pending/4600: snort cores with 3.7 and 3.8

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

pending/4600: snort cores with 3.7 and 3.8

jacques brierre
>Number:         4600
>Category:       pending
>Synopsis:       snort cores with bus error in IDS mode
>Confidential:   yes
>Severity:       serious
>Priority:       medium
>Responsible:    bugs
>State:          open
>Quarter:        
>Keywords:      
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Nov 06 06:40:02 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     jacques brierre
>Release:        3.7, 3.8
>Organization:
net
>Environment:
System : OpenBSD 3.8
Architecture: OpenBSD.sparc64
Machine : sparc64
>Description:
Snort Version 2.1.2 (Build 25) works fine in packet logger mode
in IDS mode the following happens:

bash-3.00# ktrace snort -A full -c snort.conf
Running in IDS mode
Log directory = /var/log/snort

Initializing Network Interface hme0

--== Initializing Snort ==--
Initializing Output Plugins!
Decoding Ethernet on interface hme0
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file snort.conf

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
Bus error (core dumped)
bash-3.00#

Package info:
bash-3.00# pkg_add -v
ftp://ftp.openbsd.org/pub/OpenBSD/3.7/packages/sparc64/snort-2.1.2.tgz
parsing snort-2.1.2
Dependencies for snort-2.1.2 resolve to: pcre-4.5
snort-2.1.2: complete
bash-3.00#

>How-To-Repeat:
run in IDS mode with command lines:
snort -A full -c snort.conf
ktrace -dit cinsw snort -A full -c snort.conf
>Fix:
no workaround found... update to 3.8 did not help.

Core dump available...

-------
jacques brierre
[hidden email]


>Release-Note:
>Audit-Trail:
>Unformatted:
 SENDBUG: -*- sendbug -*-
 SENDBUG: Lines starting with `SENDBUG' will be removed automatically, as
 SENDBUG: will all comments (text enclosed in `<' and `>').
 SENDBUG:
 SENDBUG: Choose from the following categories:
 SENDBUG:
 SENDBUG: system user library documentation ports kernel alpha amd64 arm i386
 m68
 k m88k mips ppc sgi sparc sparc64 vax
 SENDBUG:
 SENDBUG:
 To: [hidden email]
 Subject:
 From: root
 Cc:
 Reply-To: root
 X-sendbug-version: 3.97