This problem exists in port net/ettercap.
When I attempt to use the -e (--regex) flag to search for data within
a packet I always receive a core dump.
For example:
sudo ettercap -f /192.168.1.69/ -e thisstring myfile.ecp
will always result in a core dump.
Here is some gdb info:
~$ gdb etterlog etterlog.core
GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-unknown-openbsd5.1"...(no debugging
symbols found)
Core was generated by `etterlog'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libpthread.so.13.1...done.
Loaded symbols for /usr/lib/libpthread.so.13.1
Reading symbols from /usr/lib/libz.so.4.1...done.
Loaded symbols for /usr/lib/libz.so.4.1
Symbols already loaded for /usr/lib/libpthread.so.13.1
Reading symbols from /usr/lib/libc.so.61.0...done.
Loaded symbols for /usr/lib/libc.so.61.0
Reading symbols from /usr/libexec/ld.so...done.
Loaded symbols for /usr/libexec/ld.so
#0 0x08ae6e21 in strlen () from /usr/lib/libc.so.61.0
(gdb) bt
#0 0x08ae6e21 in strlen () from /usr/lib/libc.so.61.0
#1 0x08a8aad7 in regexec (preg=0x8315ecc0, string=0x7f08ba60 <Address
0x7f08ba60 out of bounds>, nmatch=0, pmatch=0x0,
eflags=Variable "eflags" is not available.
) at engine.c:149
#2 0x1c002ff0 in ?? ()
#3 0x8315ecc0 in ?? ()
#4 0x7f08ba60 in ?? ()
#5 0x00000000 in ?? ()
(gdb) i r
eax 0x0 0
ecx 0xffffffff -1
edx 0x7fd6d000 2144784384
ebx 0x28a4cc98 681888920
esp 0xcfbc1cc8 0xcfbc1cc8
ebp 0xcfbc1dc8 0xcfbc1dc8
esi 0x7f08ba60 2131278432
edi 0x7f08ba60 2131278432
eip 0x8ae6e21 0x8ae6e21
eflags 0x10246 66118
cs 0x2b 43
ss 0x33 51
ds 0x33 51
es 0x33 51
fs 0x5b 91
gs 0x63 99
(gdb) where
#0 0x08ae6e21 in strlen () from /usr/lib/libc.so.61.0
#1 0x08a8aad7 in regexec (preg=0x8315ecc0, string=0x7f08ba60 <Address
0x7f08ba60 out of bounds>, nmatch=0, pmatch=0x0,
eflags=Variable "eflags" is not available.
) at engine.c:149
#2 0x1c002ff0 in ?? ()
#3 0x8315ecc0 in ?? ()
#4 0x7f08ba60 in ?? ()
#5 0x00000000 in ?? ()
Here's a dmesg for this system:
OpenBSD 5.1-beta (bsd.build) #0: Sun Jan 22 20:24:52 PST 2012
[email protected]:/tmp/bsd.build
cpu0: Genuine Intel(R) CPU 1500 @ 2.00GHz ("GenuineIntel" 686-class) 2 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,SSE3,MWA
IT,VMX,EST,TM2,xTPR,PDCM
real mem = 2131062784 (2032MB)
avail mem = 2086080512 (1989MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 07/29/05, SMBIOS rev. 2.4 @
0xe73d0 (40 entries)
bios0: vendor Apple Computer, Inc. version
"MBP11.88Z.0055.B08.0610121325" date 10/12/06
bios0: Apple Computer, Inc. MacBookPro1,1
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET APIC MCFG ASF! SBST ECDT SSDT SSDT SSDT
acpi0: wakeup devices ADP1(S3) LID0(S3) PXS1(S4) PXS2(S4) USB1(S3)
USB2(S3) USB3(S3) USB4(S3) USB7(S3) EC__(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 166MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Genuine Intel(R) CPU 1500 @ 2.00GHz ("GenuineIntel" 686-class) 2 GHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,SSE3,MWA
IT,VMX,EST,TM2,xTPR,PDCM
ioapic0 at mainbus0: apid 1 pa 0xfec00000, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 1
acpimcfg0 at acpi0 addr 0xe0000000, bus 0-255
acpiec0 at acpi0
acpiprt0 at acpi0: bus 0 (PCI0)
[81/1949]
acpiprt1 at acpi0: bus 1 (PEGP)
acpiprt2 at acpi0: bus 2 (RP01)
acpiprt3 at acpi0: bus 3 (RP02)
acpiprt4 at acpi0: bus 4 (RP03)
acpiprt5 at acpi0: bus 12 (PCIB)
acpicpu0 at acpi0: C3, C2, C1, PSS
acpicpu1 at acpi0: C3, C2, C1, PSS
acpiac0 at acpi0: AC unit online
acpibtn0 at acpi0: LID0
acpibtn1 at acpi0: PWRB
acpibtn2 at acpi0: SLPB
acpibat0 at acpi0: BAT0 model "14127832176087873" type
14127832377542988 oem "14127833101004627"
acpivideo0 at acpi0: GFX0
bios0: ROM list: 0xc0000/0xfa00
cpu0: Enhanced SpeedStep 1998 MHz: speeds: 2000, 1833, 1667, 1500,
1333, 1000 MHz
memory map conflict 0xe00f8000/0x1000
memory map conflict 0xfed1c000/0x4000
memory map conflict 0xfffb0000/0x30000
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82945GM Host" rev 0x03
ppb0 at pci0 dev 1 function 0 "Intel 82945GM PCIE" rev 0x03: apic 1 int 16
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Radeon Mobility X1600" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
radeondrm0 at vga1: apic 1 int 16
drm0 at radeondrm0
vendor "Intel", unknown product 0x27a3 (class DASP subclass Time and
Frequency, rev 0x03) at pci0 dev 7 function 0 not configur
ed
azalia0 at pci0 dev 27 function 0 "Intel 82801GB HD Audio" rev 0x02: msi
azalia0: codecs: Sigmatel STAC9220/1
audio0 at azalia0
ppb1 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x02: apic 1 int 17
pci2 at ppb1 bus 2
mskc0 at pci2 dev 0 function 0 "Marvell Yukon 88E8053" rev 0x22,
Yukon-2 EC rev. A3 (0x2): apic 1 int 16
msk0 at mskc0 port A: address 00:16:cb:86:76:3c
eephy0 at msk0 phy 0: 88E1111 Gigabit PHY, rev. 2
ppb2 at pci0 dev 28 function 1 "Intel 82801GB PCIE" rev 0x02: apic 1 int 16
pci3 at ppb2 bus 3
ath0 at pci3 dev 0 function 0 "Atheros AR5424" rev 0x01: apic 1 int 17
ath0: AR5424 10.3 phy 6.1 rf 10.2, WOR5_ETSIC, address
00:16:cb:07:27:4e
[40/1949]
ppb3 at pci0 dev 28 function 2 "Intel 82801GB PCIE" rev 0x02: apic 1 int 18
pci4 at ppb3 bus 4
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x02: apic 1 int 23
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x02: apic 1 int 19
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x02: apic 1 int 18
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x02: apic 1 int 16
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x02: apic 1 int 23
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb4 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xe2
pci5 at ppb4 bus 12
"AT&T/Lucent FW322 1394" rev 0x61 at pci5 dev 3 function 0 not configured
ichpcib0 at pci0 dev 31 function 0 "Intel 82801GBM LPC" rev 0x02: PM disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x02: DMA,
channel 0 configured to compatibility, channel 1 configure
d to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: <MATSHITA, DVD-R UJ-857, HAEA> ATAPI
5/cdrom removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4
pciide0: channel 1 disabled (no drives)
pciide1 at pci0 dev 31 function 2 "Intel 82801GBM SATA" rev 0x02: DMA,
channel 0 configured to native-PCI, channel 1 configured
to native-PCI
pciide1: using apic 1 int 19 for native-PCI interrupt
wd0 at pciide1 channel 0 drive 1: <FUJITSU MHV2100BH>
wd0: 16-sector PIO, LBA48, 95396MB, 195371568 sectors
wd0(pciide1:0:1): using PIO mode 4, Ultra-DMA mode 5
ichiic0 at pci0 dev 31 function 3 "Intel 82801GB SMBus" rev 0x02: apic 1 int 19
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5 SO-DIMM
spdmem1 at iic0 addr 0x52: 1GB DDR2 SDRAM non-parity PC2-5300CL5 SO-DIMM
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
mtrr: Pentium Pro MTRR support
uvideo0 at uhub0 port 4 configuration 1 interface 0 "Apple Computer
Bluetooth" rev 2.00/0.0a addr 2
uhidev0 at uhub1 port 2 configuration 1 interface 0 "Apple Computer
Apple Internal Keyboard / Trackpad" rev 2.00/0.60 addr 2
uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 modifier keys, 5 key codes, country code 33
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhidev1 at uhub1 port 2 configuration 1 interface 1 "Apple Computer
Apple Internal Keyboard / Trackpad" rev 2.00/0.60 addr 2
uhidev1: iclass 3/1, 5 report ids
ums0 at uhidev1 reportid 2: 3 buttons
wsmouse0 at ums0 mux 0
ums1 at uhidev1 reportid 5
ums1: mouse has no X report
uhidev2 at uhub1 port 2 configuration 1 interface 2 "Apple Computer
Apple Internal Keyboard / Trackpad" rev 2.00/0.60 addr 2
uhidev2: iclass 3/0
uhid0 at uhidev2: input=1, output=0, feature=0
uhidev3 at uhub3 port 2 configuration 1 interface 0 "Apple Computer,
Inc. IR Receiver" rev 2.00/1.09 addr 2
uhidev3: iclass 3/0, 38 report ids
uhid1 at uhidev3 reportid 36: input=4, output=0, feature=0
uhid2 at uhidev3 reportid 37: input=4, output=0, feature=0
uhid3 at uhidev3 reportid 38: input=4, output=0, feature=0
uhidev4 at uhub4 port 1 configuration 1 interface 0 "Apple Computer
ADB device" rev 2.00/19.65 addr 2
uhidev4: iclass 3/1
ukbd1 at uhidev4: 8 modifier keys, 6 key codes
wskbd1 at ukbd1 mux 1
wskbd1: connecting to wsdisplay0
uhidev5 at uhub4 port 1 configuration 1 interface 1 "Apple Computer
ADB device" rev 2.00/19.65 addr 2
uhidev5: iclass 3/1
ums2 at uhidev5: 5 buttons
wsmouse1 at ums2 mux 0
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
root on wd0a (e7bf9207be1f0507.a) swap on wd0b dump on wd0b
