search

gustavo-iniguez-goya / opensnitch

OpenSnitch is a GNU/Linux application firewall
GNU General Public License v3.0
395 stars 20 forks source link

Runtime Error / Invalid Memory Address or Nil Pointer Dereference #144

Closed mefromthepast closed 2 years ago

mefromthepast commented 2 years ago

Hi there!

Description On archlinux, opensnitch segfaults most times on startup. However, it has worked once after it had not worked before. Did not work again after reboot.

To Reproduce Use archlinx and opensnitch with the following versions from aur:

Terminal input and error logs: (1) via journalctl for sudo systemctl start opensnitchd (after it was stopped / disabled)

opensnitchd[46701]: panic: runtime error: invalid memory address or nil pointer dereference
opensnitchd[46701]: [signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x55e38b646b4c]
opensnitchd[46701]: goroutine 1 [running]:
opensnitchd[46701]: github.com/iovisor/gobpf/elf.(*Module).UpdateElement.func1(0x7f9941361128?, 0x55e38b4410a2?, 0x7f996bbe3878?, 0x10?, 0xc001008000?)
opensnitchd[46701]:         github.com/iovisor/gobpf@v0.2.0/elf/table.go:75 +0x2c
opensnitchd[46701]: github.com/iovisor/gobpf/elf.(*Module).UpdateElement(0x55e38ba3b3a0?, 0xc0013a47b0?, 0x55e38b8e523e?, 0xa?, 0xc000f97b80?)
opensnitchd[46701]:         github.com/iovisor/gobpf@v0.2.0/elf/table.go:80 +0x59
opensnitchd[46701]: github.com/evilsocket/opensnitch/daemon/procmon/ebpf.Start()
opensnitchd[46701]:         github.com/evilsocket/opensnitch/daemon/procmon/ebpf/ebpf.go:93 +0x56d
opensnitchd[46701]: github.com/evilsocket/opensnitch/daemon/procmon/monitor.Init()
opensnitchd[46701]:         github.com/evilsocket/opensnitch/daemon/procmon/monitor/init.go:61 +0x65
opensnitchd[46701]: github.com/evilsocket/opensnitch/daemon/procmon/monitor.ReconfigureMonitorMethod({0xc001240014, 0x4})
opensnitchd[46701]:         github.com/evilsocket/opensnitch/daemon/procmon/monitor/init.go:29 +0x6c
opensnitchd[46701]: github.com/evilsocket/opensnitch/daemon/ui.(*Client).loadConfiguration(0xc00108d200, {0xc001081200, 0x169, 0x200})
opensnitchd[46701]:         github.com/evilsocket/opensnitch/daemon/ui/config.go:100 +0x285
opensnitchd[46701]: github.com/evilsocket/opensnitch/daemon/ui.(*Client).loadDiskConfiguration(0xc00108d200, 0x0)
opensnitchd[46701]:         github.com/evilsocket/opensnitch/daemon/ui/config.go:52 +0x10a
opensnitchd[46701]: github.com/evilsocket/opensnitch/daemon/ui.NewClient({0x0, 0x0}, 0xc0012268f0, 0xc00007e6c0)
opensnitchd[46701]:         github.com/evilsocket/opensnitch/daemon/ui/client.go:82 +0x114
opensnitchd[46701]: main.main()
opensnitchd[46701]:         github.com/evilsocket/opensnitch/daemon/main.go:382 +0x62f
audit: BPF prog-id=0 op=UNLOAD
audit: BPF prog-id=0 op=UNLOAD
audit: BPF prog-id=0 op=UNLOAD
audit: BPF prog-id=0 op=UNLOAD
audit: BPF prog-id=0 op=UNLOAD
audit: BPF prog-id=0 op=UNLOAD
audit: BPF prog-id=0 op=UNLOAD
systemd[1]: opensnitchd.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
systemd[1]: opensnitchd.service: Failed with result 'exit-code'.

(2) console output for sudo opensnitchd -rules-path /etc/opensnitchd/rules

[2022-09-27 10:03:57]  IMP  Starting opensnitch-daemon v1.5.2
[2022-09-27 10:03:57]  INF  Loading rules from /etc/opensnitchd/rules ...
OK: libnetfiler_queue supports nfq_get_uid
OK: libnetfiler_queue supports nfq_get_uid
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x5583bbd78b4c]

goroutine 1 [running]:
github.com/iovisor/gobpf/elf.(*Module).UpdateElement.func1(0x7fb5f4248850?, 0x5583bbb730a2?, 0x7fb61ebb4108?, 0x10?, 0xc000054c00?)
    github.com/iovisor/gobpf@v0.2.0/elf/table.go:75 +0x2c
github.com/iovisor/gobpf/elf.(*Module).UpdateElement(0x5583bc16d3a0?, 0xc000c626c0?, 0x5583bc01723e?, 0xa?, 0xc00120fb80?)
    github.com/iovisor/gobpf@v0.2.0/elf/table.go:80 +0x59
github.com/evilsocket/opensnitch/daemon/procmon/ebpf.Start()
    github.com/evilsocket/opensnitch/daemon/procmon/ebpf/ebpf.go:93 +0x56d
github.com/evilsocket/opensnitch/daemon/procmon/monitor.Init()
    github.com/evilsocket/opensnitch/daemon/procmon/monitor/init.go:61 +0x65
github.com/evilsocket/opensnitch/daemon/procmon/monitor.ReconfigureMonitorMethod({0xc000bd6084, 0x4})
    github.com/evilsocket/opensnitch/daemon/procmon/monitor/init.go:29 +0x6c
github.com/evilsocket/opensnitch/daemon/ui.(*Client).loadConfiguration(0xc000acf200, {0xc000ab1200, 0x169, 0x200})
    github.com/evilsocket/opensnitch/daemon/ui/config.go:100 +0x285
github.com/evilsocket/opensnitch/daemon/ui.(*Client).loadDiskConfiguration(0xc000acf200, 0x0)
    github.com/evilsocket/opensnitch/daemon/ui/config.go:52 +0x10a
github.com/evilsocket/opensnitch/daemon/ui.NewClient({0x0, 0x0}, 0xc00010eb60, 0xc0008805a0)
    github.com/evilsocket/opensnitch/daemon/ui/client.go:82 +0x114
main.main()
    github.com/evilsocket/opensnitch/daemon/main.go:382 +0x62f

No logs in /var/log/opensnitchd.log except for IMP Start writing logs to /var/log/opensnitchd.log

OS (please complete the following information):

gustavo-iniguez-goya commented 2 years ago

Hi @mefromthepast !

don't use opensnitch-ebpf-module-git 1.6.0 with opensnitch 1.5.2.

Use opensnitch-ebpf-module + opensnitch , or opensnitch-git + opensnitch-ebpf-module-git (note the -git at the end).

mefromthepast commented 2 years ago

Dear @gustavo-iniguez-goya,

I'd thought about that, but then there does not seem to be a maintained version for archlinux that's functional.

yay -sS opensnitch does only report the following (seemlingly incompatible and/or outdated) versions.

aur/opensnitch-ebpf-module 1.4.3-1 (+7 0.92) (Out-of-date: 2022-02-06) 
    eBPF process monitor module for opensnitch
aur/opensnitch-ebpf-module-git 1.6.0rc2.r16.96cccb8-1 (+8 1.17) 
    eBPF process monitor module for opensnitch
aur/opensnitch 1.5.2-1 (+37 1.29) (Installed)
    GNU/Linux port of the Little Snitch application firewall
aur/opensnitch-git 1.5.0.r19.0aef656-1 (+39 1.02) 
    A GNU/Linux port of the Little Snitch application firewall

I guess I'll have to have a more detailed look at the kernel module then. Thanks for the quick response!

gustavo-iniguez-goya commented 2 years ago

try aur/opensnitch-ebpf-module 1.4.3-1 , v1.4.3 was released on Nov. 24, 2021, and latest change to the module was on Sept 23th 2021 0526b84309800269fc7482ac119a577f09aa6903 , so it should work with >= 1.4.3 and <= v1.5.x

mefromthepast commented 2 years ago

Thank you. I could make the -git versions work with a slight adaption using paru and a minor adaption to the PKGBUILD.