Xplico.org
http://forum.xplico.org/

Xplico's dis_tcp_soft.so and other dis_*_*.so crashes
http://forum.xplico.org/viewtopic.php?f=4&t=546
Page 1 of 1

Author:  Matt.Stuart [ Tue Sep 03, 2013 9:55 am ]
Post subject:  Xplico's dis_tcp_soft.so and other dis_*_*.so crashes

Dear guys,
My xplico on a Debian box, arises following logs, and do not work until service restart (that means problem is in dema as a watchdog to run xplico while doesn't able to run it properly).
My xplico version is "xplico 1.0.1".
Before I gonna debug manually and fix it, do you have bugfix or patch to solve the problem or any other advice?

Code:

b7719000-b771a000 rw-p 0001c000 08:01 8257558    /lib/i386-linux-gnu/ld-2.13.so
bf893000-bf8b4000 rw-p 00000000 00:00 0          [stack]


*** glibc detected *** xplico: double free or corruption (!prev): 0x088b1280 ***
======= Backtrace: =========
/lib/i386-linux-gnu/i686/cmov/libc.so.6(+0x70f01)[0xb75eff01]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(+0x72768)[0xb75f1768]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(cfree+0x6d)[0xb75f481d]
xplico(XFree+0x1d)[0x8064918]
xplico(PktFree+0xb9)[0x805f329]
/opt/xplico/bin/modules/dis_udp_grb.so(UdpGrbDissector+0x9ff)[0xb73f09e3]
xplico[0x805ae43]
xplico[0x805f68c]
/lib/i386-linux-gnu/i686/cmov/libpthread.so.0(+0x5c39)[0xb7701c39]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(clone+0x5e)[0xb765478e]
======= Memory map: ========
08048000-0807d000 r-xp 00000000 08:01 16253343   /opt/xplico/bin/xplico
0807d000-0807e000 r--p 00034000 08:01 16253343   /opt/xplico/bin/xplico
0807e000-0807f000 rw-p 00035000 08:01 16253343   /opt/xplico/bin/xplico
0807f000-08081000 rw-p 00000000 00:00 0
0840b000-08950000 rw-p 00000000 00:00 0          [heap]
b536c000-b536d000 ---p 00000000 00:00 0
b536d000-b5391000 rw-p 00000000 00:00 0
b5391000-b5392000 ---p 00000000 00:00 0
b5392000-b53b6000 rw-p 00000000 00:00 0
b53b6000-b53b7000 ---p 00000000 00:00 0
b53b7000-b53db000 rw-p 00000000 00:00 0
b53db000-b53dc000 ---p 00000000 00:00 0
b53dc000-b5400000 rw-p 00000000 00:00 0
b5400000-b545b000 rw-p 00000000 00:00 0
b545b000-b5500000 ---p 00000000 00:00 0
b5502000-b551e000 r-xp 00000000 08:01 8257540    /lib/i386-linux-gnu/libgcc_s.so.1
b551e000-b551f000 rw-p 0001b000 08:01 8257540    /lib/i386-linux-gnu/libgcc_s.so.1
b551f000-b5520000 ---p 00000000 00:00 0

00-b779d000 r-xp 00000000 00:00 0          [vdso]
b779d000-b77b9000 r-xp 00000000 08:01 8257558    /lib/i386-linux-gnu/ld-2.13.so
b77b9000-b77ba000 r--p 0001b000 08:01 8257558    /lib/i386-linux-gnu/ld-2.13.so
b77ba000-b77bb000 rw-p 0001c000 08:01 8257558    /lib/i386-linux-gnu/ld-2.13.so
bff1f000-bff40000 rw-p 00000000 00:00 0          [stack]
deleted for brevity
...
*** glibc detected *** xplico: double free or corruption (!prev): 0x0a2fcf38 ***
======= Backtrace: =========
/lib/i386-linux-gnu/i686/cmov/libc.so.6(+0x70f01)[0xb7603f01]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(+0x72768)[0xb7605768]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(cfree+0x6d)[0xb760881d]
xplico(XFree+0x1d)[0x8064918]
xplico(ProtDelFrame+0xee)[0x805d4ec]
xplico(PktFree+0x29)[0x805f299]
/opt/xplico/bin/modules/dis_tcp_soft.so(+0x2e69)[0xb753ce69]
xplico[0x805bb12]
xplico(ProtDissec+0x117)[0x805c731]
/opt/xplico/bin/modules/cap_rltm_pol.so(+0xff6)[0xb772eff6]
/opt/xplico/bin/modules/cap_rltm_pol.so(CaptDisMain+0x609)[0xb772f723]
xplico(CapMain+0x31)[0x806538c]
xplico(main+0x6de)[0x804e6ea]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xb75a9e46]
xplico[0x804db71]
======= Memory map: ========

Author:  gianluca.costa [ Sat Sep 07, 2013 7:41 am ]
Post subject:  Re: Xplico's dis_tcp_soft.so and other dis_*_*.so crashes

Hi Matt
can you send us the pcap files that generate these bugs? They can be very useful to find and fix the issues.
Do you use Xplico on 64bit?

Thanks.
Gianluca

Author:  Matt.Stuart [ Sun Sep 08, 2013 6:22 am ]
Post subject:  Re: Xplico's dis_tcp_soft.so and other dis_*_*.so crashes

Yes, Sure, I will send PCAPs to you ASAP. I am using Linux 3.2.0-4-686-pae #1 SMP Debian 3.2.41-2 i686 GNU/Linux.

Page 1 of 1 All times are UTC
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/