tcpdump dumps core with long filter expression

K R Fri, 27 May 2022 13:00:03 -0700

>Synopsis:      tcpdump dumps core with long filter expression
>Category:      system library amd64
>Environment:
        System      : OpenBSD 7.1-current
        Details     : OpenBSD 7.1-current (GENERIC) #533: Thu May 26
12:06:14 MDT 2022


[email protected]:/usr/src/sys/arch/amd64/compile/GENERIC

        Architecture: OpenBSD.amd64
        Machine     : amd64
>Description:
        tcpdump dumps core with a long filter expression.  (either on
        the command line or using the -F option)
>How-To-Repeat:
        # echo "port 0 or port 1 or port 2 or port 3 or port 4 or port
5 or port 6 or port 7 \
or port 8 or port 9 or port 10 or port 11 or port 12 or port 13 or
port 14" > /tmp/filter.cf

        # tcpdump -nl -i vio0 -F /tmp/filter.cf
        tcpdump(52915) in free(): bogus pointer (double free?)
0xdfdfdfdfdfdfdfdf

        Same behavior with p0f3 (also using libpcap), from packages:

        # p0f3 -i vio0 "$(cat /tmp/filter.cf)"
        p0f3(59041) in free(): bogus pointer (double free?) 0xdfdfdfdfdfdfdfdf
        Abort trap (core dumped)

>Fix:
        Unknown.

tcpdump dumps core with long filter expression

Reply via email to