Actions
Bug #2615
closedprocessing of nonexistent pcap
Affected Versions:
Effort:
Difficulty:
Label:
Description
If a nonexistent pcap is passed to Suricata - it seems it is not handled properly.
sudo LSAN_OPTIONS=suppressions=/home/pevma/Work/Suricata/suricomp/suricata/qa/lsan.suppress ASAN_SYMBOLIZER_PATH=/usr/lib/llvm-6.0/bin/llvm-symbolizer /opt/suricata-asan/bin/suricata -S /dev/null -r mychemicalromance -l locallog/ [16347] 7/9/2018 -- 15:37:44 - (suricata.c:1084) <Notice> (LogVersion) -- This is Suricata version 4.1.0-dev (rev 0f1c8711) [16348] 7/9/2018 -- 15:37:45 - (source-pcap-file-directory-helper.c:203) <Error> (PcapDetermineDirectoryOrFile) -- [ERRCODE: SC_ERR_FOPEN(44)] - mychemicalromance: Does not exist, or name is an empty string [16347] 7/9/2018 -- 15:37:45 - (tm-threads.c:2127) <Error> (TmThreadWaitOnThreadInit) -- [ERRCODE: SC_ERR_THREAD_INIT(49)] - thread "RX#01" failed to initialize: flags 0145 [16347] 7/9/2018 -- 15:37:45 - (suricata.c:2999) <Error> (main) -- [ERRCODE: SC_ERR_INITIALIZATION(45)] - Engine initialization failed, aborting... ================================================================= ==16347==ERROR: LeakSanitizer: detected memory leaks Direct leak of 2458 byte(s) in 1 object(s) allocated from: #0 0x4ea760 in __interceptor_malloc (/opt/suricata-asan/bin/suricata+0x4ea760) #1 0x9016d1 in PacketGetFromAlloc /home/pevma/Work/Suricata/suricomp/suricata/src/decode.c:131:17 #2 0x17fd05d in PacketPoolInit /home/pevma/Work/Suricata/suricomp/suricata/src/tmqh-packetpool.c:390:21 #3 0x181324a in TmThreadsSlotPktAcqLoop /home/pevma/Work/Suricata/suricomp/suricata/src/tm-threads.c:292:5 #4 0x7fdfaf42af29 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7f29) Direct leak of 72 byte(s) in 1 object(s) allocated from: #0 0x4ea988 in calloc (/opt/suricata-asan/bin/suricata+0x4ea988) #1 0x7fdfae386171 (/usr/lib/x86_64-linux-gnu/libnss3.so+0x7e171) Indirect leak of 2514534 byte(s) in 1023 object(s) allocated from: #0 0x4ea760 in __interceptor_malloc (/opt/suricata-asan/bin/suricata+0x4ea760) #1 0x9016d1 in PacketGetFromAlloc /home/pevma/Work/Suricata/suricomp/suricata/src/decode.c:131:17 #2 0x17fd05d in PacketPoolInit /home/pevma/Work/Suricata/suricomp/suricata/src/tmqh-packetpool.c:390:21 #3 0x181324a in TmThreadsSlotPktAcqLoop /home/pevma/Work/Suricata/suricomp/suricata/src/tm-threads.c:292:5 #4 0x7fdfaf42af29 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7f29) SUMMARY: AddressSanitizer: 2517064 byte(s) leaked in 1025 allocation(s).
Updated by Victor Julien over 6 years ago
- Status changed from New to Assigned
- Assignee set to Danny Browning
- Target version set to 70
Danny are you interested in having a look? I think in this case simply checking for the file location when we're parsing commandline args instead of during capture thread spawn would be easiest.
Updated by Danny Browning over 6 years ago
- Status changed from Assigned to Feedback
- Assignee changed from Danny Browning to Peter Manev
Updated by Peter Manev over 6 years ago
Working as expected when the pcap doesn't exist - errors out right away with a message -
[7331] 18/9/2018 -- 22:35:18 - (suricata.c:2035) <Error> (ParseCommandLine) -- [ERRCODE: SC_ERR_INITIALIZATION(45)] - ERROR: Pcap file does not exist
Updated by Victor Julien about 6 years ago
- Status changed from Feedback to Closed
- Assignee changed from Peter Manev to Danny Browning
- Target version changed from 70 to 4.1rc2
Actions