net-misc/tcpick-0.2.1 segmentation fault amd64

[GoogleCodeExporter]

What steps will reproduce the problem?
1. tcpick -r real_life_pcap_file -C
2. tcpick -r real_life_pcap_file -yP "port 80"

What is the expected output? What do you see instead?
no segmentaion fault :-)

issue is fixed with the attached patch file.

Original issue reported on code.google.com by josc...@googlemail.com on 12 Jan 2014 at 4:31

Attachments:

• tcpick_0.2.1-amd.patch

[GoogleCodeExporter]

this software hasn't been updated since 2005. 

I found 5 other patches in other distros:
http://rpmfind.net/linux/rpm2html/search.php?query=tcpick

However, you patch is not there. Can you point the source for it? Is it in the 
upstream bugzilla?

Can we replace that outdated tool with a more recent one?
https://isc.sans.edu/diary/Tools+for+extracting+files+from+pcaps/6961

Original comment by blshkv on 13 Jan 2014 at 1:38

[GoogleCodeExporter]

I know this tool is old and upstream seems to be dead. I used it several years 
ago and found it useful. Last week I got some really big capture files - 
wireshark and others were too slow or too big for my needs, so I thought to try 
it with tcpick before implementing my own pcap-processing tool.

The tcpick_02.1-amd.patch is only a first step. It still crashes with certain 
packets in the pcap-files (when the computed payload gets a negative size). 
Therefore I have to attach a second patch-file which fixes this little issue.

Original comment by josc...@googlemail.com on 14 Jan 2014 at 12:34

Attachments:

• tcpick_0.2.1-shortpkts.patch

[GoogleCodeExporter]

ok, so I'm ok to patch it, however let's apply your patches after these 
existing one.

Currently, there is a conflict with your first patch:

 * Applying tcpick-0.2.1-CVE-2006-0048.patch ...                                                             [ ok ]
 * Applying tcpick-0.2.1-ppc.patch ...                                                                       [ ok ]
 * Applying tcpick-0.2.1-cpu-loop.patch ...                                                                  [ ok ]
 * Applying tcpick-0.2.1-timezone.patch ...                                                                  [ ok ]
 * Applying tcpick-0.2.1-pointers.patch ...                                                                  [ ok ]
 * Applying tcpick_0.2.1-shortpkts.patch ...                                                                 [ ok ]
 * Applying tcpick_0.2.1-amd.patch ...

 * Failed Patch: tcpick_0.2.1-amd.patch !

could you take a look?

Original comment by blshkv on 14 Jan 2014 at 12:52

[GoogleCodeExporter]

This is the new ebuild with all patches:
https://code.google.com/p/pentoo/source/detail?r=5366

The broken patch is commented out for now

Original comment by blshkv on 14 Jan 2014 at 1:03

[GoogleCodeExporter]

After looking at the other patches it's obvious why tcpick_0.2.1-amd.patch is 
not applicable because it does nearly the same. 
Either apply 
 tcpick-0.2.1-CVE-2006-0048.patch, 
 tcpick-0.2.1-ppc.patch, 
 tcpick-0.2.1-cpu-loop.patch,
 tcpick-0.2.1-timezone.patch,
 tcpick-0.2.1-pointers.patch
or 
 tcpick_0.2.1-amd.patch
but not both.

Original comment by josc...@googlemail.com on 14 Jan 2014 at 11:43

[GoogleCodeExporter]

Can you try -r1 (committed above) and check if the problem is fixed?

We will need to backport the patch if it is still required

Original comment by blshkv on 15 Jan 2014 at 2:33

[GoogleCodeExporter]

ping? Can you test it please so we could close the bug report?

Original comment by blshkv on 20 Jan 2014 at 1:54

[GoogleCodeExporter]

Original comment by blshkv on 20 Jan 2014 at 1:54

• Changed state: Started

[GoogleCodeExporter]

I tested "-r1". 
The output is exactly the same as with my initial build and no segmentation 
fault any longer.

Original comment by josc...@googlemail.com on 21 Jan 2014 at 12:29

[GoogleCodeExporter]

great! Thanks for reporting and testing.

Original comment by blshkv on 21 Jan 2014 at 12:31

• Changed state: Fixed