with gentoo stock ebuild knocker-0.7.1.. chris@trane ~ $ knocker -H somewhere -P 4444 *** glibc detected *** knocker: munmap_chunk(): invalid pointer: 0x08170b87 *** ======= Backtrace: ========= /lib/libc.so.6[0x47c68c42] knocker[0x804c7a5] ======= Memory map: ======== 08048000-08052000 r-xp 00000000 08:23 4840689 /usr/bin/knocker 08052000-08053000 rw-p 0000a000 08:23 4840689 /usr/bin/knocker 08053000-08191000 rw-p 08053000 00:00 0 [heap] 47236000-47250000 r-xp 00000000 08:23 33720 /lib/ld-2.5.so 47250000-47251000 r--p 00019000 08:23 33720 /lib/ld-2.5.so 47251000-47252000 rw-p 0001a000 08:23 33720 /lib/ld-2.5.so 47c06000-47d26000 r-xp 00000000 08:23 33721 /lib/libc-2.5.so 47d26000-47d28000 r--p 00120000 08:23 33721 /lib/libc-2.5.so 47d28000-47d29000 rw-p 00122000 08:23 33721 /lib/libc-2.5.so 47d29000-47d2c000 rw-p 47d29000 00:00 0 480bf000-480c9000 r-xp 00000000 08:23 1623274 /usr/lib/gcc/i686-pc-linux-gnu/4.1.2/libgcc_s.so.1 480c9000-480ca000 rw-p 00009000 08:23 1623274 /usr/lib/gcc/i686-pc-linux-gnu/4.1.2/libgcc_s.so.1 b7eef000-b7ef0000 rw-p b7eef000 00:00 0 b7f20000-b7f22000 rw-p b7f20000 00:00 0 b7f22000-b7f23000 r-xp b7f22000 00:00 0 [vdso] bf889000-bf8a0000 rw-p bf889000 00:00 0 [stack] Abgebrochen Reproducible: Always I've fixed this, I'll add ebuild + patch via attachments
Created attachment 124888 [details] /usr/local/portage/net-analyzer/knocker/knocker-0.7.1-r1.ebuild
Created attachment 124890 [details, diff] /usr/local/portage/net-analyzer/knocker/files/knocker-0.7.1-free.patch
There seems to be another bug when the host you specify to knocker cannot be resolved - if it can be resolved everything seems to be fine. First case below the address could be resolved, 2nd is problem case.. The open ports count is also a oddity, but help yourself with a | grep open .. ps: I know of nessus, thx ;-) +-----------------------------------------------------------------------------+ |--=| k n o c k e r -- t h e -- n e t -- p o r t s c a n n e r |=-=[ 0.7.1 ]=-| +-----------------------------------------------------------------------------+ - started by user chris on Sun Jul 15 02:56:53 2007 - hostname to scan: google.de - resolved host ip: 66.249.93.104 - - scan from port: 80 - - - scan to port: 80 - - - - scan type: tcp connect +=- - - - - - - - - - - - - - - - - - - - - - - - - - - - - s c a n n i n g - -=[ 80/tcp, http ]=- * OPEN * +=- - - - - - - - - - - - - - - - - - - - - - - - - - - - c o m p l e t e d - - scanned host name: google.de IP: 66.249.93.104 - found 0 open ports in a total of 1 ports scanned. - port scan completed in 0.07 seconds. +-----------------------------------------------------------------------------+ |--=| k n o c k e r -- t h e -- n e t -- p o r t s c a n n e r |=-=[ 0.7.1 ]=-| +-----------------------------------------------------------------------------+ - started by user chris on Sun Jul 15 02:55:50 2007 - failed to resolve given hostname/IP: cannotberesolved - Aborting *** glibc detected *** knocker: double free or corruption (fasttop): 0x081709c0 *** ======= Backtrace: ========= /lib/libc.so.6[0x47c68c42] /lib/libc.so.6(__libc_free+0x87)[0x47c6a2b7] knocker[0x804ac47] knocker[0x804935f] knocker[0x8048c31] ======= Memory map: ======== 08048000-08052000 r-xp 00000000 08:23 4840689 /usr/bin/knocker 08052000-08053000 rw-p 0000a000 08:23 4840689 /usr/bin/knocker 08053000-08191000 rw-p 08053000 00:00 0 [heap] 47236000-47250000 r-xp 00000000 08:23 33720 /lib/ld-2.5.so 47250000-47251000 r--p 00019000 08:23 33720 /lib/ld-2.5.so 47251000-47252000 rw-p 0001a000 08:23 33720 /lib/ld-2.5.so 472ae000-472bc000 r-xp 00000000 08:23 33968 /lib/libresolv-2.5.so 472bc000-472bd000 r--p 0000d000 08:23 33968 /lib/libresolv-2.5.so 472bd000-472be000 rw-p 0000e000 08:23 33968 /lib/libresolv-2.5.so 472be000-472c0000 rw-p 472be000 00:00 0 47c06000-47d26000 r-xp 00000000 08:23 33721 /lib/libc-2.5.so 47d26000-47d28000 r--p 00120000 08:23 33721 /lib/libc-2.5.so 47d28000-47d29000 rw-p 00122000 08:23 33721 /lib/libc-2.5.so 47d29000-47d2c000 rw-p 47d29000 00:00 0 480bf000-480c9000 r-xp 00000000 08:23 1623274 /usr/lib/gcc/i686-pc-linux-gnu/4.1.2/libgcc_s.so.1 480c9000-480ca000 rw-p 00009000 08:23 1623274 /usr/lib/gcc/i686-pc-linux-gnu/4.1.2/libgcc_s.so.1 b7d00000-b7d21000 rw-p b7d00000 00:00 0 b7d21000-b7e00000 ---p b7d21000 00:00 0 b7f23000-b7f24000 rw-p b7f23000 00:00 0 b7f44000-b7f48000 r-xp 00000000 08:23 2818252 /lib/libnss_dns-2.5.so b7f48000-b7f49000 r--p 00003000 08:23 2818252 /lib/libnss_dns-2.5.so b7f49000-b7f4a000 rw-p 00004000 08:23 2818252 /lib/libnss_dns-2.5.so b7f4a000-b7f52000 r-xp 00000000 08:23 2818254 /lib/libnss_files-2.5.so b7f52000-b7f53000 r--p 00007000 08:23 2818254 /lib/libnss_files-2.5.so b7f53000-b7f54000 rw-p 00008000 08:23 2818254 /lib/libnss_files-2.5.so b7f54000-b7f56000 rw-p b7f54000 00:00 0 b7f56000-b7f57000 r-xp b7f56000 00:00 0 [vdso] bfbd7000-bfbee000 rw-p bfbd7000 00:00 0 [stack] Abgebrochen
BUG reopened, action required.. (add ebuild+patch) (it has probably not been looked at, since I entered RESOLVED FIXED state, duh ;-) Regards..
emerge --info please.
What for? I mean, this is no request for help or something and the source of the problem should be clear enough with the debug trace - I am going to supplement the patch for the bug that remains soon, but due to my patch that is already in, the program is at least usable on current gentoo.. So I am not asking for help on the issue that remains, but to put my ebuild+patch into portage so others can benefit.. Regards, cmuelle8
In case you keep insisting.. # paludis --info paludis 0.24.5 Built by paludisbuild@coltrane on 2007-07-15T15:01:41+0200 CXX: i686-pc-linux-gnu-g++ 4.1.2 20070214 ( (gdc 0.23, using dmd 1.007)) (Gentoo 4.1.2) CXXFLAGS: -march=k8 -msse3 -O2 -pipe -fomit-frame-pointer LDFLAGS: DATADIR: /usr/share LIBDIR: /usr/lib LIBEXECDIR: /usr/libexec SYSCONFDIR: /etc stdlib: GNU libstdc++ 20070214 libebt: 1.3.0 libwrapiter: 1.0.0 sandbox: enabled Repository virtuals: Configuration information: format: virtuals Repository installed_virtuals: Configuration information: format: installed_virtuals Repository gentoo: Configuration information: buildroot: /var/tmp/paludis cache: /var/lib/paludis/repositories/gentoo/metadata/cache distdir: /var/lib/paludis/distfiles eclassdirs: /var/lib/paludis/repositories/gentoo/eclass format: ebuild location: /var/lib/paludis/repositories/gentoo names_cache: /var/lib/paludis/repositories/gentoo/.cache/names newsdir: /var/lib/paludis/repositories/gentoo/metadata/news pkgdir: /var/lib/paludis/repositories/gentoo/packages profiles: /var/lib/paludis/repositories/gentoo/profiles/default-linux/x86/2007.0 securitydir: /var/lib/paludis/repositories/gentoo/metadata/glsa setsdir: /var/lib/paludis/repositories/gentoo/sets sync: rsync://rsync.gentoo.org/gentoo-portage sync_options: write_cache: /var/lib/paludis/repositories/gentoo/.cache Package information: app-admin/eselect-compiler: (none) dev-java/java-config: 1.3.7, 2.0.33-r1 dev-lang/python: 2.4.4-r4 dev-python/pycrypto: 2.0.1-r6 dev-util/ccache: (none) dev-util/confcache: (none) sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.23b virtual/os-headers: 2.6.22-r2 Variable information: ACCEPT_KEYWORDS: AUTOCLEAN: CBUILD: i686-pc-linux-gnu CFLAGS: -march=k8 -msse3 -O2 -pipe -fomit-frame-pointer CHOST: i686-pc-linux-gnu CONFIG_PROTECT: /sbin CONFIG_PROTECT_MASK: CTARGET: CXXFLAGS: -march=k8 -msse3 -O2 -pipe -fomit-frame-pointer DISTDIR: /var/lib/paludis/distfiles FEATURES: GENTOO_MIRRORS: INSTALL_MASK: LANG: LC_ALL: LDFLAGS: LINGUAS: MAKEOPTS: -j3 PKGDIR: PORTAGE_COMPRESS: PORTAGE_COMPRESS_FLAGS: PORTAGE_RSYNC_EXTRA_OPTS: PORTAGE_RSYNC_OPTS: PORTAGE_TMPDIR: /var/tmp/paludis PORTDIR: /var/lib/paludis/repositories/gentoo PORTDIR_OVERLAY: SYNC: USE:
patch added as 0.7.1-r1 in CVS, thanks :=)
Please, even though the test was done on amd64, reopen this one. I fail to see how the attached patch fixes anything. Demonstration: garden k # knocker -H foobar -P 4444 *** glibc detected *** knocker: free(): invalid pointer: 0x00000000007d35a7 *** ======= Backtrace: ========= /lib/libc.so.6[0x37eb0a106aad] /lib/libc.so.6(cfree+0x76)[0x37eb0a108796] knocker[0x40453d] knocker[0x404766] knocker[0x40125e] /lib/libc.so.6(__libc_start_main+0xf4)[0x37eb0a0b7b74] knocker[0x401139] ======= Memory map: ======== 00400000-0040b000 r-xp 00000000 fd:00 1148524 /usr/bin/knocker 0060a000-0060b000 r--p 0000a000 fd:00 1148524 /usr/bin/knocker 0060b000-0060c000 rw-p 0000b000 fd:00 1148524 /usr/bin/knocker 0060c000-007f3000 rw-p 0060c000 00:00 0 [heap] 37eb09e68000-37eb09e83000 r-xp 00000000 08:01 47467 /lib64/ld-2.6.1.so 37eb0a082000-37eb0a083000 r--p 0001a000 08:01 47467 /lib64/ld-2.6.1.so 37eb0a083000-37eb0a084000 rw-p 0001b000 08:01 47467 /lib64/ld-2.6.1.so 37eb0a084000-37eb0a086000 rw-p 37eb0a084000 00:00 0 37eb0a09a000-37eb0a1d0000 r-xp 00000000 08:01 47472 /lib64/libc-2.6.1.so 37eb0a1d0000-37eb0a3cf000 ---p 00136000 08:01 47472 /lib64/libc-2.6.1.so 37eb0a3cf000-37eb0a3d3000 r--p 00135000 08:01 47472 /lib64/libc-2.6.1.so 37eb0a3d3000-37eb0a3d4000 rw-p 00139000 08:01 47472 /lib64/libc-2.6.1.so 37eb0a3d4000-37eb0a3db000 rw-p 37eb0a3d4000 00:00 0 37eb0a3f0000-37eb0a3fd000 r-xp 00000000 08:01 47555 /lib64/libgcc_s.so.1 37eb0a3fd000-37eb0a5fc000 ---p 0000d000 08:01 47555 /lib64/libgcc_s.so.1 37eb0a5fc000-37eb0a5fd000 r--p 0000c000 08:01 47555 /lib64/libgcc_s.so.1 37eb0a5fd000-37eb0a5fe000 rw-p 0000d000 08:01 47555 /lib64/libgcc_s.so.1 37eb0c000000-37eb0c021000 rw-p 37eb0c000000 00:00 0 37eb0c021000-37eb10000000 ---p 37eb0c021000 00:00 0 7d0e80030000-7d0e80046000 rw-p 7d0e80030000 00:00 0 [stack] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vdso] Aborted
reopen
Are you really using knocker-0.7.1-r1 ? If so, what architecture are you on (I did not try this on amd64 either)? > I fail to see how the attached patch fixes anything. Note that the knocker package in general has poor programming practice, so there might be other bugs in the package. I obviously fixed those that my machine and configuration exploited, and if you fail to see "how it fixes anything" than get help from someone who knows C ;-) Take a look at the patched file rather than just the patch. Hints: pointer tmpp is assigned malloced memory. In the original code it is then modified (couple of tmpp++ ..) and lastly wrongly free'd (free(tmpp)) .. this obviusly is very wrong, since to properly free this memory region free() needs the exact same pointer it got from malloc(), hence the patch fixes sth, if it saves tmpp in tmpp_orig after malloc call, but maybe not every bug in knocker.. Please also note that I'm not the author of knocker.. I'll have a look at your trace anyway, to see if there's a way to fix it. But first please really make sure you used -r1 and tell me which architecture.. regards, cmuelle8
Created attachment 137483 [details] "inherit eutils" was missing, so epatch was not executed - FIXED "inherit eutils" was missing, so epatch was not executed - FIXED
can someone please put the updated ebuild silently into portage (either that or rename it to r2 and delete r1)? thx for the fish, cmuelle8
argh, my bad, sorry modified -r1 ebuild in cvs
