# gdb /usr/sbin/p0f GNU gdb (Gentoo 7.3.1 p2) 7.3.1 Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-pc-linux-gnu". For bug reporting instructions, please see: <http://bugs.gentoo.org/>... Reading symbols from /usr/sbin/p0f...Reading symbols from /usr/lib64/debug/usr/sbin/p0f.debug...done. done. (gdb) set args -L (gdb) run Starting program: /usr/sbin/p0f -L --- p0f 3.05b by Michal Zalewski <lcamtuf@coredump.cx> --- -- Available interfaces -- 0: Name : eth0 Description : - IP address : 88.198.102.195 1: Name : tun0 Description : - Program received signal SIGSEGV, Segmentation fault. 0x0000005d4e11a346 in list_interfaces () at p0f.c:404 404 p0f.c: No such file or directory. in p0f.c (gdb) bt #0 0x0000005d4e11a346 in list_interfaces () at p0f.c:404 #1 0x0000005d4e11be15 in main (argc=2, argv=0x3869aafcc78) at p0f.c:1018 (gdb) bt full #0 0x0000005d4e11a346 in list_interfaces () at p0f.c:404 a = 0x5d50df98a0 pcap_err = "\240ȯ\232\206\003\000\000 \262\023N]\000\000\000p̯\232\206\003", '\000' <repeats 18 times>, "\b\025ń|\003\000\000;\000\000\000\000\000\000\000\032\374\277\204|\003\000\000\375\203O\031\000\000\000\000;", '\000' <repeats 15 times>, "x̯\232\206\003\000\000\000\000\000\000\000\000\000\000U\016\300\204\001\000\000\000\000\000\000\000\002\000\000\000]\261\023N]\000\000\000\001\000\000\000\000\000\000\000`g\361\204|\003\000\000\n\000\000\000\000\000\000\000\000@7\205|\003\000\000\001\000\000\000\000\000\000\000\032\374\277\204|\003\000\000\000\000\000\000\000\000\000\000\364`\361\204|\003\000\000 \262\023N]\000\000\000p̯\232\206\003", '\000' <repeats 18 times>, "x̯\232\206\003\000\000\233\"ń|\003\000\000\240\217\361\204|\003\000\000\000\000\000\000]\000\000" dev = 0x5d50df9850 i = 2 '\002' __FUNCTION__ = "list_interfaces" #1 0x0000005d4e11be15 in main (argc=2, argv=0x3869aafcc78) at p0f.c:1018 r = <optimized out> __FUNCTION__ = "main" (gdb) In dmesg appears: grsec: From 127.0.0.6: Segmentation fault occurred at (nil) in /usr/sbin/p0f[p0f:27666] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/gdb[gdb:27661] uid/euid:0/0 gid/egid:0/0 Reproducible: Always Portage 2.2.0_alpha104 (hardened/linux/amd64, gcc-4.5.3, glibc-2.14.1-r3, 3.3.2-hardened x86_64) ================================================================= System uname: Linux-3.3.2-hardened-x86_64-Intel-R-_Core-TM-_i7_CPU_930_@_2.80GHz-with-gentoo-2.0.3 Timestamp of tree: Mon, 14 May 2012 14:00:01 +0000 ccache version 3.1.7 [enabled] app-shells/bash: 4.2_p20 dev-lang/python: 2.7.2-r3, 3.2.2 dev-util/ccache: 3.1.7 dev-util/cmake: 2.8.7-r5 dev-util/pkgconfig: 0.26 sys-apps/baselayout: 2.0.3 sys-apps/openrc: 0.9.8.4 sys-apps/sandbox: 2.5 sys-devel/autoconf: 2.68 sys-devel/automake: 1.11.1 sys-devel/binutils: 2.21.1-r1 sys-devel/gcc: 4.5.3-r2 sys-devel/gcc-config: 1.5-r2 sys-devel/libtool: 2.4-r1 sys-devel/make: 3.82-r1 sys-kernel/linux-headers: 3.1 (virtual/os-headers) sys-libs/glibc: 2.14.1-r3 Repositories: gentoo miro-testowe horhe Installed sets: ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=native -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /usr/share/openvpn/easy-rsa /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.3/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -march=native -pipe" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS=" --quiet-build=n" FEATURES="Xkeepwork Xprofile Xsplitdebug Xtest assume-digests binpkg-logs ccache collision-protect distlocks ebuild-locks fail-clean fixlafiles news parallel-fetch parse-eapi-ebuild-head preserve-libs profile-use protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="" GENTOO_MIRRORS="http://gentoo.mneisen.org/" LANG="pl_PL.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="pl en" MAKEOPTS="-j2 -l1" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_EXTRA_OPTS="-O" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/dane/domeny/PORT/" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="acpi amd64 apache2 bash-completion caps hardened idn iproute2 ipv6 mmap mmx mmxext modules multilib nls openmp openssl smp sse sse2 sse3 sse4 sse4a ssse3 syslog threads threadsafe unicode urandom vhosts vim-syntax xtpax" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon auth_digest authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user cache cgid dav dav_fs dav_lock dir env expires ext_filter filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif status unique_id usertrack vhost_alias" APACHE2_MPMS="prefork" ELIBC="glibc" KERNEL="linux" LINGUAS="pl en" NGINX_MODULES_HTTP="access browser charset gzip map limit_zone proxy rewrite stub_status" PHP_TARGETS="php5-3" USERLAND="GNU" XTABLES_ADDONS="geoip ipset6 psd sysrq tarpit" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, USE_PYTHON
I can't confirm this issue on my box. root@arcarius: ~ # gdb /usr/sbin/p0f GNU gdb (Gentoo 7.3.1 p2) 7.3.1 Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-pc-linux-gnu". For bug reporting instructions, please see: <http://bugs.gentoo.org/>... Reading symbols from /usr/sbin/p0f...Reading symbols from /usr/lib64/debug/usr/sbin/p0f.debug...done. done. (gdb) set args -L (gdb) run Starting program: /usr/sbin/p0f -L warning: no loadable sections found in added symbol-file system-supplied DSO at 0x3fff7ffa000 --- p0f 3.05b by Michal Zalewski <lcamtuf@coredump.cx> --- -- Available interfaces -- 0: Name : eth0 Description : - IP address : 192.168.137.1 1: Name : wlan0 Description : - IP address : 192.168.1.4 2: Name : any Description : Pseudo-device that captures on all interfaces IP address : (none) 3: Name : lo Description : - IP address : 127.0.0.1 [Inferior 1 (process 18394) exited normally] (gdb) quit root@arcarius: ~ # uname -a Linux arcarius 3.2.11-hardened #1 SMP Wed Apr 25 10:17:31 CEST 2012 x86_64 Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz GenuineIntel GNU/Linux
Tomáš, could you try with tun interface?
This is an old bug. Testing today with p0f 3.07b on 3.11.8-hardened, I'm not hitting it. I'm going to close this obsolete and if you hit it again, reopen and let me know which version of p0f and hardened-sources is causing the issue.
I just did test on 3.15.8-hardened, I've tried p0f-3.06 and 3.07, both throws segfault. Please let me know if I can provide more information or do tests.
