Bug#1018061: pads: segfault at 3a ip
On Sun, 2023-02-26 at 16:03 +0100, Bernhard Übelacker wrote:
> Am 08.02.23 um 19:31 schrieb Tim McConnell:
> > Opppss I thought I had, here it is.
> > bt full
>
>
> Hello Tim,
> sorry for the delay. For some reason the debug information
> for libpcap.so.0.8 was missing in your backtrace (was the
> DEBUGINFOD_URLS variable set in that console?).
>
> But I guess I could fill in the gaps [2].
>
> And I think in function print_arp_asset the variable rec
> might get used uninitialized.
> This is also warned about in the build log [3].
>
> Therefore the crash could possibly avoided with the patch below [1].
>
> Kind regards,
> Bernhard
>
>
>
> [1]
> --- src/output/output.c.orig 2023-02-26 15:19:32.000000000 +0100
> +++ src/output/output.c 2023-02-26 15:54:54.007679051 +0100
> @@ -182,7 +182,7 @@ int print_arp_asset (struct in_addr ip_a
>
> /* Find Asset */
> ArpAsset *list;
> - ArpAsset *rec;
> + ArpAsset *rec = NULL;
>
> list = (ArpAsset *)get_arp_pointer();
> while (list != NULL) {
>
>
>
> [2]
> (gdb)
> #0 0x00005641638af954 in print_arp_asset_screen (rec=0x2a) at
> ./src/output/output-screen.c:115
> #1 0x00005641638af6f0 in print_arp_asset (ip_addr=...,
> mac_addr=0x7fa6db692384 "") at ./src/output/output.c:210
> head = 0x5641654a33f0
> list = <optimized out>
> rec = 0x2a
> #2 0x00007fa6dbe004f6 in pcap_handle_packet_mmap () at ./pcap-
> linux.c:4072 from /lib/x86_64-linux-gnu/libpcap.so.0.8
> #3 0x00007fa6dbe008ec in pcap_read_linux_mmap_v3 () at ./pcap-
> linux.c:4248 from /lib/x86_64-linux-gnu/libpcap.so.0.8
> #4 0x00007fa6dbe07d1d in pcap_loop () at ./pcap.c:2923 from
> /lib/x86_64-linux-gnu/libpcap.so.0.8
> #5 0x00005641638a8e5b in main_pads () at ./src/pads.c:278
> #6 0x00005641638a847b in main (argc=<optimized out>, argv=<optimized
> out>) at ./src/pads.c:491
>
> (gdb) list output.c:210
> 179 int print_arp_asset (struct in_addr ip_addr, char
> mac_addr[MAC_LEN])
> 180 {
> 181 OutputPluginList *head;
> 182
> 183 /* Find Asset */
> 184 ArpAsset *list;
> 185 ArpAsset *rec;
> 186
> 187 list = (ArpAsset *)get_arp_pointer();
> 188 while (list != NULL) {
> 189 if (ip_addr.s_addr == list->ip_addr.s_addr
> 190 && (strcmp(mac_addr, list->mac_addr) == 0)) {
> 191
> 192 /* Found! */
> 193 rec = list;
> 194 break;
> 195 } else {
> 196 list = list->next;
> 197 }
> 198 }
> 199
> 200 /* Make sure that a record was found. */
> 201 if (rec == NULL)
> 202 return 1;
> 203
> 204 /* Cycle through output plugins and print to those that
> are active. */
> 205 head = output_plugin_list;
> 206 while (head != NULL) {
> 207 /* Only print to active plugins. */
> 208 if (head->active == 1) {
> 209 if (head->plugin->print_arp)
> 210 (*head->plugin->print_arp)(rec);
> 211 }
> 212
> 213 head = head->next;
> 214 }
>
>
> [3]
> https://buildd.debian.org/status/fetch.php?pkg=pads&arch=amd64&ver=1.2-14&stamp=1665671920&raw=0
> output.c: In function ‘print_arp_asset’:
> output.c:210:18: warning: ‘rec’ may be used uninitialized [-Wmaybe-
> uninitialized]
> 210 | (*head->plugin->print_arp)(rec);
> | ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> output.c:185:15: note: ‘rec’ was declared here
> 185 | ArpAsset *rec;
> | ^~~
>
Hi Bernhard,
The delay is fine, I'm sure it takes a minute to figure it out ;-) and
no I didn't have anything other than defaults for GDB set. I'm not a
programmer so I don't know all the tricks to GDB or when is best to
use them. With that said, how would I go about installing /testing the
patch you provide? I'm happy to test it out for you, I just need the
knowledge of how to.
Thanks!
--
Tim McConnell <tmcconnell168@gmail.com>
Reply to: