https://redmine.openinfosecfoundation.org/
https://redmine.openinfosecfoundation.org/favicon.ico?1701117002
2009-12-27T07:03:52Z
Open Information Security Foundation
Suricata - Bug #18: unclear error message when user fails to specify a conf file
https://redmine.openinfosecfoundation.org/issues/18?journal_id=47
2009-12-27T07:03:52Z
Gurvinder Singh
gurvindersinghdahiya@gmail.com
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Assigned</i></li><li><strong>Assignee</strong> changed from <i>OISF Dev</i> to <i>Gurvinder Singh</i></li></ul><p>When we run the engine as</p>
<p>./src/suricata -i wlan0</p>
<p>it causes segv the report is attached.</p>
<p>Starting program: /home/guri/oisf/src/suricata <del>i wlan0<br />[Thread debugging using libthread_db enabled]<br />sc_log_global_log_level: 7<br />sc_lc</del>>log_format: %t - (%f:%l) <%d> (%n) -- <br />SCLogSetOPFilter: filter: <no filter><br />27/11/2009 -- 18:50:15 - (suricata.c:563) <Info> (main) -- preallocating packets... packet size 87460<br />27/11/2009 -- 18:50:15 - (suricata.c:577) <Info> (main) -- preallocating packets... done: total memory 4373000<br />27/11/2009 -- 18:50:15 - (flow.c:373) <Info> (FlowInitConfig) -- initializing flow engine...<br />27/11/2009 -- 18:50:15 - (flow.c:413) <Info> (FlowInitConfig) -- allocated 1835008 bytes of memory for the flow hash... 65536 buckets of size 28<br />27/11/2009 -- 18:50:15 - (flow.c:427) <Info> (FlowInitConfig) -- preallocated 10000 flows of size 140<br />27/11/2009 -- 18:50:15 - (flow.c:429) <Info> (FlowInitConfig) -- flow memory usage: 1835008 bytes, maximum: 33554432<br />27/11/2009 -- 18:50:15 - (suricata.c:594) <Error> (main) -- [ERRCODE: SC_ERR_NO_RULES_LOADED(23)] - Loading signatures failed.</p>
<p>[New Thread 0xb7e546c0 (LWP 28976)]<br />[New Thread 0xb7c92b90 (LWP 28977)]<br />27/11/2009 -- 18:50:15 - (source-pcap.c:175) <Info> (ReceivePcapThreadInit) -- using interface wlan0<br />[New Thread 0xb7491b90 (LWP 28978)]<br />[New Thread 0xb6c90b90 (LWP 28979)]<br />[New Thread 0xb61fab90 (LWP 28980)]<br />[New Thread 0xb59f9b90 (LWP 28981)]<br />[New Thread 0xb51f8b90 (LWP 28982)]<br />[New Thread 0xb49f7b90 (LWP 28983)]<br />[New Thread 0xb41f6b90 (LWP 28984)]<br />[New Thread 0xb39f5b90 (LWP 28985)]<br />[New Thread 0xb31f4b90 (LWP 28986)]<br />[New Thread 0xb29f3b90 (LWP 28987)]<br />[New Thread 0xb21f2b90 (LWP 28988)]<br />[New Thread 0xb19f1b90 (LWP 28989)]<br />[New Thread 0xb11f0b90 (LWP 28990)]<br />[New Thread 0xb09efb90 (LWP 28991)]<br />[New Thread 0xb01eeb90 (LWP 28992)]<br />27/11/2009 -- 18:50:15 - (tm-threads.c:1141) <Info> (TmThreadWaitOnThreadInit) -- all 13 packet processing threads, 3 management threads initialized, engine started.</p>
<p>Program received signal SIGSEGV, Segmentation fault.<br />[Switching to Thread 0xb49f7b90 (LWP 28983)]<br />0x080da59e in HashListTableLookup (ht=0x0, data=0x8b8df18, datalen=0)<br /> at util-hashlist.c:223<br />223 uint32_t hash = ht->Hash(ht, data, datalen);<br />(gdb) bt<br />#0 0x080da59e in HashListTableLookup (ht=0x0, data=0x8b8df18, datalen=0)<br /> at util-hashlist.c:223<br /><a class="issue tracker-1 status-5 priority-4 priority-default closed behind-schedule" title="Bug: within doesn't respect distance while carrying out a match (Closed)" href="https://redmine.openinfosecfoundation.org/issues/1">#1</a> 0x08094aac in IPOnlyMatchPacket (de_ctx=0x8a6a650, io_ctx=0x8a6c6dc, <br /> io_tctx=0x8b8dec0, p=0x84df3a0) at detect-engine-iponly.c:318<br /><a class="issue tracker-2 status-5 priority-3 priority-lowest closed" title="Feature: The engine needs the ability to run in daemon mode. (Closed)" href="https://redmine.openinfosecfoundation.org/issues/2">#2</a> 0x0806d4a6 in SigMatchSignatures (th_v=0x8b8dc88, de_ctx=0x8a6a650, <br /> det_ctx=0x8b8de08, p=0x84df3a0) at detect.c:569<br /><a class="issue tracker-1 status-5 priority-3 priority-lowest closed" title="Bug: pcap_dispatch blocks on exit if no traffic is seen. (Closed)" href="https://redmine.openinfosecfoundation.org/issues/3">#3</a> 0x0806e12c in Detect (tv=0x8b8dc88, p=0x8b8dec0, data=0x8b8df18, <br /> pq=0x8b8dd18) at detect.c:823<br /><a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Bug: DetectBytetestMatch: Error extracting 8 bytes of string data: 0 on web responses (Closed)" href="https://redmine.openinfosecfoundation.org/issues/4">#4</a> 0x080f0e7c in TmThreadsSlot1 (td=0x8b8dc88) at tm-threads.c:325<br /><a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Bug: Multi-line rules do not work in the OISF engine. (Closed)" href="https://redmine.openinfosecfoundation.org/issues/5">#5</a> 0xb80104ff in start_thread () from /lib/tls/i686/cmov/libpthread.so.0<br /><a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Bug: The Logging subsystem does not perform proper bounds checking on msg strings (Closed)" href="https://redmine.openinfosecfoundation.org/issues/6">#6</a> 0xb7f3a49e in clone () from /lib/tls/i686/cmov/libc.so.6<br />(gdb) bt full<br />#0 0x080da59e in HashListTableLookup (ht=0x0, data=0x8b8df18, datalen=0)<br /> at util-hashlist.c:223<br /> hash = <value optimized out><br /> hashbucket = <value optimized out><br /><a class="issue tracker-1 status-5 priority-4 priority-default closed behind-schedule" title="Bug: within doesn't respect distance while carrying out a match (Closed)" href="https://redmine.openinfosecfoundation.org/issues/1">#1</a> 0x08094aac in IPOnlyMatchPacket (de_ctx=0x8a6a650, io_ctx=0x8a6c6dc, <br /> io_tctx=0x8b8dec0, p=0x84df3a0) at detect-engine-iponly.c:318<br /> src = <value optimized out><br /> dst = <value optimized out><br /> u = <value optimized out><br /> idx = <value optimized out><br /><a class="issue tracker-2 status-5 priority-3 priority-lowest closed" title="Feature: The engine needs the ability to run in daemon mode. (Closed)" href="https://redmine.openinfosecfoundation.org/issues/2">#2</a> 0x0806d4a6 in SigMatchSignatures (th_v=0x8b8dc88, de_ctx=0x8a6a650, <br /> det_ctx=0x8b8de08, p=0x84df3a0) at detect.c:569<br /> match = <value optimized out><br /> fmatch = <value optimized out><br /> s = <value optimized out><br /> sm = <value optimized out><br /> idx = <value optimized out><br /> sig = <value optimized out><br /> <i>FUNCTION</i> = "SigMatchSignatures" <br /><a class="issue tracker-1 status-5 priority-3 priority-lowest closed" title="Bug: pcap_dispatch blocks on exit if no traffic is seen. (Closed)" href="https://redmine.openinfosecfoundation.org/issues/3">#3</a> 0x0806e12c in Detect (tv=0x8b8dc88, p=0x8b8dec0, data=0x8b8df18, <br /> pq=0x8b8dd18) at detect.c:823<br /> de_ctx = <value optimized out><br /><a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Bug: DetectBytetestMatch: Error extracting 8 bytes of string data: 0 on web responses (Closed)" href="https://redmine.openinfosecfoundation.org/issues/4">#4</a> 0x080f0e7c in TmThreadsSlot1 (td=0x8b8dc88) at tm-threads.c:325<br />---Type <return> to continue, or q <return> to quit---<br /> s = (Tm1Slot *) 0x8b8dd00<br /> p = (Packet *) 0x84df3a0<br /> r = <value optimized out><br /> <i>FUNCTION</i> = "TmThreadsSlot1" <br /><a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Bug: Multi-line rules do not work in the OISF engine. (Closed)" href="https://redmine.openinfosecfoundation.org/issues/5">#5</a> 0xb80104ff in start_thread () from /lib/tls/i686/cmov/libpthread.so.0<br />No symbol table info available.<br /><a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Bug: The Logging subsystem does not perform proper bounds checking on msg strings (Closed)" href="https://redmine.openinfosecfoundation.org/issues/6">#6</a> 0xb7f3a49e in clone () from /lib/tls/i686/cmov/libc.so.6<br />No symbol table info available.</p>
Suricata - Bug #18: unclear error message when user fails to specify a conf file
https://redmine.openinfosecfoundation.org/issues/18?journal_id=48
2009-12-27T07:56:24Z
Gurvinder Singh
gurvindersinghdahiya@gmail.com
<ul><li><strong>File</strong> <a href="/attachments/41">0001-fixed-bug-18.patch</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/41/0001-fixed-bug-18.patch">0001-fixed-bug-18.patch</a> added</li></ul><p>Here is the patch which fixed the given the issue.</p>
Suricata - Bug #18: unclear error message when user fails to specify a conf file
https://redmine.openinfosecfoundation.org/issues/18?journal_id=50
2009-12-27T09:49:42Z
Victor Julien
victor@inliniac.net
<ul></ul><p>I don't think it's much better now, see:</p>
<ol>
<li>./src/suricata <del>i eth0 -s /home/victor/rules/web-client.rules<br />sc_log_global_log_level: 7<br />sc_lc</del>>log_format: %t - (%f:%l) <%d> (%n) --<br />SCLogSetOPFilter: filter: <no filter><br />27/11/2009 -- 17:07:27 - (suricata.c:425) <Error> (main) -- [ERRCODE: SC_ERR_OPENING_FILE(20)] - Configuration file has not been provided<br />27/11/2009 -- 17:07:27 - (suricata.c:565) <Info> (main) -- preallocating packets... packet size 87480<br />27/11/2009 -- 17:07:27 - (suricata.c:579) <Info> (main) -- preallocating packets... done: total memory 4374000<br />27/11/2009 -- 17:07:27 - (flow.c:373) <Info> (FlowInitConfig) -- initializing flow engine...<br />27/11/2009 -- 17:07:27 - (flow.c:413) <Info> (FlowInitConfig) -- allocated 1835008 bytes of memory for the flow hash... 65536 buckets of size 28<br />27/11/2009 -- 17:07:27 - (flow.c:427) <Info> (FlowInitConfig) -- preallocated 10000 flows of size 140<br />27/11/2009 -- 17:07:27 - (flow.c:429) <Info> (FlowInitConfig) -- flow memory usage: 1835008 bytes, maximum: 33554432<br />27/11/2009 -- 17:07:27 - (suricata.c:599) <Error> (main) -- [ERRCODE: SC_ERR_NO_RULES_LOADED(23)] - Loading signatures failed.<br />27/11/2009 -- 17:07:27 - (source-pcap.c:175) <Info> (ReceivePcapThreadInit) -- using interface eth0<br />27/11/2009 -- 17:07:27 - (tm-threads.c:1141) <Info> (TmThreadWaitOnThreadInit) -- all 13 packet processing threads, 3 management threads initialized, engine started.</li>
</ol>
Suricata - Bug #18: unclear error message when user fails to specify a conf file
https://redmine.openinfosecfoundation.org/issues/18?journal_id=51
2009-12-27T10:09:56Z
Gurvinder Singh
gurvindersinghdahiya@gmail.com
<ul></ul><p>Check the first error in your output</p>
<p>27/11/2009 -- 17:07:27 - (suricata.c:425) <Error> (main) -- [ERRCODE: SC_ERR_OPENING_FILE(20)] - Configuration file has not been provided</p>
<p>the error</p>
<p>27/11/2009 -- 17:07:27 - (suricata.c:599) <Error> (main) -- [ERRCODE: SC_ERR_NO_RULES_LOADED(23)] - Loading signatures failed.</p>
<p>occurs when SigLoadSignatures() failed to load sigs, otherwise if no sig file has been given then error occur as</p>
<p>27/11/2009 -- 21:57:10 - (suricata.c:597) <Error> (main) -- [ERRCODE: SC_ERR_OPENING_FILE(20)] - Signature file has not been provided</p>
Suricata - Bug #18: unclear error message when user fails to specify a conf file
https://redmine.openinfosecfoundation.org/issues/18?journal_id=54
2009-12-27T12:35:21Z
Will Metcalf
william.metcalf@gmail.com
<ul></ul><p>Hmmm I think we should exit immediately following the error line that has to do with the missing configuration file, otherwise I believe it is unclear what the real issue is.</p>
Suricata - Bug #18: unclear error message when user fails to specify a conf file
https://redmine.openinfosecfoundation.org/issues/18?journal_id=81
2009-12-30T19:49:40Z
Gurvinder Singh
gurvindersinghdahiya@gmail.com
<ul><li><strong>Status</strong> changed from <i>Assigned</i> to <i>Closed</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Patch applied</p>
Suricata - Bug #18: unclear error message when user fails to specify a conf file
https://redmine.openinfosecfoundation.org/issues/18?journal_id=13462
2019-09-02T10:43:26Z
Nabil Alaoui
<ul></ul><p>Any updates on this? I see it's been closed but I'm still wondering.</p>
<p>Nabil<br />(edited by Victor Julien to remove self advertisement link)<br />CS Student - Chalmers University of Technology</p>
Suricata - Bug #18: unclear error message when user fails to specify a conf file
https://redmine.openinfosecfoundation.org/issues/18?journal_id=13466
2019-09-02T14:31:10Z
Victor Julien
victor@inliniac.net
<ul></ul><p>Please don't post (off topic) self advertisement links as part of your messages.</p>