segmentation fault - 03/07/03 07:34 AM
i just began programming sockets in C. i decided for my first project to make a port scanner. everythign was working fine until i added the gethostbyname() fucntion to it. now everytime i run it i get a Segmentation Fault. I've tried to pinpoint it, but it's difficult. I only get the segmentation fault when I enter a valid ip address or domain. if the domain is invalid it sends back a custom error message. also if the user puts in the wrong number of arguments it calls a usage function. so i only have problems with the program when it doesn't encounter an error. In the code I set the first three variables to 5 to show that when the program runs, they are changed (or overwritten) to 0, 0, and 134519796 respectively. Also. I put a printf("hello"); followed by a fflush(stdout); followed by another printf("hello"); right after my declarations. when that happens, the only output is:
helloSegmentation Fault
does anyone know whats going on here??!
Output:
bash2.05a# ./pscan validdomain.com
sockfd: 0
n: 0
ret: 134519796
Segmentation fault
gdb output:
(gdb)run validdomain.com
Starting program: /home/gollum/projects/portscanner/pscan validdomain.com
sockfd: 0
n: 0
ret: 134519796
Program received signal SIGSEV, Segmentation fault.
__inet_aton (cp=0x2b6206d1 <Address 0x2b6206d1 out of bounds>, addr=0xbffff918) at inet_addr.c:130
130 inet_addr.c: No such file or directory.
in inet_addr.c
(gdb)bt
#0 __inet_aton (cp=0x2b6206d1 <Address 0x2b6206d1 out of bounds>, addr=0xbffff918) at inet_addr.c:130
#1 0x40102bd6 in inet_addr (cp=0x2b6206d1 <Address 0x2b6206d1 out of bounds>, addr=0xbffff918) at inet_addr.c:96
#2 0x0804887a in main (argc=2, argv=0xbffff9d4) at portscanner.c:74
#3 0x4003e17d in __libc_start_main (main=0x80486cc <main>, argc=2 ubp_av=0xbffff9d4, init-0x8048494 <_init>, fini=0x8048980 <_fini>, at ../sysdeps/generic/libc-start.c:129
CODE:([LT] is < and [GT] is >)
#include [LT]stdio.h[GT]
#include [LT]stdlib.h[GT]
#include [LT]errno.h[GT]
#include [LT]string.h[GT]
#include [LT]netdb.h[GT]
#include [LT]sys/types.h[GT]
#include [LT]netinet/in.h[GT]
#include [LT]sys/socket.h[GT]
void usage(char *s)
{
printf("\nGollum's First Port Scanner\nUsage: %s [LT]ip address[GT] [begin port] [end port]\n\n",s);
exit(1);
}
int main(int argc, char *argv[])
{
int sockfd = 5, n = 5, ret = 5;
struct hostent *host;
struct sockaddr_in targ_addr;
int openprt = 0, begport, endport, strdprt;
printf("\nsockfd: %d\nn: %d\nret: %d\n\n");
fflush(stdout);
if(argc [LT]= 1)
usage(argv[0]);
if(argc [GT] 4)
usage(argv[0]);
if((host = gethostbyname(argv[1])) == NULL){
printf("%s: unknown host: %s\n",argv[0],argv[1]);
exit(1);
}
if(argc == 4){
begport = atoi(argv[2]);
endport = atoi(argv[3]);
}
else{
begport = 1;
endport = 1024;
}
printf("Scanning [LT]%s[GT](%s) from port %d to %d...",host-[GT]h_name,inet_ntoa(*((struct in_addr *)host-[GT]h_addr)),begport,endport);
strdprt = endport - begport+1;
for(; begport [LT]= endport; begport++){
sockfd=socket(AF_INET,SOCK_STREAM,0);
bzero((char*)&targ_addr,sizeof(targ_addr));
targ_addr.sin_family=AF_INET;
targ_addr.sin_port=htons(begport);
targ_addr.sin_addr.s_addr = inet_addr(*((struct in_addr *)host-[GT]h_addr));
if((ret=connect(sockfd,(struct sockaddr *)&targ_addr,sizeof(targ_addr)))!=-1)
{
printf("\n--[GT] %d is Open",begport);
openprt++;}
for(n = 0; n [LT]= 12000000; n++);
}
printf("\nScan Finished\n");
if(openprt == 0){
printf("No open ports were detected on %s.\n",host);
}
else{
printf("The other %d ports scanned were closed.\n",strdprt-openprt);
}
close(sockfd);
return 0;
}
helloSegmentation Fault
does anyone know whats going on here??!
Output:
bash2.05a# ./pscan validdomain.com
sockfd: 0
n: 0
ret: 134519796
Segmentation fault
gdb output:
(gdb)run validdomain.com
Starting program: /home/gollum/projects/portscanner/pscan validdomain.com
sockfd: 0
n: 0
ret: 134519796
Program received signal SIGSEV, Segmentation fault.
__inet_aton (cp=0x2b6206d1 <Address 0x2b6206d1 out of bounds>, addr=0xbffff918) at inet_addr.c:130
130 inet_addr.c: No such file or directory.
in inet_addr.c
(gdb)bt
#0 __inet_aton (cp=0x2b6206d1 <Address 0x2b6206d1 out of bounds>, addr=0xbffff918) at inet_addr.c:130
#1 0x40102bd6 in inet_addr (cp=0x2b6206d1 <Address 0x2b6206d1 out of bounds>, addr=0xbffff918) at inet_addr.c:96
#2 0x0804887a in main (argc=2, argv=0xbffff9d4) at portscanner.c:74
#3 0x4003e17d in __libc_start_main (main=0x80486cc <main>, argc=2 ubp_av=0xbffff9d4, init-0x8048494 <_init>, fini=0x8048980 <_fini>, at ../sysdeps/generic/libc-start.c:129
CODE:([LT] is < and [GT] is >)
#include [LT]stdio.h[GT]
#include [LT]stdlib.h[GT]
#include [LT]errno.h[GT]
#include [LT]string.h[GT]
#include [LT]netdb.h[GT]
#include [LT]sys/types.h[GT]
#include [LT]netinet/in.h[GT]
#include [LT]sys/socket.h[GT]
void usage(char *s)
{
printf("\nGollum's First Port Scanner\nUsage: %s [LT]ip address[GT] [begin port] [end port]\n\n",s);
exit(1);
}
int main(int argc, char *argv[])
{
int sockfd = 5, n = 5, ret = 5;
struct hostent *host;
struct sockaddr_in targ_addr;
int openprt = 0, begport, endport, strdprt;
printf("\nsockfd: %d\nn: %d\nret: %d\n\n");
fflush(stdout);
if(argc [LT]= 1)
usage(argv[0]);
if(argc [GT] 4)
usage(argv[0]);
if((host = gethostbyname(argv[1])) == NULL){
printf("%s: unknown host: %s\n",argv[0],argv[1]);
exit(1);
}
if(argc == 4){
begport = atoi(argv[2]);
endport = atoi(argv[3]);
}
else{
begport = 1;
endport = 1024;
}
printf("Scanning [LT]%s[GT](%s) from port %d to %d...",host-[GT]h_name,inet_ntoa(*((struct in_addr *)host-[GT]h_addr)),begport,endport);
strdprt = endport - begport+1;
for(; begport [LT]= endport; begport++){
sockfd=socket(AF_INET,SOCK_STREAM,0);
bzero((char*)&targ_addr,sizeof(targ_addr));
targ_addr.sin_family=AF_INET;
targ_addr.sin_port=htons(begport);
targ_addr.sin_addr.s_addr = inet_addr(*((struct in_addr *)host-[GT]h_addr));
if((ret=connect(sockfd,(struct sockaddr *)&targ_addr,sizeof(targ_addr)))!=-1)
{
printf("\n--[GT] %d is Open",begport);
openprt++;}
for(n = 0; n [LT]= 12000000; n++);
}
printf("\nScan Finished\n");
if(openprt == 0){
printf("No open ports were detected on %s.\n",host);
}
else{
printf("The other %d ports scanned were closed.\n",strdprt-openprt);
}
close(sockfd);
return 0;
}