From: "Burton Strauss" <[EMAIL PROTECTED]>
Reply-To: [email protected]
To: <[email protected]>
Subject: RE: [Ntop] Fedora core buffer overflow
Date: Sat, 6 Aug 2005 07:33:27 -0500
General answer to ALL of you with problems from SOMEBODY else's RPM for
Fedora Core 4:
1. We do not support other people's RPMs. No way to know what's in them,
re
patches, configure options, what source they actually used, stripped
binaries, etc.
2. Use the cvs source. The source code reorganization in the cvs has
eliminated the 'problem'.
General Answer
--------------
ntop works FINE under FC4. Luca does his PRIMARY DEVELOPMENT in that
environment with no problems in initDevices(). I built an FC4 VM
yesterday,
compiled the cvs source and it works fine.
I grabbed the ntop-3.1.tgz from SourceForge and compiled that. It fails
with the usual problem at 602. BUT, if you single step up to that point,
the actual failure is in the return to 602, not AT 602.
When you hit weird problems like that, the usual answer is to remove -O2
from the gcc line - compile the code w/o optimization. At which point ntop
works fine.
SO: Final answer - whatever the problem is, it's not ntop, it's gcc
(specifically gcc optimization).
Whether it's native to gcc or to RedHat's patches, I don't know and don't
care...
$ gcc -v
Using built-in specs.
Target: i386-redhat-linux
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --enable-shared --enable-threads=posix
--enable-checking=release --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions --enable-libgcj-multifile
--enable-languages=c,c++,objc,java,f95,ada --enable-java-awt=gtk
--with-java-home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre
--host=i386-redhat-linux
Thread model: posix
gcc version 4.0.1 20050727 (Red Hat 4.0.1-5)
If somebody want's to study the sources and assembled code and report this
to RedHat through their bugzilla, go for it. Here's the stuff from gdb:
Processing file /etc/ntop.conf for parameters...
Sat Aug 6 07:09:32 2005 Initializing gdbm databases
Sat Aug 6 07:09:32 2005 ntop v.3.1 MT
Sat Aug 6 07:09:32 2005 Configured on Aug 6 2005 6:53:56, built on Aug
6 2005 06:54:49.
Sat Aug 6 07:09:32 2005 Copyright 1998-2004 by Luca Deri <[EMAIL PROTECTED]>
Sat Aug 6 07:09:32 2005 Get the freshest ntop from http://www.ntop.org/
Sat Aug 6 07:09:32 2005 Initializing ntop
[Switching to Thread -1208935520 (LWP 25412)]
Sat Aug 6 07:09:33 2005 Checking eth0 for additional devices
Sat Aug 6 07:09:33 2005 Resetting traffic statistics for device eth0
Sat Aug 6 07:09:36 2005 DLT: Device 0 [eth0] is 1, mtu 1514, header 14
Breakpoint 5, initDevices (devices=0x8db6660 "eth0") at initialize.c:1644
1644 tmpDev = strtok_r(NULL, ",", &strtokState);
(gdb) print tmpDev
$6 = 0x8db8750 "eth0"
(gdb) step
1179 __s = *__nextp;
(gdb) list
1174 __STRING_INLINE char *
1175 __strtok_r_1c (char *__s, char __sep, char **__nextp)
1176 {
1177 char *__result;
1178 if (__s == NULL)
1179 __s = *__nextp;
1180 while (*__s == __sep)
1181 ++__s;
1182 __result = NULL;
1183 if (*__s != '\0')
1184 {
1185 __result = __s++;
1186 while (*__s != '\0')
1187 if (*__s++ == __sep)
1188 {
1189 __s[-1] = '\0';
1190 break;
1191 }
1192 *__nextp = __s;
1193 }
1194 return __result;
1195 }
1196 # if defined __USE_POSIX || defined __USE_MISC
1197 # define strtok_r(s, sep, nextp) __strtok_r (s, sep, nextp)
1198 # endif
1199 #endif
1200
1201
1202 #if !defined _HAVE_STRING_ARCH_strsep || defined _FORCE_INLINES
1203 # ifndef _HAVE_STRING_ARCH_strsep
(gdb) step
1180 while (*__s == __sep)
(gdb) step
1183 if (*__s != '\0')
(gdb) step
1647 free(workDevices);
(gdb) list
1642 addDevice(tmpDev, tmpDescr == NULL ? tmpDev : tmpDescr);
1643
1644 tmpDev = strtok_r(NULL, ",", &strtokState);
1645 } /* while */
1646
1647 free(workDevices);
1648 } else if(defaultIdx != -1) {
1649 /* Default interface found */
1650 traceEvent(CONST_TRACE_INFO, "No default device configured.
Using %s", intNames[defaultIdx]);
1651 processStrPref(NTOP_PREF_DEVICES, intNames[defaultIdx],
&myGlobals.runningPref.devices, TRUE);
(gdb) print workDevices
$7 = 0x8db8740 "eth0"
(gdb) step
ntop_safefree (ptr=0xbfb1a4e4, file=0xc2c77e "initialize.c", line=1647) at
leaks.c:608
608 if((ptr == NULL) || (*ptr == NULL)) {
(gdb) finish
Run till exit from #0 ntop_safefree (ptr=0xbfb1a4e4, file=0xc2c77e
"initialize.c", line=1647) at leaks.c:608
0x00c0375d in initDevices (devices=0x8db6660 "eth0") at initialize.c:1647
1647 free(workDevices);
(gdb) step
1655 }
(gdb)
Cannot access memory at address 0x0
(gdb)
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Felipe Xacur
Sent: Saturday, August 06, 2005 1:43 AM
To: [email protected]
Subject: [Ntop] Fedora core buffer overflow
Hi I am also trying to run ntop on FC4 but I am also getting the buffer
overflow error when I try to run it. I have tryed the CVS version and the
sourceforge version but both gives me the same error...
This fist part is what i get when i try to run it... after it i also posted
the results i am getting using the FAQ with the gdb(hope to have
undertanding it)...
********************** Console Window******************
[EMAIL PROTECTED] bin]# ntop
Sat Aug 6 01:12:13 2005 NOTE: Interface merge enabled by default Sat Aug
6 01:12:13 2005 Initializing gdbm databases Sat Aug 6 01:12:13 2005 ntop
will be started as user nobody Sat Aug 6 01:12:13 2005 ntop v.3.1.50 Sat
Aug 6 01:12:13 2005 Configured on Aug 5 2005 23:41:23, built on Aug
5 2005 23:43:32.
Sat Aug 6 01:12:13 2005 Copyright 1998-2005 by Luca Deri <[EMAIL PROTECTED]>
Sat Aug 6 01:12:13 2005 Get the freshest ntop from http://www.ntop.org/
Sat Aug 6 01:12:13 2005 NOTE: ntop is running from 'ntop'
Sat Aug 6 01:12:13 2005 NOTE: (but see warning on man page for the
--instance parameter) Sat Aug 6 01:12:13 2005 NOTE: ntop libraries are in
'/usr/local/lib'
Sat Aug 6 01:12:13 2005 Initializing ntop Sat Aug 6 01:12:13 2005
Checking eth0 for additional devices Sat Aug 6 01:12:13 2005 Resetting
traffic statistics for device eth0 Sat Aug 6 01:12:13 2005 DLT: Device 0
[eth0] is 1, mtu 1514, header 14 Sat Aug 6 01:12:13 2005 Initializing
gdbm
databases Sat Aug 6 01:12:13 2005 VENDOR: Loading MAC address table.
Sat Aug 6 01:12:13 2005 VENDOR: Checking for MAC address table file Sat
Aug 6 01:12:13 2005 VENDOR: File '/usr/local/etc/ntop/specialMAC.txt.gz'
does not need to be reloaded Sat Aug 6 01:12:13 2005 VENDOR: ntop
continues ok Sat Aug 6 01:12:13 2005 VENDOR: Checking for MAC address
table file Sat Aug 6 01:12:13 2005 VENDOR: File
'/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded Sat Aug 6
01:12:13 2005 VENDOR: ntop continues ok Sat Aug 6 01:12:13 2005
Fingeprint: Loading signature file.
Sat Aug 6 01:12:13 2005 Fingeprint: ...loaded 1697 records Sat Aug 6
01:12:13 2005 ASN: Checking for Autonomous System Number table file Sat
Aug
6 01:12:13 2005 **WARNING** ASN: Unable to open file 'AS-list.txt'
Sat Aug 6 01:12:13 2005 I18N: This instance of ntop does not support
multiple languages Sat Aug 6 01:12:13 2005 IP2CC: Checking for IP address
<-> Country Code mapping file Sat Aug 6 01:12:13 2005 IP2CC: Loading file
'/usr/local/etc/ntop/p2c.opt.table.gz'
Sat Aug 6 01:12:13 2005 IP2CC: ...found 52395 lines Sat Aug 6 01:12:13
2005 GDVERCHK: Guessing at libgd version Sat Aug 6 01:12:13 2005
GDVERCHK: ... as 2.0.21+ Sat Aug 6 01:12:13 2005 Initializing external
applications Sat Aug 6 01:12:13 2005 THREADMGMT[t3083299760]: NPA:
Started
thread for network packet analyzer Sat Aug 6 01:12:13 2005
THREADMGMT[t3072809904]: SFP: Started thread for fingerprinting Sat Aug 6
01:12:13 2005 THREADMGMT[t3062320048]: SIH: Started thread for idle hosts
detection Sat Aug 6 01:12:13 2005 THREADMGMT[t3051830192]: DNSAR(1):
Started thread for DNS address resolution Sat Aug 6 01:12:13 2005 Calling
plugin start functions (if any) Sat Aug 6 01:12:13 2005 SSL is present
but
https is disabled: use -W <https port> for enabling it Sat Aug 6 01:12:13
2005 INITWEB: Initializing web server Sat Aug 6 01:12:13 2005 INITWEB:
Initializing tcp/ip socket connections for web server Sat Aug 6 01:12:13
2005 INITWEB: Initialized socket, port 3000, address
(any)
Sat Aug 6 01:12:13 2005 INITWEB: Waiting for HTTP connections on port
3000
Sat Aug 6 01:12:13 2005 INITWEB: Starting web server Sat Aug 6 01:12:13
2005 THREADMGMT[t3041340336]: INITWEB: Started thread for web server Sat
Aug 6 01:12:13 2005 THREADMGMT[t3083299760]: NPA: network packet analyzer
(packet processor) thread running [p15510] Sat Aug 6 01:12:13 2005
THREADMGMT[t3072809904]: SFP: Fingerprint scan thread starting [p15510] Sat
Aug 6 01:12:13 2005 Listening on [eth0] Sat Aug 6 01:12:13 2005 Loading
Plugins Sat Aug 6 01:12:13 2005 Searching for plugins in
/usr/local/lib/ntop/plugins Sat Aug 6 01:12:13 2005 SFLOW: Welcome to
sFlow.(C) 2002-04 by Luca Deri Sat Aug 6 01:12:13 2005 ICMP: Welcome to
ICMP Watch. (C) 1999-2004 by Luca Deri Sat Aug 6 01:12:13 2005 RRD:
Welcome to Round-Robin Databases. (C) 2002-04 by Luca Deri.
Sat Aug 6 01:12:13 2005 PDA: Welcome to PDA. (C) 2001-2004 by L.Deri and
W.Brock Sat Aug 6 01:12:13 2005 LASTSEEN: Welcome to Host Last Seen. (C)
1999 by Andrea Marangoni Segmentation fault [EMAIL PROTECTED] bin]#
********************** gdb ******************************* [EMAIL PROTECTED]
bin]# gdb /usr/bin/ntop GNU gdb Red Hat Linux (6.3.0.0-1.21rh) Copyright
2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...
(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".
(gdb) set args -u root -K
(gdb) run
Starting program: /usr/bin/ntop -u root -K Reading symbols from shared
object read from target memory...(no debugging symbols found)...done.
Loaded system supplied DSO at 0xae1000
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled] [New Thread -1208731968 (LWP
15572)] (no debugging symbols found) (no debugging symbols found) (no
debugging symbols found) (no debugging symbols found) (no debugging symbols
found) (no debugging symbols found) (no debugging symbols found) (no
debugging symbols found) (no debugging symbols found) (no debugging symbols
found) (no debugging symbols found) (no debugging symbols found) (no
debugging symbols found) (no debugging symbols found) (no debugging symbols
found) (no debugging symbols found) (no debugging symbols found) ---Type
<return> to continue, or q <return> to quit--- (no debugging symbols found)
(no debugging symbols found) (no debugging symbols found) (no debugging
symbols found) (no debugging symbols found) (no debugging symbols found)
(no
debugging symbols found) (no debugging symbols found) (no debugging symbols
found) (no debugging symbols found) Sat Aug 6 01:14:44 2005 Initializing
gdbm databases Sat Aug 6 01:14:44 2005 ntop v.3.1 (Dag Apt RPM
Repository)
MT (SSL) Sat Aug 6 01:14:44 2005 Configured on Jul 26 2005 7:39:51,
built
on Jul
26 2005 07:41:59.
Sat Aug 6 01:14:44 2005 Copyright 1998-2004 by Luca Deri <[EMAIL PROTECTED]>
Sat Aug 6 01:14:44 2005 Get the freshest ntop from http://www.ntop.org/
Sat Aug 6 01:14:44 2005 Initializing ntop
*** buffer overflow detected ***: /usr/bin/ntop terminated (no debugging
symbols found) ======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x245565]
/usr/lib/libntop-3.1.so(initDevices+0x29d)[0xaf9474]
/usr/lib/libntop-3.1.so(initNtop+0x33e)[0xaefe47]
/usr/bin/ntop[0x804aaa5]
/lib/libc.so.6(__libc_start_main+0xc6)[0x17bde6]
/usr/bin/ntop[0x8049bb1]
======= Memory map: ========
00111000-0011f000 r-xp 00000000 fd:00 28147809 /lib/libpthread-2.3.5.so
0011f000-00120000 r-xp 0000d000 fd:00 28147809 /lib/libpthread-2.3.5.so
00120000-00121000 rwxp 0000e000 fd:00 28147809 /lib/libpthread-2.3.5.so
00121000-00123000 rwxp 00121000 00:00 0
00123000-00135000 r-xp 00000000 fd:00 28147856 /lib/libnsl-2.3.5.so
00135000-00136000 r-xp 00011000 fd:00 28147856 /lib/libnsl-2.3.5.so
00136000-00137000 rwxp 00012000 fd:00 28147856 /lib/libnsl-2.3.5.so
00137000-00139000 rwxp 00137000 00:00 0
00139000-0013e000 r-xp 00000000 fd:00 28147888 /lib/libcrypt-2.3.5.so
0013e000-0013f000 r-xp 00004000 fd:00 28147888 /lib/libcrypt-2.3.5.so
0013f000-00140000 rwxp 00005000 fd:00 28147888 /lib/libcrypt-2.3.5.so
00140000-00167000 rwxp 00140000 00:00 0
00167000-0028b000 r-xp 00000000 fd:00 28147807 /lib/libc-2.3.5.so
0028b000-0028d000 r-xp 00124000 fd:00 28147807 /lib/libc-2.3.5.so
0028d000-0028f000 rwxp 00126000 fd:00 28147807 /lib/libc-2.3.5.so
0028f000-00291000 rwxp 0028f000 00:00 0
00291000-00297000 r-xp 00000000 fd:00 40838616 /usr/lib/libgdbm.so.2.0.0
00297000-00298000 rwxp 00005000 fd:00 40838616 /usr/lib/libgdbm.so.2.0.0
00298000-002aa000 r-xp 00000000 fd:00 40837785 /usr/lib/libz.so.1.2.2.2
002aa000-002ab000 rwxp 00011000 fd:00 40837785 /usr/lib/libz.so.1.2.2.2
002ab000-002c2000 r-xp 00000000 fd:00 40839603
/usr/lib/libgssapi_krb5.so.2.2
002c2000-002c3000 rwxp 00017000 fd:00 40839603
/usr/lib/libgssapi_krb5.so.2.2
002c3000-002c5000 r-xp 00000000 fd:00 28147847 /lib/libdl-2.3.5.so
002c5000-002c6000 r-xp 00001000 fd:00 28147847 /lib/libdl-2.3.5.so
002c6000-002c7000 rwxp 00002000 fd:00 28147847 /lib/libdl-2.3.5.so
002c7000-002c9000 r-xp 00000000 fd:00 40839595
/usr/lib/libkrb5support.so.0.0
002c9000-002ca000 rwxp 00001000 fd:00 40839595
/usr/lib/libkrb5support.so.0.0
002d0000-00365000 r-xp 00000000 fd:00 40730635
/usr/lib/libntopreport-3.1.so
00365000-00366000 rwxp 00095000 fd:00 40730635
/usr/lib/libntopreport-3.1.so
00366000-00367000 rwxp 00366000 00:00 0
00367000-00385000 r-xp 00000000 fd:00 40835988 /usr/lib/libgd.so.2.0.0
00385000-003a5000 rwxp 0001d000 fd:00 40835988 /usr/lib/libgd.so.2.0.0
003a5000-003b9000 rwxp 003a5000 00:00 0
003b9000-003ce000 r-xp 00000000 fd:00 40838396
/usr/X11R6/lib/libXpm.so.4.11
003ce000-003cf000 rwxp 00015000 fd:00 40838396
/usr/X11R6/lib/libXpm.so.4.11
003d6000-003fa000 r-xp 00000000 fd:00 40835194 /usr/lib/libpcap.so.0.8.3
003fa000-003fb000 rwxp 00024000 fd:00 40835194 /usr/lib/libpcap.so.0.8.3
003fb000-00409000 r-xp 00000000 fd:00 40836268
/usr/X11R6/lib/libXext.so.6.4
00409000-0040a000 rwxp 0000e000 fd:00 40836268
/usr/X11R6/lib/libXext.so.6.4
00413000-0042d000 r-xp 00000000 fd:00 28147806 /lib/ld-2.3.5.so
0042d000-0042e000 r-xp 00019000 fd:00 28147806 /lib/ld-2.3.5.so
0042e000-0042f000 rwxp 0001a000 fd:00 28147806 /lib/ld-2.3.5.so
00431000-00453000 r-xp 00000000 fd:00 40839881
/usr/lib/libglib-1.2.so.0.0.10
00453000-00455000 rwxp 00021000 fd:00 40839881
/usr/lib/libglib-1.2.so.0.0.10
00455000-00473000 r-xp 00000000 fd:00 40844181 /usr/lib/libjpeg.so.62.0.0
00473000-00474000 rwxp 0001d000 fd:00 40844181 /usr/lib/libjpeg.so.62.0.0
00474000-0047d000 r-xp 00000000 fd:00 28147852
/lib/libgcc_s-4.0.1-20050727.so.1
0047d000-0047e000 rwxp 00009000 fd:00 28147852
/lib/libgcc_s-4.0.1-20050727.so.1
0047e000-00493000 r-xp 00000000 fd:00 40730629 /usr/lib/libmyrrd-3.1.so
00493000-004c6000 rwxp 00014000 fd:00 40730629 /usr/lib/libmyrrd-3.1.so
004c6000-005be000 r-xp 00000000 fd:00 28147873 /lib/libcrypto.so.0.9.7f
005be000-005d0000 rwxp 000f8000 fd:00 28147873 /lib/libcrypto.so.0.9.7f
005d0000-005d3000 rwxp 005d0000 00:00 0
005d3000-00642000 r-xp 00000000 fd:00 40839599 /usr/li
Program received signal SIGABRT, Aborted.
[Switching to Thread -1208731968 (LWP 15572)]
0x00ae1402 in __kernel_vsyscall ()
(gdb) bt full
#0 0x00ae1402 in __kernel_vsyscall ()
No symbol table info available.
#1 0x0018f1f8 in raise () from /lib/libc.so.6 No symbol table info
available.
#2 0x00190948 in abort () from /lib/libc.so.6 No symbol table info
available.
#3 0x001c452a in __libc_message () from /lib/libc.so.6 No symbol table
info
available.
#4 0x00245565 in __chk_fail () from /lib/libc.so.6 No symbol table info
available.
#5 0x00af9474 in initDevices () from /usr/lib/libntop-3.1.so No symbol
table info available.
#6 0x00aefe47 in initNtop () from /usr/lib/libntop-3.1.so No symbol table
info available.
#7 0x0804aaa5 in usage ()
No symbol table info available.
#8 0x0017bde6 in __libc_start_main () from /lib/libc.so.6 No symbol table
info available.
#9 0x08049bb1 in ?? ()
No symbol table info available.
(gdb) print deviceId
No symbol table is loaded. Use the "file" command.
(gdb) list
No symbol table is loaded. Use the "file" command.
(gdb) info threads
* 1 Thread -1208731968 (LWP 15572) 0x00ae1402 in __kernel_vsyscall ()
(gdb) thread 1
[Switching to thread 1 (Thread -1208731968 (LWP 15572))]#0 0x00ae1402 in
__kernel_vsyscall ()
(gdb) info stack
#0 0x00ae1402 in __kernel_vsyscall ()
#1 0x0018f1f8 in raise () from /lib/libc.so.6
#2 0x00190948 in abort () from /lib/libc.so.6
#3 0x001c452a in __libc_message () from /lib/libc.so.6
#4 0x00245565 in __chk_fail () from /lib/libc.so.6
#5 0x00af9474 in initDevices () from /usr/lib/libntop-3.1.so
#6 0x00aefe47 in initNtop () from /usr/lib/libntop-3.1.so
#7 0x0804aaa5 in usage ()
#8 0x0017bde6 in __libc_start_main () from /lib/libc.so.6
#9 0x08049bb1 in ?? ()
Well.. I hope it helps as realy i dident have a clue as what to doo in the
gsd.. The system specs are Athlon XP 1800+ , nforce 2, DDR 1 GB , 3 HDD.
eth0 (Dlink), eth1 (nforce), ppp0 if you need more details and f i can
provide it i will glady help..
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
