[tcpdump-workers] segfault on fedora core 4

Wed, 09 Nov 2005 10:50:18 -0800 

Hi,

I ran into an issue using libpcap and tcpdump. 

Whenever I enter a filter tcpdump segfaults:

i.e.: 
works fine :
#tcpdump  

segfault 
#tcpdump port 80 

tcpdump included with fc4 works fine 
(tcpdump version 3.8 libpcap version 0.8.3 )

However, I tried compiling 
libpcap 0.8.3 0.9.4 -current (libpcap-2005.10.09) 
tcpdump 3.8.3 3.9.4 -current (tcpdump-2005.10.09) 

All those fail at the same place in optimize.c. 

I added a bunch of checks for null pointers and managed to get
everything compiled and running. 

Anyone else stumbled into this? 

uname -a 
Linux new_tornado 2.6.12-1.1456_FC4smp #1 SMP Thu Sep 22 02:22:14 EDT
2005 i686 athlon i386 GNU/Linux

gcc --version 
gcc (GCC) 4.0.1 20050727 (Red Hat 4.0.1-5)
Copyright (C) 2005 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is
NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.


Thanks for your time. 

Attached is a patch to optimize.c against libpcap-current (2005.10.09).

Louis-Michel Gelinas


--- libpcap-2005.10.09/optimize.c	2005-07-31 13:58:24.000000000 -0400
+++ libpcap-2005.10.09.patched/optimize.c	2005-11-09 19:28:16.000000000 -0500
@@ -218,6 +218,7 @@
 	struct block *b;
 {
 	int level;
+	if (!b) return ; 
 
 	if (isMarked(b))
 		return;
@@ -228,6 +229,7 @@
 	if (JT(b)) {
 		find_levels_r(JT(b));
 		find_levels_r(JF(b));
+		if ( !b || !(b->level) || !JT(b) || !JF(b)   ) { level =0 ;  return;} 
 		level = MAX(JT(b)->level, JF(b)->level) + 1;
 	} else
 		level = 0;
@@ -1771,7 +1773,7 @@
 make_marks(p)
 	struct block *p;
 {
-	if (!isMarked(p)) {
+	if (p && !isMarked(p)) {
 		Mark(p);
 		if (BPF_CLASS(p->s.code) != BPF_RET) {
 			make_marks(JT(p));
@@ -1863,7 +1865,7 @@
 			done = 0;
 			JT(p) = JT(p)->link;
 		}
-		if (JF(p)->link) {
+		if (JF(p) && JF(p)->link) {
 			done = 0;
 			JF(p) = JF(p)->link;
 		}
@@ -2202,7 +2204,9 @@
 		}
 		else
 		    dst->jt = off;
-		off = JF(p)->offset - (p->offset + slen) - 1;
+		if ( JF(p) ) {
+		  off = JF(p)->offset - (p->offset + slen) - 1;
+		}
 		if (off >= 256) {
 		    /* offset too large for branch, must add a jump */
 		    if (p->longjf == 0) {

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.

Reply via email to