ports/95612: [patch] net/ngrep segfaults at startup on amd64

Vasil Dimov vd at FreeBSD.org
Tue Apr 11 06:40:15 UTC 2006 

>Number:         95612
>Category:       ports
>Synopsis:       [patch] net/ngrep segfaults at startup on amd64
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 11 06:40:13 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Vasil Dimov
>Release:        FreeBSD 6.0-STABLE amd64
>Organization:
DataMax
>Environment:

System: FreeBSD qlovarnika.bg.datamax 6.0-STABLE FreeBSD 6.0-STABLE #0: Fri Jan 13 13:47:07 EET 2006     root at qlovarnika.bg.datamax:/usr/obj/usr/src/sys/QLOVARNIKA  amd64

>Description:

# ngrep
Segmentation fault: 11 (core dumped)
#

# gdb ./ngrep
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...
(gdb) r
Starting program: /usr/ports/net/ngrep/work/ngrep-1.44/ngrep

Program received signal SIGSEGV, Segmentation fault.
0x0000000800823ed0 in strlen () from /lib/libc.so.6
(gdb) bt
#0  0x0000000800823ed0 in strlen () from /lib/libc.so.6
#1  0x0000000800821521 in __vfprintf () from /lib/libc.so.6
#2  0x000000080082225f in vfprintf () from /lib/libc.so.6
#3  0x000000080080f09a in printf () from /lib/libc.so.6
#4  0x0000000000401f5d in main (argc=1, argv=0x7fffffffeab0) at ngrep.c:355
(gdb) f 4
#4  0x0000000000401f5d in main (argc=1, argv=0x7fffffffeab0) at ngrep.c:355
355                     printf(" (%s/", inet_ntoa(net));
(gdb) l
350             }
351
352             if (quiet < 2) {
353                 printf("interface: %s", dev);
354                 if (net.s_addr && mask.s_addr) {
355                     printf(" (%s/", inet_ntoa(net));
356                     printf("%s)", inet_ntoa(mask));
357                 }
358                 printf("\n");
359             }
(gdb) ins net
$1 = {s_addr = 698560}
(gdb)

So inet_ntoa(net) returns something bogus.

If I modify the code like this:
            char *n;
            n = inet_ntoa(net);
            if (net.s_addr && mask.s_addr) {
                printf(" (%s/", n);
then I get this warning during compilation:

ngrep.c:355: warning: assignment makes pointer from integer without a cast

and gdb shows the following:
...
Program received signal SIGSEGV, Segmentation fault.
0x0000000800823ed0 in strlen () from /lib/libc.so.6
(gdb) f 4
#4  0x0000000000401f65 in main (argc=1, argv=0x7fffffffeab0) at ngrep.c:357
357                     printf(" (%s/", n);
(gdb) ins n
$1 = 0x951530 <Error reading address 0x951530: Bad address>
(gdb)

>How-To-Repeat:

Just start ngrep on amd64

>Fix:

Include the appropriate headers as documented in inet_ntoa(3):
http://www.freebsd.org/cgi/man.cgi?query=inet_ntoa

--- patch-ngrep.c begins here ---
--- ngrep.c.orig	Tue Apr 11 09:20:31 2006
+++ ngrep.c	Tue Apr 11 09:20:59 2006
@@ -15,6 +15,7 @@
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #include <net/if.h>
+#include <arpa/inet.h>
 #include <sys/tty.h>
 #include <pwd.h>
 #endif
--- patch-ngrep.c ends here ---

--- ngrep_port.diff begins here ---
Index: Makefile
===================================================================
RCS file: /usr/local/pcvs/ports/net/ngrep/Makefile,v
retrieving revision 1.20
diff -u -r1.20 Makefile
--- Makefile	11 Sep 2005 08:53:19 -0000	1.20
+++ Makefile	11 Apr 2006 06:36:32 -0000
@@ -8,6 +8,7 @@
 
 PORTNAME=	ngrep
 PORTVERSION=	1.44
+PORTREVISION=	1
 CATEGORIES=	net security
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	${PORTNAME}
Index: files/patch-ngrep.c
===================================================================
RCS file: files/patch-ngrep.c
diff -N files/patch-ngrep.c
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ files/patch-ngrep.c	11 Apr 2006 06:36:32 -0000
@@ -0,0 +1,10 @@
+--- ngrep.c.orig	Tue Apr 11 09:20:31 2006
++++ ngrep.c	Tue Apr 11 09:20:59 2006
+@@ -15,6 +15,7 @@
+ #include <netinet/in.h>
+ #include <netinet/in_systm.h>
+ #include <net/if.h>
++#include <arpa/inet.h>
+ #include <sys/tty.h>
+ #include <pwd.h>
+ #endif
--- ngrep_port.diff ends here ---


-- 
Vasil Dimov
gro.DSBeerF at dv

Testing can show the presence of bugs, but not their absence.
                -- Edsger W. Dijkstra
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list