[Bro-Dev] [JIRA] (BIT-1176) Using an undefined function in a when statement causes a segfault

Thu, 30 Oct 2014 10:34:44 -0700 

    [ 
https://bro-tracker.atlassian.net/browse/BIT-1176?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18610#comment-18610
 ] 

Jon Siwek commented on BIT-1176:
--------------------------------

What's the expected behavior?

It doesn't look like something easily detected at parse-time, so ideas:

(1) fatal error message at run-time with a core dump should the code ever be 
executed (which may be infrequently if it's buried within complicated logic).

(2) nonfatal error message at run-time, but the when body can still be 
triggered as normal if the RHS is ever assigned a value.

topic/jsiwek/bit-1176 does (2).  If that seems ok, please flip ticket to a 
merge request.

> Using an undefined function in a when statement causes a segfault
> -----------------------------------------------------------------
>
>                 Key: BIT-1176
>                 URL: https://bro-tracker.atlassian.net/browse/BIT-1176
>             Project: Bro Issue Tracker
>          Issue Type: Problem
>          Components: Bro
>    Affects Versions: git/master
>            Reporter: Johanna Amann
>             Fix For: 2.4
>
>         Attachments: crashme.bro
>
>
> Running the following script crashes bro with a null-pointer exception:
> {code:title=crashMe.bro}
> global crashMe: function():string;
> when( local result = crashMe() ) {
>   print result;
> }
> {code}
> Backtrace:
> {code}
> * thread #1: tid = 0x226111, 0x000000010022bddf 
> bro`Val::IsZero(this=0x0000000000000000) const + 15 at Val.cc:323, queue = 
> 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x30)
>     frame #0: 0x000000010022bddf bro`Val::IsZero(this=0x0000000000000000) 
> const + 15 at Val.cc:323
>    320        
>    321        int Val::IsZero() const
>    322                {
> -> 323                switch ( type->InternalType() ) {
>    324                case TYPE_INTERNAL_INT:         return val.int_val == 0;
>    325                case TYPE_INTERNAL_UNSIGNED:    return val.uint_val == 
> 0;
>    326                case TYPE_INTERNAL_DOUBLE:      return val.double_val 
> == 0.0;
> (lldb) bt
> * thread #1: tid = 0x226111, 0x000000010022bddf 
> bro`Val::IsZero(this=0x0000000000000000) const + 15 at Val.cc:323, queue = 
> 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x30)
>   * frame #0: 0x000000010022bddf bro`Val::IsZero(this=0x0000000000000000) 
> const + 15 at Val.cc:323
>     frame #1: 0x000000010020b452 bro`Trigger::Eval(this=0x0000000105d45d60) + 
> 578 at Trigger.cc:209
>     frame #2: 0x000000010020ae95 bro`Trigger(this=0x0000000105d45d60, 
> arg_cond=0x0000000104a00390, arg_body=0x0000000104a00500, 
> arg_timeout_stmts=0x0000000000000000, arg_timeout=0x0000000000000000, 
> arg_frame=0x00007fff5fbfec80, arg_is_return=false, 
> arg_location=0x00000001049fb7a0) + 1285 at Trigger.cc:140
>     frame #3: 0x000000010020a98a bro`Trigger(this=0x0000000105d45d60, 
> arg_cond=0x0000000104a00390, arg_body=0x0000000104a00500, 
> arg_timeout_stmts=0x0000000000000000, arg_timeout=0x0000000000000000, 
> arg_frame=0x00007fff5fbfec80, arg_is_return=false, 
> arg_location=0x00000001049fb7a0) + 106 at Trigger.cc:147
>     frame #4: 0x000000010020566f bro`WhenStmt::Exec(this=0x0000000104a00900, 
> f=0x00007fff5fbfec80, flow=0x00007fff5fbfece8) const + 239 at Stmt.cc:2041
>     frame #5: 0x0000000100203204 bro`StmtList::Exec(this=0x00000001049fbe80, 
> f=0x00007fff5fbfec80, flow=0x00007fff5fbfece8) const + 228 at Stmt.cc:1639
>     frame #6: 0x000000010003d244 bro`main(argc=2, argv=0x00007fff5fbffa40) + 
> 15476 at main.cc:1116
> {code}



--
This message was sent by Atlassian JIRA
(v6.4-OD-07-004#64005)
_______________________________________________
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev

Reply via email to