search

Gromskyj / libcrafter

Automatically exported from code.google.com/p/libcrafter
0 stars 0 forks source link

libcrafter crashes when calling Packet::PacketFromIP on an ICMP raw_layer #8

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Download the attached code (trace_sniffer.cpp)
2. Compile it, run it as 'sudo ./trace_sniffer www.google.com 80'

What is the expected output? What do you see instead?

The expected output is:
----
Tracing www.google.com (74.125.224.49) at 80...
1 10.0.0.1 10.0.0.1 10.0.0.1 
2 192.168.7.254 192.168.7.254 192.168.7.254 
3 108.94.24.3 108.94.24.3 108.94.24.3 
4 * * *
5 * * *
6 12.83.39.141 12.83.39.141 * 
7 * * *
8 * * *
9 * * *
10 12.122.114.21 12.249.231.14 12.249.231.14 
11 * * *
12 209.85.249.3 209.85.249.3 * 
13 74.125.224.49 * * 
----

Instead, I see:

----
Tracing www.google.com (74.125.224.148) at 80...
terminate called after throwing an instance of 'std::bad_alloc'
  what():  std::bad_alloc

Program received signal SIGABRT, Aborted.
----

What version of the product are you using? On what operating system?

Latest (HEAD), on Ubuntu 11.10.

Please provide any additional information below.

I also attached a packet capture from the program running. Also, running 
'backtrace' on gdb gives me the following stack:

----
#0  0x00130416 in __kernel_vsyscall ()
#1  0x002d4c8f in raise () from /lib/i386-linux-gnu/libc.so.6
#2  0x002d82b5 in abort () from /lib/i386-linux-gnu/libc.so.6
#3  0x0024f4ed in __gnu_cxx::__verbose_terminate_handler() () from 
/usr/lib/i386-linux-gnu/libstdc++.so.6
#4  0x0024d283 in ?? () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#5  0x0024d2bf in std::terminate() () from 
/usr/lib/i386-linux-gnu/libstdc++.so.6
#6  0x0024d40e in __cxa_throw () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#7  0x0024da2f in operator new(unsigned int) () from 
/usr/lib/i386-linux-gnu/libstdc++.so.6
#8  0x0024dafb in operator new[](unsigned int) () from 
/usr/lib/i386-linux-gnu/libstdc++.so.6
#9  0x00180df0 in inflate (increase=-12, this=0xb7bf2140) at 
crafter/Payload.cpp:37
#10 Crafter::Payload::inflate (this=0xb7bf2140, increase=-12) at 
crafter/Payload.cpp:34
#11 0x00180e7e in Crafter::Payload::SetPayload (this=0xb7bf2140, data=0x805f314 
"", ndata=4294967284) at crafter/Payload.cpp:76
#12 0x00175545 in Crafter::Layer::SetPayload (this=0xb7bf20f8, data=0x805f314 
"", ndata=-12) at crafter/Layer.cpp:381
#13 0x0017842f in Crafter::Packet::PacketFromIP (this=0xb7bf21d0, 
data=0x805f2e0 "E") at crafter/Packet.cpp:372
#14 0x001788a7 in Crafter::Packet::PacketFromIP (this=0xb7bf21d0, data=...) at 
crafter/Packet.cpp:587
#15 0x08049deb in packetHandler (packet=0xb7bf2248, user=0x0) at 
trace_sniffer.cpp:30
#16 0x00181e07 in process_packet (user=0x8057a30 "", header=0xb7bf22b4, 
packet=0xb7c03046 "\b") at crafter/Sniffer.cpp:59
#17 0x00446d44 in ?? () from /usr/lib/i386-linux-gnu/libpcap.so.0.8
#18 0x00449651 in pcap_loop () from /usr/lib/i386-linux-gnu/libpcap.so.0.8
#19 0x00182432 in Crafter::Sniffer::Capture (this=0xbffff5ac, count=0, 
user=0x6) at crafter/Sniffer.cpp:287
#20 0x0018254b in SpawnThread (thread_arg=0x8059318) at crafter/Sniffer.cpp:303
#21 0x0042bd31 in start_thread () from /lib/i386-linux-gnu/libpthread.so.0
#22 0x0037a46e in clone () from /lib/i386-linux-gnu/libc.so.6
----

Original issue reported on code.google.com by brunon...@brunonery.com on 25 Apr 2012 at 6:17

Attachments:

GoogleCodeExporter commented 8 years ago

Original comment by pellegre...@gmail.com on 25 Apr 2012 at 6:48

GoogleCodeExporter commented 8 years ago 
I update the current tree, let me know if the function works properly now.

Thanks!

Original comment by pellegre...@gmail.com on 25 Apr 2012 at 7:42

GoogleCodeExporter commented 8 years ago 
Fix works for me. Thanks!

Original comment by brunon...@brunonery.com on 25 Apr 2012 at 7:48

GoogleCodeExporter commented 8 years ago

Original comment by pellegre...@gmail.com on 25 Apr 2012 at 7:50