Bug #4134
closed
Segmentation fault on rule reload when using libmagic
Added by Jeff Lucovsky about 4 years ago.
Updated almost 4 years ago.
Description
If libmagic is enabled and there are signature using libmagic, rule reloading causes a segmentation fault on the next file matching the rule.
This is due to an improper reinitialization of the thread contexts.
In attachment there are a sample stack trace and a sample rule file.
Files
- Copied from Bug #3726: Segmentation fault on rule reload when using libmagic added
- Status changed from Assigned to Rejected
This issue is irreproducible on 4.1.x.
I did the following steps:
1. Started suricata in pcap mode on my network interface
2. reloaded rules with suricatasc
3. replayed the pcap using tcpreplay
I tried this on commit ea15282f4 i.e. the commit prior to its fix in master and was able to reproduce the segfault. After including the fix, the segfault disappeared.
On 4.1.x latest, this issue is not reproducible. Rule reload happens fine. No segfault was observed.
Also available in: Atom
PDF