Bug #251
segfault when using some IDMEF criteria
Start date:
Due date:
% Done:
0%
Resolution:
fixed
Description
- prelude-manager --idmef-criteria -r "alert.target(0).user.category.name"
Subscribing Normalize to active decoding plugins.
server started (listening on 127.0.0.1 port 4690).
server started (listening on 192.168.33.215 port 4690).
Subscribing db[default] to active reporting plugins.
Segmentation fault
- prelude-manager --version
Subscribing Normalize to active decoding plugins.
prelude-manager 0.9.9
strace output:
...
write(1, "Subscribing db[default] to activ"..., 53Subscribing db[default] to active reporting plugins.
) = 53
access("alert.target(0).user.category.name", R_OK) = 1 EACCES (Permission denied) SIGSEGV (Segmentation fault) @ 0 (0) ---
--
++ killed by SIGSEGV ++
History
#1 Updated by Sebastien Tricaud over 16 years ago
- Status changed from New to Closed
- Resolution set to fixed
The list of idmef items was parsed and if there was only one item that is not valid, it would be iterated producing the segmentation fault.
Thank you very much for you report, this is now fixed in svn, changeset 9809.
#2 Updated by Yoann VANDOORSELAERE over 16 years ago
#3 Updated by Yoann VANDOORSELAERE almost 15 years ago
- Project changed from PRELUDE SIEM to Prelude Manager
- Category deleted (
3) - Target version deleted (
0.9.15)
#4 Updated by Thomas GIRARD about 12 years ago
- Target version deleted (
0.9.15)