search

certego / fw1-loggrabber

FW1-Loggrabber is a command-line tool to grab logfiles from remote Checkpoint devices using OPSEC LEA (Log Export API)
GNU General Public License v2.0
52 stars 35 forks source link

Crashing when using syslog, core dump generated #3

Open tuckner opened 9 years ago

tuckner commented 9 years ago

Trying to use the syslog component of this. When switched on, loggrabber is crashing.

Centos 6.6 32 bit

Program terminated with signal 11, Segmentation fault.
#0 0x006549ef in __strlen_ia32 () from /lib/libc.so.6

(gdb) bt
#0 0x006549ef in __strlen_ia32 () from /lib/libc.so.6
#1 0x0061f23f in vfprintf () from /lib/libc.so.6
#2 0x006b9e56 in __vsyslog_chk () from /lib/libc.so.6
#3 0x006b9fd7 in syslog () from /lib/libc.so.6
#4 0x080579d8 in submit_syslog (
message=0x8c42d60 "*log redacted*"...) at fw1-loggrabber.c:4704
#5 0x08058f16 in leaRecordProcessor (data=0x0) at fw1-loggrabber.c:5293
#6 0x0077ab39 in start_thread () from /lib/libpthread.so.0
#7 0x006bdc2e in clone () from /lib/libc.so.6

Can provide core.

adepasquale commented 9 years ago

Thanks for reporting the crash. Unfortunately version 2.0 of FW1-LogGrabber has never been tested under 32 bit architectures.

I'd be happy to have a look at your core dump, you can find my email here.

WsH89 commented 9 years ago

has this been updated?

adepasquale commented 8 years ago

@WsH89 no updates, cannot reproduce because I don't have a 32bit environment.

In the meantime you could use a workaround like: fw1 writes to a local file, then the local syslog daemon reads that file and eventually sends it to a remote syslog server. You might also need to set OUTPUT_FILE_ROTATESIZE to zero and configure logrotate with copytruncate enabled.