| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Mar 2011 11:49:03 +0100
From: "walter schloegl" <sctp@...kelshirt.de>
To: richard -rw- weinberger <richard.weinberger@...il.com>
Cc: linux-kernel@...r.kernel.org
Subject: Re: sctp panic
-------- Original-Nachricht --------
> Datum: Thu, 17 Mar 2011 08:56:47 +0100
> Von: richard -rw- weinberger <richard.weinberger@...il.com>
> An: sctp@...kelshirt.de
> CC: linux-kernel@...r.kernel.org
> Betreff: Re: sctp panic
> On Thu, Mar 17, 2011 at 8:43 AM, <sctp@...kelshirt.de> wrote:
> > Hi
> >
> > when doing the actions below I get a panic.
> >
> > - echo 1 > /proc/sys/net/sctp/addip_enable
> > - In a C-Programm
> > - socket(AF_INET,SOCK_STREAM,IPPROTO_SCTP);
> > - connect(....) (with correct filled parameters)
> >
> > Its no process (waiting in accept) neccessary
>
> Can you show us the panic message and your C prorgam?
> This would help reproducing the panic...
The C-Code is:
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
#include <errno.h>
#include <unistd.h>
#include "sctp.h"
int
main(int ac,char **av)
{
int s;
char *remhost;
int port;
struct hostent *hp;
struct sockaddr_in server;
if (ac != 3) {
printf("usage: %s ip-addr port\n",av[0]);
exit(1);
}
remhost = av[1];
port = atoi(av[2]);
server.sin_port = htons(port);
server.sin_family = AF_INET;
hp = gethostbyname(remhost);
if (hp == 0) {
fprintf(stderr,"unknown host %s\n",remhost);
exit(1);
}
memcpy((char *)&server.sin_addr,(char *)hp->h_addr,hp->h_length);
if ((s = socket(AF_INET,SOCK_STREAM,IPPROTO_SCTP)) < 0) {
fprintf(stderr,"socket IPPROTO_SCTP proc %d failed errno %d\n",getpid(),errno);
close(s);
exit(1);
}
if (connect(s,(struct sockaddr *)&server,sizeof server) < 0) {
fprintf(stderr,"connect failed errno %d\n",errno);
close(s);
exit(1);
}
}
The crash says:
crash> bt
PID: 14646 TASK: ffff8801f40c7560 CPU: 9 COMMAND: "x"
#0 [ffff8801f6f5f6f0] machine_kexec at ffffffff8103697b
#1 [ffff8801f6f5f750] crash_kexec at ffffffff810b9078
#2 [ffff8801f6f5f820] oops_end at ffffffff814cc900
#3 [ffff8801f6f5f850] die at ffffffff8101733b
#4 [ffff8801f6f5f880] do_trap at ffffffff814cc1d4
#5 [ffff8801f6f5f8e0] do_invalid_op at ffffffff81014ee5
#6 [ffff8801f6f5f980] invalid_op at ffffffff81013f5b
[exception RIP: skb_over_panic+93]
RIP: ffffffff81404bdd RSP: ffff8801f6f5fa38 RFLAGS: 00010296
RAX: 0000000000000083 RBX: 0000000000000040 RCX: 00000000000013f6
RDX: 0000000000000000 RSI: 0000000000000046 RDI: 0000000000000246
RBP: ffff8801f6f5fa58 R8: ffffffff818a3da0 R9: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: ffff8801f4e11000
R13: 0000000000000004 R14: 000000000000003e R15: 0000000000000001
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
#7 [ffff8801f6f5fa60] skb_put at ffffffff81405c1c
#8 [ffff8801f6f5fa80] sctp_addto_chunk at ffffffffa0503c23
#9 [ffff8801f6f5fad0] sctp_make_init at ffffffffa0506705
#10 [ffff8801f6f5fba0] sctp_sf_do_prm_asoc at ffffffffa04f81d4
#11 [ffff8801f6f5fbd0] sctp_do_sm at ffffffffa04fd381
#12 [ffff8801f6f5fd60] sctp_primitive_ASSOCIATE at ffffffffa0513daf
#13 [ffff8801f6f5fd80] __sctp_connect at ffffffffa0510f09
#14 [ffff8801f6f5fe50] sctp_connect at ffffffffa0511248
#15 [ffff8801f6f5fe80] inet_dgram_connect at ffffffff81471b6c
#16 [ffff8801f6f5feb0] sys_connect at ffffffff813ff747
#17 [ffff8801f6f5ff80] system_call_fastpath at ffffffff81013172
RIP: 0000003015ee2150 RSP: 00007fffea7bdce8 RFLAGS: 00010206
RAX: 000000000000002a RBX: ffffffff81013172 RCX: 0000000000000000
RDX: 0000000000000010 RSI: 00007fffea7bdd00 RDI: 0000000000000003
RBP: 00007fffea7bdd40 R8: 0000000000759020 R9: ff00000000000000
R10: 00007fffea7bda70 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffea7bde20 R14: 00000000004006e0 R15: 0000000000000000
ORIG_RAX: 000000000000002a CS: 0033 SS: 002b
One more Info:
When calling my programm with 127.0.0.1 as remote ip-addr I get a:
connect failed errno 111
When calling it with a "non local" address (and also no "accept process" running) I get the Panic.
>
> > br
> > walter
> > --
> > GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt mit
> > gratis Handy-Flat! http://portal.gmx.net/de/go/dsl
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-kernel"
> in
> > the body of a message to majordomo@...r.kernel.org
> > More majordomo info at http://vger.kernel.org/majordomo-info.html
> > Please read the FAQ at http://www.tux.org/lkml/
> >
>
> --
> Thanks,
> //richard
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
NEU: FreePhone - kostenlos mobil telefonieren und surfen!
Jetzt informieren: http://www.gmx.net/de/go/freephone
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists