#251 SIGSEGV in fwbiosacl - fwbuilder-5.1.0.3599

open
nobody
None
5
2013-02-23
2013-02-23
No

Compiling produces an error in GUI.
Command line goes to :
102 [11:43] rol@tux.DEF:~/usr/bin> fwb_iosacl -v -f /usr/local/home/rol/Documents/rol.fwb -d /usr/local/home/rol/Documents -o rtr-01.PAR.fw -i id4091X5829
*** Loading data ... done
Nothing to compile in Policy
Compiling routing rules for rtr-01.PAR
processing 1 rules
Segmentation fault (core dumped)

gdb produces :
110 [11:45] rol@tux.DEF:~/usr/bin> gdb fwb_iosacl
GNU gdb (GDB) Fedora (7.3.1-48.fc15)
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/local/home/rol/usr/bin/fwb_iosacl...done.
(gdb) run -v -f /usr/local/home/rol/Documents/rol.fwb -d /usr/local/home/rol/Documents -o rtr-01.PAR.fw -i id4091X5829
Starting program: /usr/local/home/rol/usr/bin/fwb_iosacl -v -f /usr/local/home/rol/Documents/rol.fwb -d /usr/local/home/rol/Documents -o rtr-01.PAR.fw -i id4091X5829
[Thread debugging using libthread_db enabled]
*** Loading data ... done
Nothing to compile in Policy
Compiling routing rules for rtr-01.PAR
processing 1 rules

Program received signal SIGSEGV, Segmentation fault.
0x0000000000438926 in libfwbuilder::InetAddr::isHostMask (this=0x0)
at ../libfwbuilder/src/fwbuilder/InetAddr.h:260
260 if (address_family==AF_INET)
Missing separate debuginfos, use: debuginfo-install expat-2.1.0-1.fc15.x86_64 fontconfig-2.8.0-3.fc15.x86_64 freetype-2.4.4-8.fc15.x86_64 glib2-2.28.8-1.fc15.x86_64 glibc-2.14.1-6.x86_64 libICE-1.0.6-3.fc15.x86_64 libSM-1.2.0-2.fc15.x86_64 libX11-1.4.3-1.fc15.x86_64 libXau-1.0.6-2.fc15.x86_64 libXcursor-1.1.11-3.fc15.x86_64 libXext-1.2.0-2.fc15.x86_64 libXfixes-5.0-1.fc15.x86_64 libXi-1.4.3-3.fc15.x86_64 libXinerama-1.1.1-2.fc15.x86_64 libXrandr-1.3.1-2.fc15.x86_64 libXrender-0.9.6-2.fc15.x86_64 libgcc-4.6.3-2.fc15.x86_64 libpng-1.2.49-1.fc15.x86_64 libstdc++-4.6.3-2.fc15.x86_64 libuuid-2.19.1-1.4.fc15.x86_64 libxcb-1.7-2.fc15.x86_64 libxml2-2.7.8-6.fc15.x86_64 libxslt-1.1.26-8.fc15.x86_64 qt-4.7.4-10.fc15.x86_64 qt-x11-4.7.4-10.fc15.x86_64 zlib-1.2.5-6.fc15.x86_64

Distro : Fedora release 15 (Lovelock) - 64bit
Version : fwbuilder-5.1.0.3599
Installation from sources
Error message : see above
Log file : none present/Please state how to create it
Backtrace :
(gdb) bt
#0 0x0000000000438926 in libfwbuilder::InetAddr::isHostMask (this=0x0)
at ../libfwbuilder/src/fwbuilder/InetAddr.h:260
#1 0x0000000000456570 in fwcompiler::RoutingCompiler_cisco::PrintRule::_printAddr (this=0xb647b0, o=0xa19dc0) at RoutingCompiler_cisco_writers.cpp:104
#2 0x0000000000456af3 in fwcompiler::RoutingCompiler_cisco::PrintRule::_printRDst (this=0xb647b0, rule=0xa05e60) at RoutingCompiler_cisco_writers.cpp:155
#3 0x000000000043e54e in fwcompiler::RoutingCompiler_iosacl::PrintRule::RoutingRuleToString (this=0xb647b0, rule=0xa05e60)
at RoutingCompiler_iosacl_writers.cpp:152
#4 0x000000000043de6f in fwcompiler::RoutingCompiler_iosacl::PrintRule::processNext (this=0xb647b0) at RoutingCompiler_iosacl_writers.cpp:95
#5 0x000000000048d1c1 in getNextRule (this=0xb647b0)
at ../fwcompiler/RuleProcessor.h:113
#6 fwcompiler::Compiler::simplePrintProgress::processNext (this=0xb68eb0)
at Compiler.cpp:832
#7 0x0000000000484fca in fwcompiler::Compiler::runRuleProcessors (
this=<optimized out>) at Compiler.cpp:708
#8 0x000000000043bc1d in fwcompiler::RoutingCompiler_iosacl::compile (this=
0x7fffffffcce0) at RoutingCompiler_iosacl.cpp:158
#9 0x000000000041d8ff in fwcompiler::CompilerDriver_iosacl::run (this=
0xa49130, cluster_id="", firewall_id="id4091X5829", single_rule_id="")
at CompilerDriver_iosacl_run.cpp:349
#10 0x0000000000471741 in fwcompiler::CompilerDriver::compile (this=0xa49130)
---Type <return> to continue, or q <return> to quit---
at CompilerDriver_compile.cpp:114
#11 0x00000000004189c8 in main (argc=10, argv=0x7fffffffdc68) at iosacl.cpp:163

Check_libs report :
108 [11:57] rol@tux.DEF:~/usr/bin> sh ./check_libs.sh ./fwb_iosacl
(0x00007fffaebff000) error: file /usr/local/home/rol/usr/bin/(0x00007fffaebff000): No such file or directory
/usr/lib64/libxml2.so.2.7.8 libxml2-2.7.8-6.fc15.x86_64
/usr/lib64/libxslt.so.1.1.26 libxslt-1.1.26-8.fc15.x86_64
/lib64/libz.so.1.2.5 zlib-1.2.5-6.fc15.x86_64
/lib64/libutil-2.14.1.so glibc-2.14.1-6.x86_64
/usr/lib64/libQtGui.so.4.7.4 qt-x11-4.7.4-10.fc15.x86_64
/usr/lib64/libQtCore.so.4.7.4 qt-4.7.4-10.fc15.x86_64
/lib64/libpthread-2.14.1.so glibc-2.14.1-6.x86_64
/usr/lib64/libstdc++.so.6.0.16 libstdc++-4.6.3-2.fc15.x86_64
/lib64/libm-2.14.1.so glibc-2.14.1-6.x86_64
/lib64/libgcc_s-4.6.3-20120306.so.1 libgcc-4.6.3-2.fc15.x86_64
/lib64/libc-2.14.1.so glibc-2.14.1-6.x86_64
/lib64/libdl-2.14.1.so glibc-2.14.1-6.x86_64
/lib64/libgthread-2.0.so.0.2800.8 glib2-2.28.8-1.fc15.x86_64
/lib64/librt-2.14.1.so glibc-2.14.1-6.x86_64
/lib64/libglib-2.0.so.0.2800.8 glib2-2.28.8-1.fc15.x86_64
/usr/lib64/libpng12.so.0.49.0 libpng-1.2.49-1.fc15.x86_64
/usr/lib64/libfreetype.so.6.6.2 freetype-2.4.4-8.fc15.x86_64
/lib64/libgobject-2.0.so.0.2800.8 glib2-2.28.8-1.fc15.x86_64
/usr/lib64/libSM.so.6.0.1 libSM-1.2.0-2.fc15.x86_64
/usr/lib64/libICE.so.6.3.0 libICE-1.0.6-3.fc15.x86_64
/usr/lib64/libXi.so.6.1.0 libXi-1.4.3-3.fc15.x86_64
/usr/lib64/libXrender.so.1.3.0 libXrender-0.9.6-2.fc15.x86_64
/usr/lib64/libXrandr.so.2.2.0 libXrandr-1.3.1-2.fc15.x86_64
/usr/lib64/libXfixes.so.3.1.0 libXfixes-5.0-1.fc15.x86_64
/usr/lib64/libXcursor.so.1.0.2 libXcursor-1.1.11-3.fc15.x86_64
/usr/lib64/libXinerama.so.1.0.0 libXinerama-1.1.1-2.fc15.x86_64
/usr/lib64/libfontconfig.so.1.4.4 fontconfig-2.8.0-3.fc15.x86_64
/usr/lib64/libXext.so.6.4.0 libXext-1.2.0-2.fc15.x86_64
/usr/lib64/libX11.so.6.3.0 libX11-1.4.3-1.fc15.x86_64
/usr/lib64/libX11.so.6.3.0 libX11-1.4.3-1.fc15.x86_64
/lib64/libuuid.so.1.3.0 libuuid-2.19.1-1.4.fc15.x86_64
/lib64/libexpat.so.1.6.0 expat-2.1.0-1.fc15.x86_64
/usr/lib64/libxcb.so.1.1.0 libxcb-1.7-2.fc15.x86_64
/usr/lib64/libXau.so.6.0.0 libXau-1.0.6-2.fc15.x86_64

Discussion

  • Paul Rolland

    Paul Rolland - 2013-02-23

    Remove the locally compiled version and switched to the corresponding Fedora rpm from sourceforge :
    [root@tux src]# ls -l fwbuilder-5.1.0.3599-1.fc15.x86_64.rpm
    -rw-rw-r-- 1 rol rol 10523401 Feb 23 13:34 fwbuilder-5.1.0.3599-1.fc15.x86_64.rpm

    Problem is the same :
    166 [14:16] rol@tux.DEF:~> fwb_iosacl -vvvv -f /usr/local/home/rol/Documents/rol.fwb -d /usr/local/home/rol/Documents -o rtr-01.PAR.fw -i id4091X5829
    *** Loading data ... done
    Nothing to compile in Policy
    Compiling routing rules for rtr-01.PAR
    Segmentation fault (core dumped)
    167 [14:16] rol@tux.DEF:~> which fwb_iosacl
    /usr/bin/fwb_iosacl

    Ran some debug using gdb, if that can help :
    Program received signal SIGSEGV, Segmentation fault.
    0x0000000000438926 in libfwbuilder::InetAddr::isHostMask (this=0x0)
    at ../libfwbuilder/src/fwbuilder/InetAddr.h:260
    260 if (address_family==AF_INET)
    Missing separate debuginfos, use: debuginfo-install expat-2.1.0-1.fc15.x86_64 fontconfig-2.8.0-3.fc15.x86_64 freetype-2.4.4-8.fc15.x86_64 glib2-2.28.8-1.fc15.x86_64 glibc-2.14.1-6.x86_64 libICE-1.0.6-3.fc15.x86_64 libSM-1.2.0-2.fc15.x86_64 libX11-1.4.3-1.fc15.x86_64 libXau-1.0.6-2.fc15.x86_64 libXcursor-1.1.11-3.fc15.x86_64 libXext-1.2.0-2.fc15.x86_64 libXfixes-5.0-1.fc15.x86_64 libXi-1.4.3-3.fc15.x86_64 libXinerama-1.1.1-2.fc15.x86_64 libXrandr-1.3.1-2.fc15.x86_64 libXrender-0.9.6-2.fc15.x86_64 libgcc-4.6.3-2.fc15.x86_64 libpng-1.2.49-1.fc15.x86_64 libstdc++-4.6.3-2.fc15.x86_64 libuuid-2.19.1-1.4.fc15.x86_64 libxcb-1.7-2.fc15.x86_64 libxml2-2.7.8-6.fc15.x86_64 libxslt-1.1.26-8.fc15.x86_64 qt-4.7.4-10.fc15.x86_64 qt-x11-4.7.4-10.fc15.x86_64 zlib-1.2.5-6.fc15.x86_64
    (gdb) stack 1
    Undefined command: "stack". Try "help".
    (gdb) bt
    #0 0x0000000000438926 in libfwbuilder::InetAddr::isHostMask (this=0x0)
    at ../libfwbuilder/src/fwbuilder/InetAddr.h:260
    #1 0x0000000000456570 in fwcompiler::RoutingCompiler_cisco::PrintRule::_printAddr (this=0x9c9c90, o=0xa1d8e0) at RoutingCompiler_cisco_writers.cpp:104
    #2 0x0000000000456af3 in fwcompiler::RoutingCompiler_cisco::PrintRule::_printRDst (this=0x9c9c90, rule=0xb9dd20) at RoutingCompiler_cisco_writers.cpp:155
    #3 0x000000000043e54e in fwcompiler::RoutingCompiler_iosacl::PrintRule::RoutingRuleToString (this=0x9c9c90, rule=0xb9dd20)
    at RoutingCompiler_iosacl_writers.cpp:152
    #4 0x000000000043de6f in fwcompiler::RoutingCompiler_iosacl::PrintRule::processNext (this=0x9c9c90) at RoutingCompiler_iosacl_writers.cpp:95
    #5 0x000000000048d1c1 in getNextRule (this=0x9c9c90)
    at ../fwcompiler/RuleProcessor.h:113
    #6 fwcompiler::Compiler::simplePrintProgress::processNext (this=0xa2d2b0)
    at Compiler.cpp:832
    #7 0x0000000000484fca in fwcompiler::Compiler::runRuleProcessors (
    this=<optimized out>) at Compiler.cpp:708
    #8 0x000000000043bc1d in fwcompiler::RoutingCompiler_iosacl::compile (this=
    0x7fffffffccf0) at RoutingCompiler_iosacl.cpp:158
    #9 0x000000000041d8ff in fwcompiler::CompilerDriver_iosacl::run (this=
    0xa49110, cluster_id="", firewall_id="id4091X5829", single_rule_id="")
    at CompilerDriver_iosacl_run.cpp:349
    #10 0x0000000000471741 in fwcompiler::CompilerDriver::compile (this=0xa49110)
    at CompilerDriver_compile.cpp:114
    #11 0x00000000004189c8 in main (argc=9, argv=0x7fffffffdc78) at iosacl.cpp:163
    (gdb) print mask
    $1 = 2147483647
    (gdb) print *mask
    Cannot access memory at address 0x7fffffff
    (gdb) print o
    No symbol "o" in current context.
    (gdb) up
    #1 0x0000000000456570 in fwcompiler::RoutingCompiler_cisco::PrintRule::_printAddr (this=0x9c9c90, o=0xa1d8e0) at RoutingCompiler_cisco_writers.cpp:104
    104 !mask->isHostMask())
    (gdb) print o
    $2 = (libfwbuilder::Address *) 0xa1d8e0
    (gdb) print *o
    $3 = {<libfwbuilder::FWObject> =
    {<std::list<libfwbuilder::FWObject*, std::allocator<libfwbuilder::FWObject*> >> = empty std::list, _vptr.FWObject = 0x7d2bb0, ref_counter = 6, parent =
    0xbd2ea8, dbroot = 0x9fc060, id = 1710, ro = false, name = "LAN Extranet",
    comment = "", static NOT_FOUND = "", creation_time = 1361621350,
    keywords = std::set with 0 elements, static dataDir = "", xml_name = "",
    busy = false, dirty = false, data = std::map with 1 elements = {[
    ".loaded"] = "1"}, private_data = std::map with 0 elements,
    static TYPENAME = 0x559d99 "UNDEF"}, inet_addr_mask = 0xa275a0,
    static TYPENAME = 0x55b38a "Address"}
    (gdb) print o->getNetmaskPtr()
    $4 = (const libfwbuilder::InetAddr *) 0x0
    (gdb) print mask
    $5 = (const libfwbuilder::InetAddr *) 0x0
    (gdb) print ostr
    $6 = <incomplete type>
    (gdb) print addr->toString()
    $7 = "193.251.229.0"
    (gdb) print *mask;
    Invalid character ';' in expression.
    (gdb) print *mask
    Cannot access memory at address 0x0
    (gdb) print mask
    $8 = (const libfwbuilder::InetAddr *) 0x0
    (gdb) print ostr.str()
    Couldn't find method std::ostringstream::str
    (gdb) print 0xa275a0->getNetmaskPtr()
    Attempt to extract a component of a value that is not a struct or union
    (gdb) print o->inet_addr_mask
    $9 = (libfwbuilder::InetAddrMask *) 0xa275a0
    (gdb) print o->inet_addr_mask->getNetmaskPtr()
    $10 = (const libfwbuilder::InetAddr *) 0xb386d0
    (gdb) print *(o->inet_addr_mask->getNetmaskPtr())
    $11 = {_vptr.InetAddr = 0x7ca4f0, address_family = 2, ipv4 = {s_addr = 0},
    ipv6 = {__in6_u = {__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0,
    0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}}
    (gdb) q

    This happens when compiling a "router" for which I have declared :
    - 5 interfaces (with IPv4 and IPv6)
    - one static route.
    The problem seems to be in the processing of the static route.
    The analysis from gdb seems to indicate the SEGV happens when looking for the netmask associated with the Destination part of the route. This destination is an "Address range" inserted using Drag'n'drop from the User > Objects -> Address ranges.
    The gdb commands I used (above) indicates the addr variable seems Ok :
    (gdb) print addr->toString()
    $7 = "193.251.229.0"
    returns the beginning of the address range I'm trying to setup a route for.

     
  • Paul Rolland

    Paul Rolland - 2013-02-23

    What looks strange :
    const Address* Address::getAddressObject() const
    {
    return NULL;
    }
    in Address.cpp because we do:
    const InetAddr* Address::getNetmaskPtr() const
    {
    const InetAddrMask *inet_addr_mask = getInetAddrMaskObjectPtr();
    ...
    const InetAddrMask* Address::getInetAddrMaskObjectPtr() const
    {
    const Address *addr_obj = getAddressObject();
    ...
    const Address* Address::getAddressObject() const
    {
    return NULL;
    }

    so at the very bottom of the chain, we return NULL, which propagates... or am I missing something in the code ?

     
  • Paul Rolland

    Paul Rolland - 2013-02-23

    Changing Address.cpp to have:
    const Address* Address::getAddressObject() const
    {
    return this;
    }

    avoids the SEGV, but the code generated (the route) has an incorrect mask.

     
  • Paul Rolland

    Paul Rolland - 2013-02-24

    Replacing the AddressRange object with the equivalent Networks object fixes the problem...
    Should this be considered a GUI issue, where the AddressRange shouldn't be used as a destination in a route ?

     
  • Vadim Kurland

    Vadim Kurland - 2013-02-24

    probably fwcompiler::RoutingCompiler_cisco::PrintRule::_printAddr should be smarter and check if an address range is used in the rule.

    What is the meaning of using address range in the routing rule ? what did you expect the program to generate ?

    Also, please note that the project is suspended and currently we are not fixing any bugs: https://sourceforge.net/projects/fwbuilder/forums/forum/16372/topic/6615913

     
  • Paul Rolland

    Paul Rolland - 2013-02-25

    Hi Vadim,

    Thanks for the reply.
    No, I wasn't aware dev. was suspended, but best wishes for NetCitadel !

    > What is the meaning of using address range in the routing rule ? what did
    > you expect the program to generate ?
    Well, I didn't immediately notice the existence of Networks, so I was using the AddressRange as a Networks.
    The difference between the two is still unclear to me, and I should probably go back to the documentation.
    To me, an addressRange with start and end correctly aligned is identical to a Network. My bad I guess...

    Best,
    Paul

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks