> 17 окт. 2017 г., в 1:14, Stuart Henderson <s...@spacehopper.org> написал(а):
>
> On 2017/10/16 11:54, kasak wrote:
>>
>>> 13 окт. 2017 г., в 18:39, Stuart Henderson <s...@spacehopper.org>
>>> написал(а):
>>>
>>> On 2017/10/13 13:49, Stuart Henderson wrote:
>>>> Thanks. So looking at this and the source code, it shows it is using
>>>> strchr()
>>>> to look for the position of a space character in the payload data. But the
>>>> str*
>>>> functions expect a NUL-terminated string, and the string here is not, so
>>>> strchr
>>>> searches beyond the end of the payload, looking for either a NUL or a
>>>> space.
>>>>
>>>> This code hasn't changed in 3.0, so the problem will still exist there.
>>>>
>>>> I have created an issue upstream:
>>>> https://github.com/ntop/ntopng/issues/1518
>>>>
>>>
>>> Upstream have committed a fix to their repository, which I have
>>> applied to the ports tree.
>>>
>>> If you don't have the ports tree on your system already, follow "Getting
>>> the ports and xenocara trees" on https://www.openbsd.org/anoncvs.html
>>> (I have committed it to the -current and 6.2-stable branches).
>>>
>>> Before building, "pkg_add libtool autoconf%2.69 automake%1.15 gmake"
>>> to save time building dependencies, then "cd /usr/ports/net/ntopng &&
>>> make package && doas make update".
>>>
>>> Alternatively if you use -current snapshots it will show up in the
>>> binary packages in a few days.
>>>
>>
>> Hello again! I just built port and start testing it again,
>> This time it crashed with this:
>>
>> Program received signal SIGSEGV, Segmentation fault.
>> [Switching to thread 118222]
>> 0x000006de1f6a6397 in ndpi_search_bgp () from /usr/local/bin/ntopng
>> Current language: auto; currently minimal
>>
>> Here is bt full:
>>
>> #0 0x000006de1f6a6397 in ndpi_search_bgp () from /usr/local/bin/ntopng
>> No symbol table info available.
>> #1 0x000006de1f6a210b in check_ndpi_tcp_flow_func ()
>> from /usr/local/bin/ntopng
>> No symbol table info available.
>
> Are you able to rebuild the port with debug symbols?
>
> make clean=all
> make DEBUG=-g repackage reinstall
>
> Hopefully there will be some more information in the backtrace next time
> it crashes. With a bit of luck, line numbers and more information about
> variables.
>
> If you get the same crash, do 'p packet' as well as the 'bt full'.
>
>
>> #2 0x000006de1f6a2f68 in ndpi_detection_process_packet ()
>> from /usr/local/bin/ntopng
>> No symbol table info available.
>> #3 0x000006de1f64c50e in NetworkInterface::processPacket (
>> this=0x6e0d1b8a1d0, when=0x6e1011b07e8, time=1508133385021,
>> eth=0x6e0b51f0fbe, vlan_id=0, iph=0x6e0b51f0fcc, ip6=0x0, ipsize=46,
>> rawsize=60, h=0x6e1011b07e8, packet=0x6e0b51f0fbe "",
>> shaped=0x6e04d0b714d, ndpiProtocol=0x6e04d0b714e)
>> at src/NetworkInterface.cpp:897
>> ndpi_flow = (ndpi_flow_struct *) 0x6e0bf67d800
>> cli = (struct ndpi_id_struct *) 0x6e09236df00
>> srv = (struct ndpi_id_struct *) 0x6e107270c00
>> src2dst_direction = true
>> l4_proto = 6 '\006'
>> flow = (class Flow *) 0x6e09f185c00
>> eth_src = (u_int8_t *) 0x6e0b51f0fc4 "T\004??\033?\b"
>> eth_dst = (u_int8_t *) 0x6e0b51f0fbe ""
>> src_ip = {addr = {ipVersion = 4 '\004', localHost = 0 '\0',
>> privateIP = 1 '\001', multicastIP = 0 '\0', broadcastIP = 0 '\0',
>> notUsed = 0 '\0', ipType = {ipv6 = {u6_addr = {
>> u6_addr8 = 0x6e04d0b6d0c "??\003?", u6_addr16 = 0x6e04d0b6d0c,
>> u6_addr32 = 0x6e04d0b6d0c}}, ipv4 = 3523455168}},
>> ip_key = 3232236498}
>> dst_ip = {addr = {ipVersion = 4 '\004', localHost = 0 '\0',
>> privateIP = 0 '\0', multicastIP = 0 '\0', broadcastIP = 0 '\0',
>> notUsed = 0 '\0', ipType = {ipv6 = {u6_addr = {
>> u6_addr8 = 0x6e04d0b6cf4 "??p\v", u6_addr16 = 0x6e04d0b6cf4,
>> u6_addr32 = 0x6e04d0b6cf4}}, ipv4 = 191949268}},
>> ip_key = 3572068363}
>> src_port = 24282
>> dst_port = 36608
>> payload_len = 6
>> tcph = (ndpi_tcphdr *) 0x6e0b51f0fe0
>> udph = (ndpi_udphdr *) 0x0
>> l4_packet_len = 26
>> l4 = (u_int8_t *) 0x6e0b51f0fe0 "?^"
>> tcp_flags = 24 '\030'
>> payload = (u_int8_t *) 0x6e0b51f0ff4 "DONE\r\n"
>> ip = (u_int8_t *) 0x6e0b51f0fcc "E"
>> is_fragment = false
>> new_flow = true
>> pass_verdict = true
>> a_shaper_id = 0
>> b_shaper_id = 0
>> #4 0x000006de1f64e81d in NetworkInterface::dissectPacket (
>> this=0x6e0d1b8a1d0, h=0x6e1011b07e8, packet=0x6e0b51f0fbe "",
>> shaped=0x6e04d0b714d, ndpiProtocol=0x6e04d0b714e)
>> at src/NetworkInterface.cpp:1403
>> frag_off = 16384
>> iph = (ndpi_iphdr *) 0x6e0b51f0fcc
>> ip6 = (ndpi_ipv6hdr *) 0x0
>> ba = (class std::bad_alloc &) @0x6e049dfaa20: {<std::exception> = {
>> _vptr$exception = 0x6e085c1eec0}, <No data fields>}
>> srcHost = (class Host *) 0x6e1094ca000
>> dstHost = (class Host *) 0x6e078b60000
>> lasttime = 1508133385021
>> oom_warning_sent = false
>> oom_warning_sent = false
>> ethernet = (ndpi_ethhdr *) 0x6e0b51f0fbe
>> dummy_ethernet = {h_dest = 0x6e04d0b7050 "\200p\vM?\006",
>> h_source = 0x6e04d0b7056 "", h_proto = 1760}
>> ---Type <return> to continue, or q <return> to quit---
>> time = 1508133385021
>> eth_type = 2048
>> ip_offset = 14
>> vlan_id = 0
>> eth_offset = 0
>> null_type = 2515945984
>> pcap_datalink_type = 1
>> pass_verdict = true
>> #5 0x000006de1f602e3b in _ZL14packetPollLoopPv (ptr=0x6e0d1b8a1d0)
>> at src/PcapInterface.cpp:187
>> p = 37
>> shaped = false
>> pkt = (const u_char *) 0x6e0b51f0fbe ""
>> hdr = (pcap_pkthdr *) 0x6e1011b07e8
>> rc = 1
>> iface = (PcapInterface *) 0x6e0d1b8a1d0
>> pd = (pcap_t *) 0x6e1011b0600
>> pcap_list = (FILE *) 0x0
>> #6 0x000006e042a33cae in _rthread_start (v=Variable "v" is not available.
>> )
>> at /usr/src/lib/librthread/rthread.c:96
>> retval = (void *) 0x6e0b51f0ff4
>> #7 0x000006e07a1bce0b in __tfork_thread ()
>> at /usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:75
>> No locals.
>> #8 0x0000000000000000 in ?? ()
>> No symbol table info available.
Here it is:
Program received signal SIGSEGV, Segmentation fault.
[Switching to thread 246575]
ndpi_search_bgp (ndpi_struct=0xa1853e43000, flow=0xa18de6fa800) at
protocols/bgp.c:43
43 && ((packet->tcp->dest == bgp_port) || (packet->tcp->source ==
bgp_port))
Current language: auto; currently minimal
(gdb) bt full
#0 ndpi_search_bgp (ndpi_struct=0xa1853e43000, flow=0xa18de6fa800) at
protocols/bgp.c:43
No locals.
#1 0x00000a1616ea210b in check_ndpi_tcp_flow_func (ndpi_struct=0xa1853e43000,
flow=0xa18de6fa800, ndpi_selection_packet=0xa189424b5c0) at ndpi_main.c:3148
proto_id = Variable "proto_id" is not available.
(gdb) p packet
No symbol "packet" in current context.
Does this look like this: https://github.com/ntop/nDPI/issues/181
<https://github.com/ntop/nDPI/issues/181> ? Or it is something else?
