8_t *) 0x7fc273ea
"onclick=\"shindig.container.getGadget('+this.id+').handleRemove();return false;\">Remove</a></li>';if(e!=\"undefined\"&&e!=\"\"&&e!=null){j+='<li><a
href=\"#\" onclick=\"shindig.container.getGadget('+this.id+'"...
offset = 919
__FUNCTION__ = "DetectEngineContentInspection"
__func__ = "DetectEngineContentInspection"
#274 0x1c0a7110 in DetectEngineContentInspection (de_ctx=0x882a7000,
det_ctx=0x8ae01000, s=0x7d1fde00, sm=0x88f32e70, f=0x8367d100,
buffer=0x7fc27048 "e;var
c;c=\"sb-\";c+=this.getUserPrefsDialogId();var
i=jQuery(\"#\"+this.getIframeId()).parents(\".containerApplOver\").prev().attr(\"id\");var
e=jQuery(\"#\"+this.getIframeId()).parents(\".containerApplOver\").n"..., buffer_len=4024,
inspection_mode=1 '\001', data=0x0) at
detect-engine-content-inspection.c:298
r = 0
sbuffer = (
uint8_t *) 0x7fc273db "li><a href=\"#\"
onclick=\"shindig.container.getGadget('+this.id+').handleRemove();return
false;\">Remove</a></li>';if(e!=\"undefined\"&&e!=\"\"&&e!=null){j+='<li><a
href=\"#\" onclick=\"shindig.container.getGad"...
sbuffer_len = 3109
match_offset = 919
depth = 4024
prev_offset = 915
prev_buffer_offset = 0
cd = (DetectContentData *) 0x84c92700
found = (
uint8_t *) 0x7fc273de "<a href=\"#\"
onclick=\"shindig.container.getGadget('+this.id+').handleRemove();return
false;\">Remove</a></li>';if(e!=\"undefined\"&&e!=\"\"&&e!=null){j+='<li><a
href=\"#\" onclick=\"shindig.container.getGadget"...
offset = 915
__FUNCTION__ = "DetectEngineContentInspection"
__func__ = "DetectEngineContentInspection"
#275 0x1c0a96b0 in DetectEngineInspectStreamPayload (de_ctx=0x882a7000,
det_ctx=0x8ae01000, s=0x7d1fde00, f=0x8367d100,
payload=0x7fc27048 "e;var
c;c=\"sb-\";c+=this.getUserPrefsDialogId();var
i=jQuery(\"#\"+this.getIframeId()).parents(\".containerApplOver\").prev().attr(\"id\");var
e=jQuery(\"#\"+this.getIframeId()).parents(\".containerApplOver\").n"..., payload_len=4024)
at detect-engine-payload.c:117
r = 0
__FUNCTION__ = "DetectEngineInspectStreamPayload"
#276 0x1c04f06d in SigMatchSignatures (th_v=0x87891b80, de_ctx=0x882a7000,
det_ctx=0x8ae01000, p=0x8ae9e3e0) at detect.c:1566
pmq_idx = 0 '\0'
smsg_inspect = (StreamMsg *) 0x7fc27030
pmatch = 0 '\0'
alert_msg = (StreamMsg *) 0x0
sms_runflags = 7 '\a'
alert_flags = 0 '\0'
alproto = 1
match = 0
fmatch = 0
idx = 9
flags = 8 '\b'
alstate = (void *) 0x0
smsg = (StreamMsg *) 0x7fc27030
s = (Signature *) 0x7d1fde00
sm = (SigMatch *) 0x0
alversion = 37
mask = 3 '\003'
__FUNCTION__ = "SigMatchSignatures"
#277 0x1c050cef in Detect (tv=0x87891b80, p=0x8ae9e3e0, data=0x8ae01000,
pq=0x895c4ca0, postpq=0x0) at detect.c:1830
det_ctx = (DetectEngineThreadCtx *) 0x8ae01000
de_ctx = (DetectEngineCtx *) 0x882a7000
r = 9382357
#278 0x1c1eea4e in TmThreadsSlotVarRun (tv=0x87891b80, p=0x8ae9e3e0,
slot=0x87891500)
at tm-threads.c:479
r = TM_ECODE_OK
s = (TmSlot *) 0x895c4c80
extra_p = (Packet *) 0x8d243788
#279 0x1c1ef431 in TmThreadsSlotVar (td=0x87891b80) at tm-threads.c:689
slot = (TmSlot *) 0x0
tv = (ThreadVars *) 0x87891b80
s = (TmSlot *) 0x87891500
p = (Packet *) 0x8ae9e3e0
run = 1 '\001'
r = TM_ECODE_OK
__FUNCTION__ = "TmThreadsSlotVar"
#280 0x008e9a2e in _thread_start ()
at /usr/src/lib/libpthread/uthread/uthread_create.c:242
curthread = Variable "curthread" is not available.
(gdb)
--
Henri Wahl
IT Department
Leibniz-Institut für Festkörper- u.
Werkstoffforschung Dresden
tel. (03 51) 46 59 - 797
email: h.wahl at ifw-dresden.de
http://www.ifw-dresden.de
Nagios status monitor for your desktop:
http://nagstamon.ifw-dresden.de
IFW Dresden e.V., Helmholtzstraße 20, D-01069 Dresden
VR Dresden Nr. 1369
Vorstand: Prof. Dr. Ludwig Schultz, Dr. h.c. Dipl.-Finw. Rolf Pfrengle
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4719 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20120510/6bce644d/attachment.bin>
More information about the Oisf-devel
mailing list