The latest git: Segmentation Fault

[blshkv]

I followed the official guideline (https://github.com/Ettercap/ettercap/wiki/Providing-debug-information), compiled the latest git (the latest 0.8.3.1 is crashing too).

sudo ./src/ettercap -G 

ettercap 0.8.4-rc copyright 2001-2020 Ettercap Development Team

Ooops !! This shouldn't happen...

Segmentation Fault...

===========================================================================
 To report this error follow these steps:

  1) set ec_uid to 0 (so the core will be dumped)

  2) execute ettercap with "-w debug_dump.pcap"

  3) reproduce the critical situation

  4) make a report : 
        "tar zcvf error.tar.gz ettercap-0.8.4-rc_debug.log debug_dump.pcap"

  5) get the gdb backtrace :
         - "gdb ettercap core"
         - at the gdb prompt "bt"
         - at the gdb prompt "quit" and return to the shell
         - copy and paste this output.

  6) mail us the output of gdb and the error.tar.gz
============================================================================

 Core dumping... (use the 'core' file for gdb analysis)

 Have a nice day!
Segmentation fault

Here is the output:

cat ettercap-0.8.4-rc_debug.log 

==============================================================

-> ${prefix}        /usr/local
-> ${exec_prefix}   /usr/local
-> ${bindir}        /usr/local/bin
-> ${libdir}        /usr/local/lib
-> ${sysconfdir}    /etc
-> ${datadir}       /usr/local/share

-> ettercap 0.8.4-rc

-> compiled with gcc 9.3 (/usr/bin/cc)
-> glibc version 2.32
-> libpcap version 1.9.1 (with TPACKET_V3)
-> libnet version 1.2
-> libz version 1.2.11
-> libpcre version 8.44 2020-02-12
-> lib     OpenSSL 1.1.1g  21 Apr 2020
-> headers OpenSSL 1.1.1g  21 Apr 2020

DEVICE OPENED FOR ettercap DEBUGGING

[NR_THREAD]     init_structures
[NR_THREAD]     load_conf
[NR_THREAD]     get_full_path -- [etc] /etc/ettercap/etter.conf
[NR_THREAD]     open_data (/etc/ettercap/etter.conf)
[NR_THREAD]     load_conf: SECTION: privs
[NR_THREAD]     load_conf:      ENTRY: ec_uid  65534
[NR_THREAD]     load_conf:      ENTRY: ec_gid  65534
[NR_THREAD]     load_conf: SECTION: mitm
[NR_THREAD]     load_conf:      ENTRY: arp_storm_delay  10
[NR_THREAD]     load_conf:      ENTRY: arp_poison_smart  0
[NR_THREAD]     load_conf:      ENTRY: arp_poison_warm_up  1
[NR_THREAD]     load_conf:      ENTRY: arp_poison_delay  10
[NR_THREAD]     load_conf:      ENTRY: arp_poison_icmp  1
[NR_THREAD]     load_conf:      ENTRY: arp_poison_reply  1
[NR_THREAD]     load_conf:      ENTRY: arp_poison_request  0
[NR_THREAD]     load_conf:      ENTRY: arp_poison_equal_mac  1
[NR_THREAD]     load_conf:      ENTRY: dhcp_lease_time  1800
[NR_THREAD]     load_conf:      ENTRY: port_steal_delay  10
[NR_THREAD]     load_conf:      ENTRY: port_steal_send_delay  2000
[NR_THREAD]     load_conf:      ENTRY: ndp_poison_warm_up  1
[NR_THREAD]     load_conf:      ENTRY: ndp_poison_delay  5
[NR_THREAD]     load_conf:      ENTRY: ndp_poison_send_delay  1500
[NR_THREAD]     load_conf:      ENTRY: ndp_poison_icmp  1
[NR_THREAD]     load_conf:      ENTRY: ndp_poison_equal_mac  1
[NR_THREAD]     load_conf:      ENTRY: icmp6_probe_delay  3
[NR_THREAD]     load_conf: SECTION: connections
[NR_THREAD]     load_conf:      ENTRY: connection_timeout  300
[NR_THREAD]     load_conf:      ENTRY: connection_idle  5
[NR_THREAD]     load_conf:      ENTRY: connection_buffer  10000
[NR_THREAD]     load_conf:      ENTRY: connect_timeout  5
[NR_THREAD]     load_conf: SECTION: stats
[NR_THREAD]     load_conf:      ENTRY: sampling_rate  50
[NR_THREAD]     load_conf: SECTION: misc
[NR_THREAD]     load_conf:      ENTRY: close_on_eof  1
[NR_THREAD]     load_conf:      ENTRY: store_profiles  1
[NR_THREAD]     load_conf:      ENTRY: aggressive_dissectors  1
[NR_THREAD]     load_conf:      ENTRY: skip_forwarded_pcks  1
[NR_THREAD]     load_conf:      ENTRY: checksum_check  0
[NR_THREAD]     load_conf:      ENTRY: submit_fingerprint  0
[NR_THREAD]     load_conf:      ENTRY: checksum_warning  0
[NR_THREAD]     load_conf:      ENTRY: sniffing_at_startup  1
[NR_THREAD]     load_conf:      ENTRY: geoip_support_enable  1
[NR_THREAD]     load_conf:      ENTRY: gtkui_prefer_dark_theme  0
[NR_THREAD]     load_conf: SECTION: dissectors
[NR_THREAD]     dissect_modify: ftp replaced to 21
[NR_THREAD]     dissect_modify: ssh replaced to 22
[NR_THREAD]     dissect_modify: telnet replaced to 23
[NR_THREAD]     dissect_modify: smtp replaced to 25
[NR_THREAD]     dissect_modify: dns replaced to 53
[NR_THREAD]     dissect_modify: dhcp replaced to 67
[NR_THREAD]     dissect_modify: http replaced to 80
[NR_THREAD]     dissect_modify: ospf replaced to 89
[NR_THREAD]     dissect_modify: pop3 replaced to 110
[NR_THREAD]     dissect_modify: vrrp replaced to 112
[NR_THREAD]     dissect_modify: nntp replaced to 119
[NR_THREAD]     dissect_modify: smb replaced to 139
[NR_THREAD]     dissect_modify: smb added on 445
[NR_THREAD]     dissect_modify: imap replaced to 143
[NR_THREAD]     dissect_modify: imap added on 220
[NR_THREAD]     dissect_modify: snmp replaced to 161
[NR_THREAD]     dissect_modify: bgp replaced to 179
[NR_THREAD]     dissect_modify: ldap replaced to 389
[NR_THREAD]     sslw_dissect_move: https [443]
[NR_THREAD]     dissect_modify: https replaced to 443
[NR_THREAD]     sslw_dissect_move: ssmtp [465]
[NR_THREAD]     dissect_modify: ssmtp replaced to 465
[NR_THREAD]     dissect_modify: rlogin replaced to 512
[NR_THREAD]     dissect_modify: rlogin added on 513
[NR_THREAD]     dissect_modify: rip replaced to 520
[NR_THREAD]     sslw_dissect_move: nntps [563]
[NR_THREAD]     dissect_modify: nntps replaced to 563
[NR_THREAD]     sslw_dissect_move: ldaps [636]
[NR_THREAD]     dissect_modify: ldaps replaced to 636
[NR_THREAD]     sslw_dissect_move: telnets [992]
[NR_THREAD]     dissect_modify: telnets replaced to 992
[NR_THREAD]     sslw_dissect_move: imaps [993]
[NR_THREAD]     dissect_modify: imaps replaced to 993
[NR_THREAD]     sslw_dissect_move: ircs [994]
[NR_THREAD]     dissect_modify: ircs replaced to 994
[NR_THREAD]     sslw_dissect_move: pop3s [995]
[NR_THREAD]     dissect_modify: pop3s replaced to 995
[NR_THREAD]     dissect_modify: socks replaced to 1080
[NR_THREAD]     dissect_modify: radius replaced to 1645
[NR_THREAD]     dissect_modify: radius added on 1646
[NR_THREAD]     dissect_modify: msn replaced to 1863
[NR_THREAD]     dissect_modify: cvs replaced to 2401
[NR_THREAD]     dissect_modify: mysql replaced to 3306
[NR_THREAD]     dissect_modify: icq replaced to 5190
[NR_THREAD]     dissect_modify: ymsg replaced to 5050
[NR_THREAD]     dissect_modify: mdns replaced to 5353
[NR_THREAD]     dissect_modify: vnc replaced to 5900
[NR_THREAD]     dissect_modify: vnc added on 5901
[NR_THREAD]     dissect_modify: vnc added on 5902
[NR_THREAD]     dissect_modify: vnc added on 5903
[NR_THREAD]     dissect_modify: x11 replaced to 6000
[NR_THREAD]     dissect_modify: x11 added on 6001
[NR_THREAD]     dissect_modify: x11 added on 6002
[NR_THREAD]     dissect_modify: x11 added on 6003
[NR_THREAD]     dissect_modify: irc replaced to 6666
[NR_THREAD]     dissect_modify: irc added on 6667
[NR_THREAD]     dissect_modify: irc added on 6668
[NR_THREAD]     dissect_modify: irc added on 6669
[NR_THREAD]     dissect_modify: gg replaced to 8074
[NR_THREAD]     sslw_dissect_move: proxy [8080]
[NR_THREAD]     dissect_modify: proxy replaced to 8080
[NR_THREAD]     dissect_modify: rcon replaced to 27015
[NR_THREAD]     dissect_modify: rcon added on 27960
[NR_THREAD]     dissect_modify: ppp replaced to 34827
[NR_THREAD]     dissect_modify: TN3270 replaced to 23
[NR_THREAD]     dissect_modify: TN3270 added on 992
[NR_THREAD]     load_conf: SECTION: curses
[NR_THREAD]     load_conf:      ENTRY: color_bg  0
[NR_THREAD]     load_conf:      ENTRY: color_fg  7
[NR_THREAD]     load_conf:      ENTRY: color_join1  2
[NR_THREAD]     load_conf:      ENTRY: color_join2  4
[NR_THREAD]     load_conf:      ENTRY: color_border  7
[NR_THREAD]     load_conf:      ENTRY: color_title  3
[NR_THREAD]     load_conf:      ENTRY: color_focus  6
[NR_THREAD]     load_conf:      ENTRY: color_menu_bg  4
[NR_THREAD]     load_conf:      ENTRY: color_menu_fg  7
[NR_THREAD]     load_conf:      ENTRY: color_window_bg  4
[NR_THREAD]     load_conf:      ENTRY: color_window_fg  7
[NR_THREAD]     load_conf:      ENTRY: color_selection_bg  6
[NR_THREAD]     load_conf:      ENTRY: color_selection_fg  6
[NR_THREAD]     load_conf:      ENTRY: color_error_bg  1
[NR_THREAD]     load_conf:      ENTRY: color_error_fg  3
[NR_THREAD]     load_conf:      ENTRY: color_error_border  3
[NR_THREAD]     load_conf: SECTION: strings
[NR_THREAD]     load_conf:      ENTRY: utf8_encoding  [ISO-8859-1]
[NR_THREAD]     load_conf:      ENTRY: remote_browser  [xdg-open http://%host%url]
[NR_THREAD]     load_conf:      ENTRY: geoip_data_file  [/usr/local/share/GeoIP/GeoIP.dat]
[NR_THREAD]     load_conf:      ENTRY: geoip_data_file_v6  [/usr/local/share/GeoIP/GeoIPv6.dat]
[NR_THREAD]     main -- here we go !!
[NR_THREAD]     ec_thread_register -- [139657256184064] init
[     init]     signal_handler activated
[     init]     parse_options -- [0] [./src/ettercap]
[     init]     parse_options -- [1] [-G]
[     init]     parse_options -- [2] [-w]
[     init]     parse_options -- [3] [packets2.pcap]
[     init]     select_gtk_interface
[     init]     GTK3 -> gtk+3 3.24.22

[     init]     parse_options: options parsed
[     init]     compile_target TARGET: ///
[     init]     MAC  : []
[     init]     IP   : []
[     init]     IPv6 : []
[     init]     PORT : []
[     init]     compile_target TARGET: ///
[     init]     MAC  : []
[     init]     IP   : []
[     init]     IPv6 : []
[     init]     PORT : []
[     init]     parse_options: targets parsed
[     init]     set_unified_sniff
[     init]     parse_options: options combination looks good
[     init]     capture_getifs
[     init]     capture_getifs: [eth0] eth0
[     init]     capture_getifs: [lo] Local Loopback
[     init]     capture_getifs: [wlan0] wlan0
[     init]     ui_init
[     init]     gtkui_init
[     init]     gtkui_conf_read: /root/.config/ettercap_gtk
[     init]     gtkui_setup
[     init]      !!! SEGMENTATION FAULT !!!

cat gdb_output.txt 
sudo gdb ettercap core
GNU gdb (Gentoo 9.2 vanilla) 9.2
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://bugs.gentoo.org/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ettercap...
(No debugging symbols found in ettercap)
[New LWP 13612]
Core was generated by `./src/ettercap -G -w packets2.pcap'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f047ec52f50 in ?? ()
(gdb) bt
#0  0x00007f047ec52f50 in ?? ()
#1  0x000055b8fce7ca60 in ?? ()
#2  0x00007f047eccc561 in ?? ()
#3  0x0000000000012748 in ?? ()
#4  0x000000001e10acdb in ?? ()
#5  0x000055b8fcd0f560 in ?? ()
#6  0x000055b8fcd10a70 in ?? ()
#7  0x00007fff5cc42590 in ?? ()
#8  0x000055b8fcd0f560 in ?? ()
#9  0x00007fff5cc426d0 in ?? ()
#10 0x00007f047ef22655 in ?? ()
#11 0x00007fff5cc425a0 in ?? ()
#12 0x00007f047f40bf5f in ?? ()
#13 0x00007fff5cc425b0 in ?? ()
#14 0x00007f047f3f07f0 in ?? ()
#15 0x00007fff5cc425e0 in ?? ()
#16 0x000055b8fcd1084c in ?? ()
#17 0x00007fff5cc426d8 in ?? ()
#18 0x00000004fcd0f560 in ?? ()
#19 0x00007fff5cc426d0 in ?? ()
#20 0x000055b8fcd10a70 in ?? ()
#21 0x0000000000000000 in ?? ()
(gdb) quit

and the -w pcap file was not created

[koeppea]

Hi, can you please re-compile with the cmake flag -DCMAKE_BUILD_TYPE=Debug set? Otherwise your core file is useless. if the error re-occurs, can you please provide the core file.

I've tried to reproduce, but in my case it's always starting w/o an issue.

[blshkv]

The thing is I did compile it with this setting. Double checked it, /ettercap/build/CMakeCache.txt has it set:

//Choose the type of build, options are: None Debug Release RelWithDebInfo
CMAKE_BUILD_TYPE:STRING=Debug
CMAKE_C_FLAGS_DEBUG:STRING=-O0 -ggdb3 -DDEBUG -fno-common -Wall -Wno-pointer-sign -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wextra -Wredundant-decls
CMAKE_C_FLAGS_MINSIZEREL:STRING=-Os -DNDEBUG
CMAKE_C_FLAGS_RELWITHDEBINFO:STRING=-O2 -g -DNDEBUG
//Flags used by the linker during DEBUG builds.
CMAKE_EXE_LINKER_FLAGS_DEBUG:STRING=
// DEBUG builds.
CMAKE_MODULE_LINKER_FLAGS_DEBUG:STRING=
// during DEBUG builds.
CMAKE_SHARED_LINKER_FLAGS_DEBUG:STRING=
// during DEBUG builds.
CMAKE_STATIC_LINKER_FLAGS_DEBUG:STRING=
// during the make.  This is useful for debugging only. With Visual
FREETYPE_LIBRARY_DEBUG:FILEPATH=FREETYPE_LIBRARY_DEBUG-NOTFOUND
ZLIB_LIBRARY_DEBUG:FILEPATH=ZLIB_LIBRARY_DEBUG-NOTFOUND
//ADVANCED property for variable: CMAKE_C_FLAGS_DEBUG
CMAKE_C_FLAGS_DEBUG-ADVANCED:INTERNAL=1
//ADVANCED property for variable: CMAKE_EXE_LINKER_FLAGS_DEBUG
CMAKE_EXE_LINKER_FLAGS_DEBUG-ADVANCED:INTERNAL=1
//ADVANCED property for variable: CMAKE_MODULE_LINKER_FLAGS_DEBUG
CMAKE_MODULE_LINKER_FLAGS_DEBUG-ADVANCED:INTERNAL=1
//ADVANCED property for variable: CMAKE_SHARED_LINKER_FLAGS_DEBUG
CMAKE_SHARED_LINKER_FLAGS_DEBUG-ADVANCED:INTERNAL=1
//ADVANCED property for variable: CMAKE_STATIC_LINKER_FLAGS_DEBUG
CMAKE_STATIC_LINKER_FLAGS_DEBUG-ADVANCED:INTERNAL=1
//ADVANCED property for variable: FREETYPE_LIBRARY_DEBUG
FREETYPE_LIBRARY_DEBUG-ADVANCED:INTERNAL=1
//ADVANCED property for variable: ZLIB_LIBRARY_DEBUG
ZLIB_LIBRARY_DEBUG-ADVANCED:INTERNAL=1```

[koeppea]

OK thanks. Maybe the limit for the coredump is too low. Could you please issue the following command (as root) before you reproduce the issue that generates the core file:

ulimit -c unlimited

Please also note, that the core file will be uniquely named. So more recent core files may not be named core but core.1 or simlar. Please check the timestamp to select the correct and latest core dump.

[blshkv]

nop, no help. I set both set ec_uid to 0 and ulimit -c unlimited. The bt output still "blank" I'm using gcc-9.3.0

Any other ideas?

[LocutusOfBorg]

use gdb to start it? :)

[blshkv]

sudo gdb --args ./src/ettercap -G
GNU gdb (Gentoo 9.2 vanilla) 9.2
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://bugs.gentoo.org/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./src/ettercap...
(gdb) run
Starting program: /home/user/Downloads/ettercap/build/src/ettercap -G
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".

ettercap 0.8.4-rc copyright 2001-2020 Ettercap Development Team

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff77bef50 in g_type_check_instance_cast () from /usr/lib64/libgobject-2.0.so.0
(gdb) bt
#0  0x00007ffff77bef50 in g_type_check_instance_cast () at /usr/lib64/libgobject-2.0.so.0
#1  0x00007ffff7a8e655 in gtkui_init () at /home/user/Downloads/ettercap/src/interfaces/gtk3/ec_gtk3.c:286
#2  0x00007ffff7f77f5f in ui_init () at /home/user/Downloads/ettercap/src/ec_ui.c:51
#3  0x00007ffff7f5c7f0 in libettercap_ui_init () at /home/user/Downloads/ettercap/src/ec_libettercap.c:54
#4  0x000055555555884c in main (argc=2, argv=0x7fffffffe518) at /home/user/Downloads/ettercap/src/ec_main.c:97

[blshkv]

just in case if you need it, libgobject is part of glib which is compiled with the following options: [ebuild R ] dev-libs/glib-2.64.5:2::gentoo USE="dbus (mime) xattr -debug -fam -gtk-doc (-selinux) -static-libs -systemtap -test -utils" ABI_X86="32 (64) (-x32)" 4,667 KiB ("-" means not enabled)

[blshkv]

https://stackoverflow.com/questions/30563399/segmentation-fault-gtk-application

[koeppea]

Thanks for the hints. You're running it on a Gentoo?

[blshkv]

Yes, correct. I also use the hardened profile