Project

General

Profile

Actions

Bug #2844

closed

alignment issues in dnp3

Added by Victor Julien almost 6 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Tested on Fedora 29

CC=clang CFLAGS="-g -fno-omit-frame-pointer -fsanitize=undefined -Wunreachable-code -Wno-unused-parameter -Wno-unused-function" ./configure --enable-unittests --enable-lua
[root@14c0a3d278b5 suricata]# UBSAN_OPTIONS="print_stacktrace=1:halt_on_error=1" suricata-verify/run.py dnp3
===> dnp3: FAIL: got exit code 1, expected 0
===> dnp3-dnp3_data-alert: FAIL: got exit code 1, expected 0
===> dnp3-dnp3_func-alert: FAIL: got exit code 1, expected 0

PASSED:  0
FAILED:  3
SKIPPED: 0
[root@14c0a3d278b5 suricata]# /suricata/src/suricata --set classification-file=/suricata/classification.config --set reference-config-file=/suricata/reference.config --init-errors-fatal -l /suricata/suricata-verify/tests/dnp3-dnp3_func-alert/output -c /suricata/suricata-verify/tests/dnp3-dnp3_func-alert/suricata.yaml -r /suricata/suricata-verify/tests/dnp3-dnp3_func-alert/input.pcap -S /suricata/suricata-verify/tests/dnp3-dnp3_func-alert/test.rules
[8503] 21/2/2019 -- 20:59:44 - (suricata.c:1085) <Notice> (LogVersion) -- This is Suricata version 5.0.0-dev (rev 859a0518)
[8503] 21/2/2019 -- 20:59:44 - (util-cpu.c:171) <Info> (UtilCpuPrintSummary) -- CPUs/cores online: 4
[8503] 21/2/2019 -- 20:59:44 - (app-layer-dns-udp.c:419) <Warning> (RegisterDNSUDPParsers) -- [ERRCODE: SC_ERR_DNS_CONFIG(240)] - no DNS UDP config found, enabling DNS detection on port 53.
[8503] 21/2/2019 -- 20:59:44 - (app-layer-dns-tcp.c:726) <Warning> (RegisterDNSTCPParsers) -- [ERRCODE: SC_ERR_DNS_CONFIG(240)] - no DNS TCP config found, enabling DNS detection on port 53.
[8503] 21/2/2019 -- 20:59:44 - (suricata.c:2661) <Info> (PostConfLoadedSetupHostMode) -- No 'host-mode': suricata is in IDS mode, using default setting 'sniffer-only'
[8503] 21/2/2019 -- 20:59:44 - (util-logopenfile.c:501) <Info> (SCConfLogOpenGeneric) -- eve-log output device (regular) initialized: eve.json
[8503] 21/2/2019 -- 20:59:44 - (counters.c:289) <Warning> (StatsInitCtxPostOutput) -- [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
[8503] 21/2/2019 -- 20:59:44 - (util-classification-config.c:370) <Info> (SCClassConfParseFile) -- Added "42" classification types from the classification file
[8503] 21/2/2019 -- 20:59:44 - (util-reference-config.c:352) <Info> (SCRConfParseFile) -- Added "19" reference types from the reference.config file
[8503] 21/2/2019 -- 20:59:44 - (detect-engine-loader.c:351) <Info> (SigLoadSignatures) -- 1 rule files processed. 3 rules successfully loaded, 0 rules failed
[8503] 21/2/2019 -- 20:59:44 - (util-threshold-config.c:248) <Warning> (SCThresholdConfInitContext) -- [ERRCODE: SC_ERR_FOPEN(44)] - Error opening file: "/usr/local/etc/suricata//threshold.config": No such file or directory
[8503] 21/2/2019 -- 20:59:44 - (detect-engine-build.c:1427) <Info> (SigAddressPrepareStage1) -- 3 signatures processed. 0 are IP-only rules, 0 are inspecting packet payload, 3 inspect application layer, 0 are decoder event only
[8517] 21/2/2019 -- 20:59:44 - (source-pcap-file.c:241) <Info> (ReceivePcapFileThreadInit) -- Checking file or directory /suricata/suricata-verify/tests/dnp3-dnp3_func-alert/input.pcap
[8517] 21/2/2019 -- 20:59:44 - (source-pcap-file-directory-helper.c:212) <Info> (PcapDetermineDirectoryOrFile) -- /suricata/suricata-verify/tests/dnp3-dnp3_func-alert/input.pcap: Plain file, not a directory
[8517] 21/2/2019 -- 20:59:44 - (source-pcap-file.c:249) <Info> (ReceivePcapFileThreadInit) -- Argument /suricata/suricata-verify/tests/dnp3-dnp3_func-alert/input.pcap was a file
[8503] 21/2/2019 -- 20:59:44 - (tm-threads.c:2157) <Notice> (TmThreadWaitOnThreadInit) -- all 5 packet processing threads, 2 management threads initialized, engine started.
[8517] 21/2/2019 -- 20:59:44 - (source-pcap-file.c:167) <Info> (ReceivePcapFileLoop) -- Starting file run for /suricata/suricata-verify/tests/dnp3-dnp3_func-alert/input.pcap
[8517] 21/2/2019 -- 20:59:44 - (source-pcap-file-helper.c:149) <Info> (PcapFileDispatch) -- pcap file /suricata/suricata-verify/tests/dnp3-dnp3_func-alert/input.pcap end of file reached (pcap err code 0)
app-layer-dnp3-objects.c:170:12: runtime error: load of misaligned address 0x7fae300f3e0d for type 'uint32_t' (aka 'unsigned int'), which requires 4 byte alignment
0x7fae300f3e0d: note: pointer points here
 00 00 00 02 00 00 00  00 02 00 00 00 00 02 00  00 00 00 02 00 00 00 00  02 00 00 00 00 02 00 00  00
             ^ 
app-layer-dnp3.c:767:33: runtime error: load of misaligned address 0x7fae300f29d7 for type 'uint16_t' (aka 'unsigned short'), which requires 2 byte alignment
0x7fae300f29d7: note: pointer points here
 00 16 01 28 01  00 00 00 01 00 00 00 00  00 00 00 00 00 00 00 00  35 00 00 00 00 00 00 00  00 00 00
             ^ 
app-layer-dnp3-objects.c:113:12: runtime error: load of misaligned address 0x7fae300f29d9 for type 'uint16_t' (aka 'unsigned short'), which requires 2 byte alignment
0x7fae300f29d9: note: pointer points here
 01 28 01  00 00 00 01 00 00 00 00  00 00 00 00 00 00 00 00  35 00 00 00 00 00 00 00  00 00 00 00 00
              ^ 
[8503] 21/2/2019 -- 20:59:44 - (suricata.c:2855) <Notice> (SuricataMainLoop) -- Signal Received.  Stopping engine.
[8503] 21/2/2019 -- 20:59:44 - (suricata.c:1109) <Info> (SCPrintElapsedTime) -- time elapsed 0.047s
[8517] 21/2/2019 -- 20:59:44 - (source-pcap-file.c:383) <Notice> (ReceivePcapFileThreadExitStats) -- Pcap-file module read 1 files, 141 packets, 11066 bytes
[8503] 21/2/2019 -- 20:59:44 - (counters.c:849) <Info> (StatsLogSummary) -- Alerts: 0
[8503] 21/2/2019 -- 20:59:44 - (detect-engine-build.c:1733) <Info> (SigAddressCleanupStage1) -- cleaning up signature grouping structure... complete
[root@14c0a3d278b5 suricata]# 

I don't know how many systems out there still care about misalignment.

Actions #1

Updated by Victor Julien almost 6 years ago

  • Priority changed from Normal to High
  • Target version changed from TBD to 5.0beta1
Actions #2

Updated by Victor Julien over 5 years ago

  • Status changed from Assigned to Closed
  • Priority changed from High to Normal
Actions

Also available in: Atom PDF