Actions
Bug #1070
closedmaster-2013-12-02: SEGV in conf-yaml-loader.c: parent node not defined
Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:
Description
Solaris 11 x86
Sun Studio Compiler
YAML parser verifys the version is OK, then on the first non-comment line it crashes:
%YAML 1.1
---
# Suricata configuration file. In addition to the comments describing all
# options in this file, full documentation can be found at:
# https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricatayaml
# Number of packets allowed to be processed simultaneously. Default is a
# conservative 1024. A higher number will make sure CPU's/CPU cores will be
# more easily kept busy, but may negatively impact caching.
#
# If you are using the CUDA pattern matcher (b2g_cuda below), different rules
# apply. In that case try something like 4000 or more. This is because the CUDA
# pattern matcher scans many packets in parallel.
max-pending-packets: 8192
t@1 (l@1) signal SEGV (no mapping at the fault address) in ConfYamlParse at line 233 in file "conf-yaml-loader.c"
233 if (parent->is_seq) {
(dbx) where
current thread: t@1
=>[1] ConfYamlParse(parser = 0xfeffd5c0, parent = (nil), inseq = 0), line 233 in "conf-yaml-loader.c"
[2] ConfYamlParse(parser = 0xfeffd5c0, parent = (nil), inseq = 0), line 307 in "conf-yaml-loader.c"
[3] ConfYamlLoadFile(filename = 0xfeffe9fb "/apps/ids/suricata/conf/suricata.yaml"), line 380 in "conf-yaml-loader.c"
[4] LoadYamlConfig(conf_filename = 0xfeffe9fb "/apps/ids/suricata/conf/suricata.yaml"), line 818 in "suricata.c"
[5] main(argc = 19, argv = 0xfeffe870), line 2033 in "suricata.c"
(dbx) dump
n0 = (nil)
tag = (nil)
value = 0xa243418 "max-pending-packets"
event = RECORD
seq_idx = 0
done = 0
node = (nil)
parent = (nil)
inseq = 0
parser = 0xfeffd5b0
__FUNCTION__ = "ConfYamlParse"
state = 0
(dbx) print event
event = {
type = YAML_SCALAR_EVENT
data = {
stream_start = {
encoding = YAML_ANY_ENCODING
}
document_start = {
version_directive = (nil)
tag_directives = {
start = (nil)
end = 0xa243418
}
implicit = 19
}
document_end = {
implicit = 0
}
alias = {
anchor = (nil)
}
scalar = {
anchor = (nil)
tag = (nil)
value = 0xa243418 "max-pending-packets"
length = 19U
plain_implicit = 1
quoted_implicit = 0
style = YAML_PLAIN_SCALAR_STYLE
}
sequence_start = {
anchor = (nil)
tag = (nil)
implicit = 170144792
style = <unknown enum member 19>
}
mapping_start = {
anchor = (nil)
tag = (nil)
implicit = 170144792
style = <unknown enum member 19>
}
}
start_mark = {
index = 651U
line = 15U
column = 0
}
end_mark = {
index = 670U
line = 15U
column = 19U
}
}
(dbx) print *parser
*parser = {
error = YAML_NO_ERROR
problem = (nil)
problem_offset = 0
problem_value = 0
problem_mark = {
index = 0
line = 0
column = 0
}
context = (nil)
context_mark = {
index = 0
line = 0
column = 0
}
read_handler = 0xfe4f49f0 = &`libyaml-0.so.2.0.2`api.c`yaml_file_read_handler(void *data, unsigned char *buffer, size_t size, size_t *size_read)
read_handler_data = 0xfeffd5b0
input = {
string = {
start = 0x9db67f0 "ßZ"
end = (nil)
current = (nil)
}
file = 0x9db67f0
}
eof = 0
buffer = {
start = 0xa24bb58 "%YAML 1.1\n---\n\n# Suricata configuration file. In addition to the comments describing all\n# options in this file, full documentation can be found at:\n# https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricatayaml\n\n\n# Number of packets allowed to be processed simultaneously. Default is a\n# conservative 1024. A higher number will make sure CPU's/CPU cores will be\n# more easily kept busy, but may negatively impact caching.\n#\n# If you are using the CUDA pattern matcher (b2g_cuda below), differe" ... use -L option to see the whole string
end = 0xa257b58 "\x81^B"
pointer = 0xa24bdf7 " 8192\n\n# Runmode the engine should use. Please check --list-runmodes to get the available\n# runmodes for each packet acquisition method. Defaults to "autofp" (auto flow pinned\n# load balancing).\n# runmode: autofp\nrunmode: workers\n\n# Specifies the kind of flow load balancer used by the flow pinned autofp mode.\n#\n# Supported schedulers are:\n#\n# round-robin - Flows assigned to threads in a round robin fashion.\n# active-packets - Flows assigned to threads that have the lowest number of\n# " ... use -L option to see the whole string
last = 0xa24fb58 ""
}
unread = 15711U
raw_buffer = {
start = 0xa247b50 "%YAML 1.1\n---\n\n# Suricata configuration file. In addition to the comments describing all\n# options in this file, full documentation can be found at:\n# https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricatayaml\n\n\n# Number of packets allowed to be processed simultaneously. Default is a\n# conservative 1024. A higher number will make sure CPU's/CPU cores will be\n# more easily kept busy, but may negatively impact caching.\n#\n# If you are using the CUDA pattern matcher (b2g_cuda below), differe" ... use -L option to see the whole string
end = 0xa24bb50 "^AÀ"
pointer = 0xa24bb50 "^AÀ"
last = 0xa24bb50 "^AÀ"
}
encoding = YAML_UTF8_ENCODING
offset = 16384U
mark = {
index = 671U
line = 15U
column = 20U
}
stream_start_produced = 1
stream_end_produced = 0
flow_level = 0
tokens = {
start = 0xa257b60
end = 0xa257de0
head = 0xa257c50
tail = 0xa257c78
}
tokens_parsed = 6U
token_available = 0
indents = {
start = 0xa257de8
end = 0xa257e28
top = 0xa257dec
}
indent = 0
simple_key_allowed = 0
simple_keys = {
start = 0xa257e30
end = 0xa257fb0
top = 0xa257e48
}
states = {
start = 0xa257fb8
end = 0xa257ff8
top = 0xa257fbc
}
state = YAML_PARSE_BLOCK_MAPPING_VALUE_STATE
marks = {
start = 0xa258000
end = 0xa2580c0
top = 0xa25800c
}
tag_directives = {
start = 0xa2580c8
end = 0xa258148
top = 0xa2580d8
}
aliases = {
start = (nil)
end = (nil)
top = (nil)
}
document = (nil)
}
Actions