Actions
Bug #1848
closedcrash if disk is full
Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:
Description
[32683] 15/7/2016 -- 09:24:36 - (suricata.c:2644) <Notice> (main) -- Signature(s) loaded, Detect thread(s) activated.
[32686] 20/7/2016 -- 00:00:00 - (log-pcap.c:301) <Info> (PcapLogOpenHandles) -- Error opening dump file /nsm_data/c2758/dailylogs/2016-07-20/snort.log.1468965600: No such file or directory
[3022] 20/7/2016 -- 00:00:01 - (log-pcap.c:301) <Info> (PcapLogOpenHandles) -- Error opening dump file /nsm_data/c2758/dailylogs/2016-07-20/snort.log.1468965600: No such file or directory
[32690] 20/7/2016 -- 00:00:01 - (log-pcap.c:301) <Info> (PcapLogOpenHandles) -- Error opening dump file /nsm_data/c2758/dailylogs/2016-07-20/snort.log.1468965600: No such file or directory
[32691] 20/7/2016 -- 00:00:02 - (log-pcap.c:301) <Info> (PcapLogOpenHandles) -- Error opening dump file /nsm_data/c2758/dailylogs/2016-07-20/snort.log.1468965600: No such file or directory
[32685] 20/7/2016 -- 00:00:03 - (log-pcap.c:301) <Info> (PcapLogOpenHandles) -- Error opening dump file /nsm_data/c2758/dailylogs/2016-07-20/snort.log.1468965600: No such file or directory
[32688] 20/7/2016 -- 00:00:03 - (log-pcap.c:301) <Info> (PcapLogOpenHandles) -- Error opening dump file /nsm_data/c2758/dailylogs/2016-07-20/snort.log.1468965600: No such file or directory
=================================================================
==32683==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6310008fb810 at pc 0x0000004bf98e bp 0x7f828bce6930 sp 0x7f828bce6920
READ of size 8 at 0x6310008fb810 thread T14 (CS)
#0 0x4bf98d in StatsOutput /home/victor/dev/suricata/src/counters.c:732
#1 0x4bc872 in StatsMgmtThread /home/victor/dev/suricata/src/counters.c:385
#2 0x7f8297bbf6f9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76f9)
#3 0x7f8296d33b5c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x106b5c)
0x6310008fb810 is located 4624 bytes to the right of 73216-byte region [0x6310008e8800,0x6310008fa600)
allocated by thread T14 (CS) here:
#0 0x7f82995856e9 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x986e9)
#1 0x4be62b in StatsOutput /home/victor/dev/suricata/src/counters.c:628
#2 0x4bc872 in StatsMgmtThread /home/victor/dev/suricata/src/counters.c:385
#3 0x7f8297bbf6f9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76f9)
Thread T14 (CS) created by T0 (Suricata-Main) here:
#0 0x7f8299523253 in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x36253)
#1 0x7d5333 in TmThreadSpawn /home/victor/dev/suricata/src/tm-threads.c:1855
#2 0x4c0d85 in StatsSpawnThreads /home/victor/dev/suricata/src/counters.c:870
#3 0x7c00f6 in main /home/victor/dev/suricata/src/suricata.c:2619
#4 0x7f8296c4d82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/victor/dev/suricata/src/counters.c:732 StatsOutput
Shadow bytes around the buggy address:
0x0c62801176b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c62801176c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c62801176d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c62801176e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c62801176f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c6280117700: fa fa[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c6280117710: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c6280117720: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c6280117730: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c6280117740: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c6280117750: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==32683==ABORTING
Updated by Andreas Herz over 9 years ago
- Assignee set to Victor Julien
- Target version set to TBD
Is this also related to #1817 at least similar?
Updated by Victor Julien over 7 years ago
- Related to Bug #1817: Suricata 3.1RC1 crashing added
Updated by Victor Julien over 6 years ago
- Assignee set to OISF Dev
- Target version changed from TBD to 70
Updated by Victor Julien about 6 years ago
- Related to Task #2278: tracking: failing better added
Updated by Victor Julien over 5 years ago
- Status changed from New to Closed
- Assignee deleted (
OISF Dev) - Target version deleted (
70)
I haven't seen this anymore in a long time, despite quite a few tests with disks filling up.
Actions