Reproduceable bug - segfault when using -t as last option and an empty filter
Carter Bullard
carter at qosient.com
Mon Oct 3 11:23:34 EDT 2011
Hey Elof,
Sorry for the delayed response. Yep, found it, fixed it. Will be in argus-clients-3.0.5.20 later today.
It tried to test if the next parameter was a valid time specification or a filter, and didn't bother to
test if it was NULL or not.
Thanks !!!!!!!
Carter
On Sep 26, 2011, at 10:15 AM, elof2 at sentor.se wrote:
>
> The segfault is reproduceable every time and occur both FreeBSD 7.4 i386 and amd64.
>
> ARGUS: Argus Version 3.0.5.5
> RA: Ra Version 3.0.5.19
>
>
> To generate a segfault, simply run a ra-command with a timerange (-t NN)
> option as the last option, then add a trailing dash (-) to separate the commandline options from the bpf-like filter, but add no filter.
>
>
> Three examples:
>
> ra -Zb -nr argus.log -t 15:26:32
> no error, I see lots of output.
>
> ra -Zb -nr argus.log -t 15:26:32 -
> Segmentation fault: 11 (core dumped) <-----
>
> ra -Zb -nr argus.log -t 15:26:32 - not ip
> no error, I see lots of arp and llc packets.
>
>
> My guess is that the trailing dash is interpreted as being part of the -t timerange and not as a delimiter/separator.
>
> /Elof
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4367 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20111003/fa6b8d67/attachment.bin>
More information about the argus
mailing list