|
Nmap Development
mailing list archives
Re: 4.0 Segfault
From: Leif Tishendorf <ltishend () uoregon edu>
Date: Fri, 03 Feb 2006 13:19:06 -0700
Ran it a couple times, first time gave me this:
Program received signal SIGSEGV, Segmentation fault.
0x0808112f in deal_with_timedout_reads () at nmap_dns.cc:686
686 tpserv->capacity = (int) (tpserv->capacity * CAPACITY_MINOR_DOWN_SCALE);;
(gdb) bt
#0 0x0808112f in deal_with_timedout_reads () at nmap_dns.cc:686
#1 0x08081ed8 in nmap_mass_rdns_core (targets=0x94c0598, num_targets=256) at nmap_dns.cc:1136
#2 0x0808232c in nmap_mass_rdns (targets=0x94c0598, num_targets=256) at nmap_dns.cc:1205
#3 0x080551bd in nexthost (hs=0x94c0138, exclude_group=0x0, ports=0x94bdc30, pingtype=0x80c59bc) at targets.cc:438
#4 0x0804eccd in nmap_main (argc=13, argv=0xbf9933b4) at nmap.cc:1114
#5 0x0804b6b8 in main (argc=13, argv=0xbf9933b4, envp=0xbf9933ec) at main.cc:245
Second gave this:
Program received signal SIGSEGV, Segmentation fault.
deal_with_timedout_reads () at /usr/lib/gcc/i386-redhat-linux/4.0.2/../../../../include/c++/4.0.2/bits/stl_list.h:148
148 _M_node = _M_node->_M_next;
(gdb) bt
#0 deal_with_timedout_reads () at
/usr/lib/gcc/i386-redhat-linux/4.0.2/../../../../include/c++/4.0.2/bits/stl_list.h:148
#1 0x08081ed8 in nmap_mass_rdns_core (targets=0xa44e598, num_targets=256) at nmap_dns.cc:1136
#2 0x0808232c in nmap_mass_rdns (targets=0xa44e598, num_targets=256) at nmap_dns.cc:1205
#3 0x080551bd in nexthost (hs=0xa44e138, exclude_group=0x0, ports=0xa44bc30, pingtype=0x80c59bc) at targets.cc:438
#4 0x0804eccd in nmap_main (argc=13, argv=0xbfa05134) at nmap.cc:1114
#5 0x0804b6b8 in main (argc=13, argv=0xbfa05134, envp=0xbfa0516c) at main.cc:245
Ran the scan I gave previously trying to scan a /24 subnet.
Fyodor wrote:
On Fri, Feb 03, 2006 at 11:28:22AM -0700, Leif Tishendorf wrote:
With the latest 4.0 release I am getting a segfault when I am
scanning more then one host at a time. Did a strace and got:
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
write(2, "caught SIGSEGV signal, cleaning "..., 35caught SIGSEGV signal, cleaning up) = 35
close(1) = 0
munmap(0xb7f67000, 4096) = 0
rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
write(3, "The SYN Stealth Scan took 625.25"..., 2577) = 2577
tgkill(2840, 2840, SIGABRT) = 0
--- SIGABRT (Aborted) @ 0 (0) ---
+++ killed by SIGABRT +++
I'm running the following scan:
/usr/local/nmap-4.00/nmap -vvvv --host_timeout 1500000 -oN - -oX <xml out> -sS -p 1-18,20-9099,9101-65535 -O <host>
Could you try it with gdb instead? Go to (or remake) the source
directory, 'make' Nmap, then do:
gdb ./nmap
r -vvvv --host_timeout 1500000 -oN - -oX <xml out> -sS -p 1-18,20-9099,9101-65535 -O <host>
[ wait for crash, then press 'bt<enter>' ]
Then would you send us a log of the output? If it is very long,
sending just the 'bt' results may be enough.
Thanks,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
--
Leif Tishendorf
Network Security
voice #: (541) 346-1666
Computing Center Room 239
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
 By Date 
By Thread
Current thread:
|
Intro
