On Thu, Jun 7, 2018 at 2:23 AM, Vibin K Madampath <[email protected]> wrote: > Hello Dan, > > Seems like the error gets triggered when it finds an empty line in the > alerts.log > > Master branch - I haven't tried it, please give more insight. > > Regards, > Vibin >
Awesome, thanks. It seems to be crashing my reportd, so I'll take a look at it. > > On 6 June 2018 at 19:57, dan (ddp) <[email protected]> wrote: >> >> On Tue, May 22, 2018 at 9:08 AM, Vibin K Madampath <[email protected]> >> wrote: >> > Hello, >> > >> > I'm also getting a similar error due to which the reports are not being >> > generated/sent. >> > >> > Using the same version 2.9.3 >> > >> > [root@usws1ossecap01 ~]# /var/ossec/bin/ossec-reportd < >> > /var/ossec/logs/alerts/alerts.log >> > 2018/05/22 13:06:00 ossec-reportd: INFO: Started (pid: 30213). >> > *** glibc detected *** /var/ossec/bin/ossec-reportd: free(): invalid >> > pointer: 0x00007f29c4954f48 *** >> > Aborted >> > >> >> Does this happen with every alerts.log file? >> If not, can you track down where it crashes? >> Have you tried the master branch? >> >> > >> > >> > On 18 May 2018 at 12:22, Chinmay Pandya <[email protected]> >> > wrote: >> >> >> >> I am using ossec-hids-2.9.3 >> >> >> >> On Thursday, May 17, 2018 at 11:52:33 PM UTC+5:30, dan (ddpbsd) wrote: >> >>> >> >>> >> >>> >> >>> On Thu, May 17, 2018, 8:54 AM Chinmay Pandya <[email protected]> >> >>> wrote: >> >>>> >> >>>> I am running ossec-reportd and it is crashing due to double free . >> >>>> This >> >>>> can lead to exploitatoin. So can some one solve it ? >> >>>> >> >>>> /ossec-server# bin/ossec-reportd < logs/alerts/alerts.log >> >>>> 2018/05/17 12:51:32 ossec-reportd: INFO: Started (pid: 4526). >> >>>> *** Error in `bin/ossec-reportd': double free or corruption (out): >> >>>> 0x0000000001dbf3d0 *** >> >>>> Aborted >> >>>> >> >>> >> >>> Which version of ossec are you using? I fixed at least one problem >> >>> like >> >>> that in MASTER. >> >>> >> >>> >> >>>> >> >>>> >> >>>> >> >>>> _____________________________________________________________ >> >>>> The information contained in this communication is intended solely >> >>>> for >> >>>> the use of the individual or entity to whom it is addressed and >> >>>> others >> >>>> authorized to receive it. It may contain confidential or legally >> >>>> privileged >> >>>> information. If you are not the intended recipient you are hereby >> >>>> notified >> >>>> that any disclosure, copying, distribution or taking any action in >> >>>> reliance >> >>>> on the contents of this information is strictly prohibited and may be >> >>>> unlawful. If you have received this communication in error, please >> >>>> notify us >> >>>> immediately by responding to this email and then delete it from your >> >>>> system. >> >>>> The firm is neither liable for the proper and complete transmission >> >>>> of the >> >>>> information contained in this communication nor for any delay in its >> >>>> receipt. >> >>>> >> >>>> -- >> >>>> >> >>>> --- >> >>>> You received this message because you are subscribed to the Google >> >>>> Groups "ossec-list" group. >> >>>> To unsubscribe from this group and stop receiving emails from it, >> >>>> send >> >>>> an email to [email protected]. >> >>>> For more options, visit https://groups.google.com/d/optout. >> >> >> >> >> >> _____________________________________________________________ >> >> The information contained in this communication is intended solely for >> >> the >> >> use of the individual or entity to whom it is addressed and others >> >> authorized to receive it. It may contain confidential or legally >> >> privileged >> >> information. If you are not the intended recipient you are hereby >> >> notified >> >> that any disclosure, copying, distribution or taking any action in >> >> reliance >> >> on the contents of this information is strictly prohibited and may be >> >> unlawful. If you have received this communication in error, please >> >> notify us >> >> immediately by responding to this email and then delete it from your >> >> system. >> >> The firm is neither liable for the proper and complete transmission of >> >> the >> >> information contained in this communication nor for any delay in its >> >> receipt. >> >> >> >> -- >> >> >> >> --- >> >> You received this message because you are subscribed to the Google >> >> Groups >> >> "ossec-list" group. >> >> To unsubscribe from this group and stop receiving emails from it, send >> >> an >> >> email to [email protected]. >> >> For more options, visit https://groups.google.com/d/optout. >> > >> > >> > >> > >> > -- >> > Regards, >> > >> > Vibin >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> > Groups >> > "ossec-list" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> > an >> > email to [email protected]. >> > For more options, visit https://groups.google.com/d/optout. >> >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "ossec-list" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. > > > > > -- > Regards, > > Vibin > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
