segmentation fault

[aaronbond]

hello

i have this data in a file called raw.txt

100100010101110000011010101100000001101011001001000110111101 100100010101110000011010101101000001101010011110111110011100 100100010101110000010000111100000001101001000110110001101100 100100010101110000000110111101000001100001000110011000000101

the first 52 bits are the data and the last 8 are the crc i believe

however running the command

./bruteforce-crc --width 8 --start 0 --end 52 --offs-crc 52 --file raw.txt

gives me a Segmentation fault

any idea what i'm doing wrong? (be gentle i'm very new)

[sitsec]

Hello Aaron,

Thank you very much for your notification. This looks like a programming bug. Recently, there were several changes. A quick solution would be to checkout an older version using 'git checkout e8f2d8fadcf5cc9c08c305717426463265654f44', run a 'make clean && rm -r CMakeCache.txt' and then rebuild the code. It should work than.

Best regards,

Martin

[aaronbond]

now i get

bruteforce-crc: /usr/include/boost/dynamic_bitset/dynamic_bitset.hpp:965: bool boost::dynamic_bitset<Block, Allocator>::test(boost::dynamic_bitset<Block, Allocator>::size_type) const [with Block = long unsigned int; Allocator = std::allocator; boost::dynamic_bitset<Block, Allocator>::size_type = long unsigned int]: Assertion `pos < m_num_bits' failed. Aborted (core dumped)

[sitsec]

Hello Aaron,

I checked your first situation as it makes more sense to debug the newest version than an old one. I tried to reproduce the crash, but I can't reproduce it. My version does not crash. Anyway, I added some code, for example to check, if the input file exists. Something is different on your system.

If you want to use the latest version, please checkout the latest commit. Please do not forget a 'git pull'. The code has now one dependency more. Thus, please install libboost-filesystem-dev and run the build process again. When you have a compiled version, please start bruteforce-crc in a debugger such as:

$ gdb bruteforce-crc [...]

(gdb) run --verbose 1 --width 8 --start 0 --end 52 --offs-crc 52 --file raw.txt

Please note the '--verbose 1'. If it crashes, please paste the full output.

Best regards,

Martin

[aaronbond]

thanks a lot, maybe i made a mistake compiling it? i'm not sure. i just installed the dependencies with apt-get ran cmake . and then make.

here'es the result of my run:

(gdb) run --verbose 1 --width 8 --start 0 --end 52 --offs-crc 52 --file raw.txt Starting program: /mnt/c/Users/aaron/Desktop/bruteforce-crc/bruteforce-crc --verbose 1 --width 8 --start 0 --end 52 --offs-crc 52 --file raw.txt warning: Error disabling address space randomisation: Success [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault. read_file (file="raw.txt", offset_message=offset_message@entry=0, message_length=message_length@entry=52, offset_crc=offset_crc@entry=52, crc_length=crc_length@entry=8, verbose=verbose@entry=true) at /mnt/c/Users/aaron/Desktop/bruteforce-crc/bruteforce-crc.cc:80 80 resized_msg[bit++] = msg[i]; (gdb)

[aaronbond]

out of curiosity did you get any results with my data?

[sitsec]

Ok, I am sure, I got it. Probably, your input file contains empty lines, which the parser failed to process. Now, the parser issues a warning and ignores malformed lines. Can you retest, please?

I found no model for your input, but I did not tried all parameters.

What I find suspicious is the CRC offset 52, which is not byte aligned. The bruteforcer does not requires CRCs to be placed at full byte boundaries. Nevertheless, it is quite unusual, if the CRC starts at offset 6.5 in bytes. I would guess, that you have either a CRC 16 or a CRC 8, starting at offset 48 or 56 respectively.

Best regards,

Martin

[martynp]

Hey Martin, I was going to do a pull request next week for the updates I have made since last time. I will merge your changes before a do. The latest code is on my fork.

[aaronbond]

i made sure not to have empty lines in my input file. i'll try compiling on a different machine

[martynp]

Aaron - I would be interested in helping with the problem if you would care share more information (can do it via email if you'd like).

[aaronbond]

sure, thanks for the offer.

aaron.r.bond@gmail.com

[sitsec]

After a lot of recent changes and finally after merging code from Martyn, I like to close this issue. I did not stumbled upon further segfaults. If I am wrong, please let me know.