Actions
Bug #4134
closedSegmentation fault on rule reload when using libmagic
Affected Versions:
Effort:
medium
Difficulty:
medium
Label:
Description
If libmagic is enabled and there are signature using libmagic, rule reloading causes a segmentation fault on the next file matching the rule.
This is due to an improper reinitialization of the thread contexts.
In attachment there are a sample stack trace and a sample rule file.
Files
Updated by Jeff Lucovsky about 4 years ago
- Copied from Bug #3726: Segmentation fault on rule reload when using libmagic added
Updated by Shivani Bhardwaj about 4 years ago
- Status changed from Assigned to Rejected
This issue is irreproducible on 4.1.x.
I did the following steps:
1. Started suricata in pcap mode on my network interface
2. reloaded rules with suricatasc
3. replayed the pcap using tcpreplay
I tried this on commit ea15282f4 i.e. the commit prior to its fix in master and was able to reproduce the segfault. After including the fix, the segfault disappeared.
On 4.1.x latest, this issue is not reproducible. Rule reload happens fine. No segfault was observed.
Actions