Project

General

Profile

Actions
Copy link

Bug #33

closed

We should not abort() inside of the stream handler

Added by Will Metcalf almost 15 years ago. Updated almost 15 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
0.8.0
Affected Versions:
Effort:
Difficulty:
Label:

Description

I'm still running into these. Please replace the abort() calls with proper error handling code. The engine should be able to recover from these conditions without completely exiting.

stream-tcp-reassemble.c:266: abort();
stream-tcp-reassemble.c:274: abort();
stream-tcp-reassemble.c:281: abort();
stream-tcp-reassemble.c:1544: abort();

#0 0x00007f52406b54b5 in *GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
in ../nptl/sysdeps/unix/sysv/linux/raise.c
(gdb) bt full
#0 0x00007f52406b54b5 in *_GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
pid = <value optimized out>
selftid = <value optimized out>
#1 0x00007f52406b8f50 in *_GI_abort () at abort.c:92
act = {__sigaction_handler = {sa_handler = 0x4a4578, sa_sigaction = 0x4a4578}, sa_mask = {__val = {139991245879368, 139991222475808, 1540, 139991222476048, 139991245027782, 206158430232, 139991222476064, 139991222475840,
139991244938664, 206158430256, 139991222476088, 139990973066176, 733634176081289574, 7310291573909233726, 8028925695096663399, 140734628222360}}, sa_flags = 1081825523, sa_restorer = 0x4a4320}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007f52406ae481 in *__GI_assert_fail (assertion=0x4a4578 "!(((len + dst_pos) - 1) > dst_seg->payload_len)", file=<value optimized out>, line=1540, function=0x4a4600 "StreamTcpSegmentDataReplace") at assert.c:81
buf = 0x7f523038abc0 "suricata: stream-tcp-reassemble.c:1540: StreamTcpSegmentDataReplace: Assertion `!(((len + dst_pos) - 1) > dst_seg->payload_len)' failed.\n"
#3 0x000000000047e660 in StreamTcpSegmentDataReplace (dst_seg=0x7f5238f3bcd0, src_seg=0x7f5238f3bf10, start_point=4199166194, len=401) at stream-tcp-reassemble.c:1540
seq = 4199166191
s_cnt = 0
dst_pos = 224
PRETTY_FUNCTION = "StreamTcpSegmentDataReplace"
#4 0x000000000047c02d in HandleSegmentStartsBeforeListSegment (stream=0x7f5238dad838, list_seg=0x7f5238e7c3d0, seg=0x7f5238f3bf10, os_policy=0 '\000') at stream-tcp-reassemble.c:659
new_seg = 0x7f5238f3bcd0
copy_len = 401
overlap = 3
packet_length = 404
overlap_point = 4199166191
end_before = 0 '\000'
end_after = 1 '\001'
end_same = 0 '\000'
FUNCTION = "HandleSegmentStartsBeforeListSegment"
#5 0x000000000047ad28 in ReassembleInsertSegment (stream=0x7f5238dad838, seg=0x7f5238f3bf10) at stream-tcp-reassemble.c:353
list_seg = 0x7f5238e7c3d0
os_policy = 0 '\000'
ret_value = 0
return_seg = 0 '\000'
FUNCTION = "ReassembleInsertSegment"
#6 0x000000000047cf3c in StreamTcpReassembleHandleSegmentHandleData (ssn=0x7f5238dad7f0, stream=0x7f5238dad838, p=0x13119e0) at stream-tcp-reassemble.c:1096
seg = 0x7f5238f3bf10
FUNCTION = "StreamTcpReassembleHandleSegmentHandleData"
#7 0x000000000047e3f0 in StreamTcpReassembleHandleSegment (ra_ctx=0x7f5230001120, ssn=0x7f5238dad7f0, stream=0x7f5238dad838, p=0x13119e0) at stream-tcp-reassemble.c:1483
FUNCTION = "StreamTcpReassembleHandleSegment"
#8 0x0000000000477a28 in HandleEstablishedPacketToServer (ssn=0x7f5238dad7f0, p=0x13119e0, stt=0x7f5230000c60) at stream-tcp.c:1219
No locals.
#9 0x0000000000477d60 in StreamTcpPacketStateEstablished (tv=0x476ef10, p=0x13119e0, stt=0x7f5230000c60, ssn=0x7f5238dad7f0) at stream-tcp.c:1368
No locals.
#10 0x0000000000479bc0 in StreamTcpPacket (tv=0x476ef10, p=0x13119e0, stt=0x7f5230000c60) at stream-tcp.c:2267
ssn = 0x7f5238dad7f0
#11 0x0000000000479d91 in StreamTcp (tv=0x476ef10, p=0x13119e0, data=0x7f5230000c60, pq=0x4960790) at stream-tcp.c:2322
stt = 0x7f5230000c60
ret = TM_ECODE_OK
#12 0x000000000046bd1b in TmThreadsSlot1 (td=0x476ef10) at tm-threads.c:325
tv = 0x476ef10
s = 0x4960760
p = 0x13119e0
run = 1 '\001'
r = TM_ECODE_OK
#13 0x00007f5240e46a04 in start_thread (arg=<value optimized out>) at pthread_create.c:300
__res = <value optimized out>
pd = 0x7f523f167910
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139991222483216, 3323098325093423544, 140734628211648, 0, 0, 3, 3406275490480940616, -3406263275313718856}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {
prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <value optimized out>
---Type <return> to continue, or q <return> to quit--
robust = <value optimized out>
#14 0x00007f52407617bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
No locals.
#15 0x0000000000000000 in ?? ()

Actions
Copy link
 #1

Updated by Victor Julien almost 15 years ago

  • Assignee changed from OISF Dev to Victor Julien
Actions
Copy link
 #2

Updated by Victor Julien almost 15 years ago

  • Status changed from New to Closed

Fixed by current master.

Actions
Copy link

Also available in: Atom PDF