pending/4600: snort cores with 3.7 and 3.8

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

pending/4600: snort cores with 3.7 and 3.8

jacques brierre
>Number:         4600
>Category:       pending
>Synopsis:       snort cores with bus error in IDS mode
>Confidential:   yes
>Severity:       serious
>Priority:       medium
>Responsible:    bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Nov 06 06:40:02 GMT 2005
>Originator:     jacques brierre
>Release:        3.7, 3.8
System : OpenBSD 3.8
Architecture: OpenBSD.sparc64
Machine : sparc64
Snort Version 2.1.2 (Build 25) works fine in packet logger mode
in IDS mode the following happens:

bash-3.00# ktrace snort -A full -c snort.conf
Running in IDS mode
Log directory = /var/log/snort

Initializing Network Interface hme0

--== Initializing Snort ==--
Initializing Output Plugins!
Decoding Ethernet on interface hme0
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file snort.conf

Initializing rule chains...
Bus error (core dumped)

Package info:
bash-3.00# pkg_add -v
parsing snort-2.1.2
Dependencies for snort-2.1.2 resolve to: pcre-4.5
snort-2.1.2: complete

run in IDS mode with command lines:
snort -A full -c snort.conf
ktrace -dit cinsw snort -A full -c snort.conf
no workaround found... update to 3.8 did not help.

Core dump available...

jacques brierre
[hidden email]

 SENDBUG: -*- sendbug -*-
 SENDBUG: Lines starting with `SENDBUG' will be removed automatically, as
 SENDBUG: will all comments (text enclosed in `<' and `>').
 SENDBUG: Choose from the following categories:
 SENDBUG: system user library documentation ports kernel alpha amd64 arm i386
 k m88k mips ppc sgi sparc sparc64 vax
 To: [hidden email]
 From: root
 Reply-To: root
 X-sendbug-version: 3.97