[Tripwire-announce] twadmin craches

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Yo All!

Well, I think I found a way to debug these twadmin crashes I am getting.
Turning off the default terminate and unexpected handlers does the trick.
With them in the "backtrace" feature of gdb is broken.  With them gone
I can just run to the crash and then backtrace to the problem.

Here is the patch for version 2.3.1-2:

hobbes:/usr/local/src/tripwire-2.3.1-2/src/twadmin# diff -u twadminmain.c=
pp.dis
t twadminmain.cpp

--- twadminmain.cpp.dist        Wed Apr 11 17:07:50 2001
+++ twadminmain.cpp     Wed Apr 11 17:56:15 2001
@@ -91,8 +91,10 @@
         #else
             #define EXCEPTION_NAMESPACE std::
         #endif
+#ifndef _DEBUG
         EXCEPTION_NAMESPACE set_terminate(tw_terminate_handler);
         EXCEPTION_NAMESPACE set_unexpected(tw_unexpected_handler);
+#endif

         twInit.Init( argv[0] );
                TSS_Dependency( cTWAdmin );


I suggest doing this everywhere the set_terminate() and set_unexpected()
are used.

Then I can get a good backtrace from gdb.

Here is my /etc/tripwire/twcfg.txt that fails.

ROOT          =3D/usr/sbin
POLFILE       =3D/etc/tripwire/tw.pol
DBFILE        =3D/var/lib/tripwire/$(HOSTNAME).twd
REPORTFILE    =3D/var/lib/tripwire/report/$(HOSTNAME)-$(DATE).twr
SITEKEYFILE   =3D/etc/tripwire/site.key
LOCALKEYFILE  =3D/etc/tripwire/hobbes-local.key
EDITOR        =3D/bin/vi
LATEPROMPTING =3Dfalse
LOOSEDIRECTORYCHECKING =3Dfalse
MAILNOVIOLATIONS =3Dtrue
EMAILREPORTLEVEL =3D3
REPORTLEVEL   =3D3
MAILMETHOD    =3DSENDMAIL
SYSLOGREPORTING =3Dfalse
MAILPROGRAM   =3D/usr/lib/sendmail -oi -t
GLOBALEMAIL   =3D ge...@re...


/etc/tripwire# gdb /usr/sbin/twadmin

(gdb) run -m F -S site.key twcfg.txt
[...]
Program received signal SIGABRT, Aborted.
0x8143621 in __kill ()
(gdb) bt

#0  0x8143621 in __kill ()
#1  0x814343c in raise (sig=3D6) at ../sysdeps/posix/raise.c:27
#2  0x814370e in abort () at ../sysdeps/generic/abort.c:88
#3  0x813c6fb in __default_terminate ()
#4  0x813c71c in __terminate ()
#5  0x813d1ae in __throw ()
#6  0x80df7c3 in cUnixFSServices::Stat (this=3D0x83b4a68,
    strName=3D<incomplete type>, stat=3D@0xbffff2d0)
    at unix/unixfsservices.cpp:323
#7  0x80b1d3a in cFileUtil::IsRegularFile (fileName=3D@0xbffff41c)
    at fileutil.cpp:129
#8  0x8072281 in WriteObject (filename=3D0x83acb80 "/etc/tripwire/./tw.cf=
g",
    pObjHeader=3D0x0, obj=3D@0xbffff6c4, fileHeader=3D@0xbffff574, bEncry=
pt=3Dtrue,
    pPrivateKey=3D0x83bb720) at twutil.cpp:171
#9  0x8076f4e in cTWUtil::WriteConfigText (
    filename=3D0x83acb80 "/etc/tripwire/./tw.cfg",
    configText=3D{<_String_base<char,_STL::allocator<char> >> =3D {
        _M_start =3D 0xbffff770 "\030",
        _M_finish =3D 0x1 <Address 0x1 out of bounds>,
        _M_end_of_storage =3D {<allocator<char>> =3D {},
          _M_data =3D 0x83babe0 "=C8\230;\b=C8\230;\b"}},
      static npos =3D <optimized out>}, bEncrypt=3Dtrue, pPrivateKey=3D0x=
83bb720)
    at twutil.cpp:599
#10 0x804c057 in cTWAModeCreateCfg::Execute (this=3D0x83babe0,
    pQueue=3D0xbffff9ac) at twadmincl.cpp:433
#11 0x80601d1 in main (argc=3D6, argv=3D0xbffffa34, envp=3D0xbffffa50)
    at twadminmain.cpp:202
#12 0x8140375 in __libc_start_main (main=3D0x805f974 <main>, argc=3D6,
    argv=3D0xbffffa34, init=3D0x80480b4 <_init>, fini=3D0x8210f68 <_fini>=
,
    rtld_fini=3D0, stack_end=3D0xbffffa2c) at ../sysdeps/generic/libc-sta=
rt.c:92
(gdb)

After the crash I have no file called /etc/tripwire/./tw.cfg.
Funny filename eh? Also no clue why it should fail.  I am running as
root and root has write permissions:

drwxr-x---   2 root     root         1024 Apr 11 19:13 /etc/tripwire

Any ideas?

RGDS
GARY
-------------------------------------------------------------------------=
--
Gary E. Miller Rellim 20340 Empire Ave, Suite E-3, Bend, OR 97701
	ge...@re...  Tel:+1(541)382-8588 Fax: +1(541)382-8676





