[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robin Sommer reassigned BIT-1361: - Assignee: Robin Sommer New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Assignee: Robin Sommer Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Johanna Amann reassigned BIT-1361: -- Assignee: (was: Johanna Amann) New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Johanna Amann reassigned BIT-1361: -- Assignee: Johanna Amann New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Assignee: Johanna Amann Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=20238#comment-20238 ] Ted Llewellyn commented on BIT-1361: Still running since Wednesday evening (Eastern) with the patch. This appears to be fixed. Thanks, Jon! New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Assignee: Jon Siwek Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jon Siwek updated BIT-1361: --- Status: Merge Request (was: Open) New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=20212#comment-20212 ] Jon Siwek commented on BIT-1361: Mostly I'd just like confirmation the patch seems to fix your problem (in case the pcap I was working from just happened to trigger the same assertion, but in a different way from what you saw). New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ted Llewellyn updated BIT-1361: --- Jon, No problem. The longest it has run before is about 48 hours. It will hit that tomorrow night about 9 pm Eastern. So, it should be safe to say that if it's still running on Monday morning the fix is probably good. Thanks, Ted New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ted Llewellyn updated BIT-1361: --- Comment: was deleted (was: Jon, I think this is something new; I do not remember seeing anything like this in my weird.log before applying the patch: 1427911262.505789 CYEwoB1X7XFyozYsdc 61.240.144.66 6 10.10.32.253 514 binpac exception: out_of_bound: Syslog_Priority:lt: 1 0 - Fbro 1427911263.624456 CCEGxTr3jHEZWIb1k 61.240.144.66 6 10.10.32.250 514 binpac exception: out_of_bound: Syslog_Priority:lt: 1 0 - Fbro 1427911263.847535 C86BvxMqoOeUz1e7e 61.240.144.66 6 10.10.32.245 514 binpac exception: out_of_bound: Syslog_Priority:lt: 1 0 - Fbro 1427911272.856867 CgQRbt3gokYaNcaZth 61.240.144.66 6 10.10.32.252 514 binpac exception: out_of_bound: Syslog_Priority:lt: 1 0 - Fbro Ted ) New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ted Llewellyn updated BIT-1361: --- Jon, I think this is something new; I do not remember seeing anything like this in my weird.log before applying the patch: 1427911262.505789 CYEwoB1X7XFyozYsdc 61.240.144.66 6 10.10.32.253 514 binpac exception: out_of_bound: Syslog_Priority:lt: 1 0 - Fbro 1427911263.624456 CCEGxTr3jHEZWIb1k 61.240.144.66 6 10.10.32.250 514 binpac exception: out_of_bound: Syslog_Priority:lt: 1 0 - Fbro 1427911263.847535 C86BvxMqoOeUz1e7e 61.240.144.66 6 10.10.32.245 514 binpac exception: out_of_bound: Syslog_Priority:lt: 1 0 - Fbro 1427911272.856867 CgQRbt3gokYaNcaZth 61.240.144.66 6 10.10.32.252 514 binpac exception: out_of_bound: Syslog_Priority:lt: 1 0 - Fbro Ted New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=20210#comment-20210 ] Ted Llewellyn commented on BIT-1361: I have rebuilt with Jon's patch for binpac and it's running. Other than not crashing is there anything about the install I should check or output I could send in? Ted New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=20208#comment-20208 ] Ted Llewellyn edited comment on BIT-1361 at 3/31/15 8:09 PM: - Hmmm, that URL is giving me a 403 error when I try to git clone it. It didn't ask me for credentials and I'm using 1.7.10.4, so I'm not sure why. Ted Llewellyn was (Author: llewell): Hmmm, that URL is giving me a 403 error when I try to git clone it. It didn't ask me for credentials and I'm using 1.7.10.4, so I'm not sure why. Ted Llewellyn Sr. Network Planning Engineer VoIP Engineering Frontier Communications 120 Plymouth Ave. N. Rochester, NY 14608 585-413-9743 New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jon Siwek updated BIT-1361: --- Fix Version/s: 2.4 New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=20205#comment-20205 ] Jon Siwek commented on BIT-1361: I have a pcap that reproduces this if anyone wants it let me know. I also started looking at fixing the problem this morning and have a general idea what BinPAC does wrong, but not certain yet what change to do to the code gen. New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=20206#comment-20206 ] Ted Llewellyn commented on BIT-1361: I have attached a backtrace from 3/31/215. New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ted Llewellyn updated BIT-1361: --- Attachment: bro-bt-033115.txt New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=20207#comment-20207 ] Jon Siwek commented on BIT-1361: Ted, want to give the following patch a try? https://github.com/bro/binpac/commit/47333b9be514aeb7c1f8c1463dc40f0157181f60 This is in the topic/jsiwek/bit-1361 branch of the binpac git repository. New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ted Llewellyn updated BIT-1361: --- Never mind, I got it. I'm rebuilding now. Ted New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
[ https://bro-tracker.atlassian.net/browse/BIT-1361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ted Llewellyn updated BIT-1361: --- Hmmm, that URL is giving me a 403 error when I try to git clone it. It didn't ask me for credentials and I'm using 1.7.10.4, so I'm not sure why. Ted Llewellyn Sr. Network Planning Engineer VoIP Engineering Frontier Communications 120 Plymouth Ave. N. Rochester, NY 14608 585-413-9743 New installation of Bro crashes and core dumps with error indicating ssh/binpac --- Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn Labels: binpac, ssh Fix For: 2.4 Attachments: bro-bt-033115.txt diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1361) New installation of Bro crashes and core dumps with error indicating ssh/binpac
Ted Llewellyn created BIT-1361: -- Summary: New installation of Bro crashes and core dumps with error indicating ssh/binpac Key: BIT-1361 URL: https://bro-tracker.atlassian.net/browse/BIT-1361 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: 2.3 Environment: Debian wheezy, Dell 1750 (dual 32-bit Xeon dual-core cpus), capturing on one 100 meg mirrored switch port Reporter: Ted Llewellyn diag results: [BroControl] diag [bro] Bro 2.3-633 Linux 3.2.0-4-686-pae No gdb installed. No reporter.log stderr.log listening on eth1, capture length 8192 bytes bro: /root/bro/build/src/analyzer/protocol/ssh/ssh_pac.cc:1382: int binpac::SSH::SSH2_KEXINIT::Parse(binpac::const_byteptr, binpac::const_byteptr, binpac::SSH::ContextSSH*, int): Assertion `t_dataptr_after_cookie = t_end_of_data' failed. /usr/local/bro/share/broctl/scripts/run-bro: line 100: 10307 Aborted (core dumped) nohup $mybro $@ stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) unlimited virtual memory (kbytes, -v) unlimited core file size (blocks, -c) unlimited .cmdline -i eth1 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site CLUSTER_NODE= .status RUNNING [net_run] No prof.log No packet_filter.log No loaded_scripts.log [BroControl] -- This message was sent by Atlassian JIRA (v6.4-OD-16-006#64014) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
