Dian30 / skipfish

Automatically exported from code.google.com/p/skipfish
Apache License 2.0
0 stars 0 forks source link

Segmentation Fault During Scan #144

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
Attached the files created by following directions for issue #103.

Using version 2.04b.

Original issue reported on code.google.com by Scott.Ro...@gmail.com on 2 Mar 2012 at 5:20

Attachments:

GoogleCodeExporter commented 8 years ago
Thanks for the report Scott! The core doesn't give a lot information, could you 
perhaps try to reproduce the crash with a freshly made debug build ? Running 
"make clean debug", doing the scan and sending the data? 

Cheers!
Niels

Original comment by niels.he...@gmail.com on 3 Mar 2012 at 1:04

GoogleCodeExporter commented 8 years ago
Hey Scott,

I suspect the cause is in line 3490 of crawler.c where:

  if (req->user_val != 2) return 0;

Should be:

  if (req->user_val != 4) return 0;

Could you try and reproduce with that?
Cheers!
Niels

Original comment by niels.he...@gmail.com on 5 Mar 2012 at 8:34

GoogleCodeExporter commented 8 years ago
Hi Niels,

Thanks for helping me out with this. I changed crawler.c (weirdly, my line was 
about 1500, not 3490), ran make again and it still seg faulted. I then followed 
the directions as before to get the dump and it is attached.

Original comment by Scott.Ro...@gmail.com on 5 Mar 2012 at 5:45

Attachments:

GoogleCodeExporter commented 8 years ago
Thanks for re-testing! I've actually been scanning all day without one crash 
*sigh* ;-(  Based on the debug info, this seems to point at the callback 
testing.  

Could you try the attach patch?  It takes away the evil code and should fix the 
problem.

Cheers!
Niels

Original comment by niels.he...@gmail.com on 5 Mar 2012 at 6:25

Attachments:

GoogleCodeExporter commented 8 years ago
BTW, could you perhaps also give me the exact command-line used to perform this 
scan?

Cheers,
Niels

Original comment by niels.he...@gmail.com on 5 Mar 2012 at 6:42

GoogleCodeExporter commented 8 years ago
Ah never mind, I found the bug and can reproduce it.  New release heading your 
direction!

Original comment by niels.he...@gmail.com on 5 Mar 2012 at 7:47

GoogleCodeExporter commented 8 years ago
Hey Scott,

Again, thanks for the report! Based on your latest debug info I could reproduce 
the issue and write a decent fix. The 2.05b release has this fix and can be 
downloaded here:

http://skipfish.googlecode.com/files/skipfish-2.05b.tgz

Niels

Original comment by niels.he...@gmail.com on 5 Mar 2012 at 7:57

GoogleCodeExporter commented 8 years ago
No seg fault this time. Fix worked.

Thanks for the help!

Original comment by Scott.Ro...@gmail.com on 5 Mar 2012 at 8:38

GoogleCodeExporter commented 8 years ago
Awesome! Thanks for verifying and reporting!
Niels

Original comment by niels.he...@gmail.com on 5 Mar 2012 at 8:42