After update buffer overflow detected. #23
Description
After doing a docker pull for the latest version of ntop-ng, without changing anything else, I am not getting a buffer overflow error. See below for an excerpt from logs
09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface eth3 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 2] 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface eth3 [id: 2] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface eth2 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface eth2 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 3] 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface eth2 [id: 3] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface eth0 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface eth0 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 4] 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface eth0 [id: 4] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface eth1 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface eth1 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 5] 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface eth1 [id: 5] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface br-231dd8573e17 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface br-231dd8573e17 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 6] 09/Aug/2024 23:29:09 [Utils.cpp:2757] ERROR: Cannot get hw addr for br-231dd8573e1 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface br-231dd8573e17 [id: 6] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface br-288f3fd3b8e2 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface br-288f3fd3b8e2 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 7] 09/Aug/2024 23:29:09 [Utils.cpp:2757] ERROR: Cannot get hw addr for br-288f3fd3b8e 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface br-288f3fd3b8e2 [id: 7] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface br-43eec5a2893e 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface br-43eec5a2893e [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 8] 09/Aug/2024 23:29:09 [Utils.cpp:2757] ERROR: Cannot get hw addr for br-43eec5a2893 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface br-43eec5a2893e [id: 8] 09/Aug/2024 23:29:09 [main.cpp:370] PID stored in file /var/run/ntopng.pid 09/Aug/2024 23:29:09 [Geolocation.cpp:170] Loaded database dbip-city-lite.mmdb [/usr/share/ntopng/httpdocs/geoip//dbip-city-lite.mmdb][ip_version: 6] 09/Aug/2024 23:29:09 [Geolocation.cpp:170] Loaded database dbip-asn-lite.mmdb [/usr/share/ntopng/httpdocs/geoip//dbip-asn-lite.mmdb][ip_version: 6] 09/Aug/2024 23:29:09 [Geolocation.cpp:109] Using geolocation provided by DB-IP (https://db-ip.com) 09/Aug/2024 23:29:09 [HTTPserver.cpp:1642] Found TLS certificate /usr/share/ntopng/httpdocs/ssl/ntopng-cert.pem 09/Aug/2024 23:29:09 [HTTPserver.cpp:1933] Web server dirs [/usr/share/ntopng/httpdocs][/usr/share/ntopng/scripts] 09/Aug/2024 23:29:09 [HTTPserver.cpp:1938] HTTP server listening on 3000 09/Aug/2024 23:29:09 [Utils.cpp:3882] WARNING: Capabilities cap_set_proc error: Operation not permitted 09/Aug/2024 23:29:09 [Utils.cpp:813] WARNING: Unable to retain privileges for privileged file writing 09/Aug/2024 23:29:10 [Utils.cpp:860] User changed to ntopng 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface lo [id: 1]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface lo [id: 1]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface eth3 [id: 2]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface eth3 [id: 2]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface eth2 [id: 3]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface eth2 [id: 3]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface eth0 [id: 4]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface eth0 [id: 4]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface eth1 [id: 5]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface eth1 [id: 5]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface br-231dd8573e17 [id: 6]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface br-231dd8573e17 [id: 6]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface br-288f3fd3b8e2 [id: 7]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface br-288f3fd3b8e2 [id: 7]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface br-43eec5a2893e [id: 8]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface br-43eec5a2893e [id: 8]... 09/Aug/2024 23:29:10 [main.cpp:445] Working directory: /var/lib/ntopng 09/Aug/2024 23:29:10 [main.cpp:447] Scripts/HTML pages directory: /usr/share/ntopng 09/Aug/2024 23:29:10 [Ntop.cpp:523] Welcome to ntopng x86_64 v.6.0.240531 (6.0-stable:93cb51d01a0f03d12c8503ae03e7936708e71ece:20240531) 09/Aug/2024 23:29:10 [Ntop.cpp:532] Built on Ubuntu 22.04.4 LTS 09/Aug/2024 23:29:10 [Ntop.cpp:534] (C) 1998-23 ntop 09/Aug/2024 23:29:10 [Ntop.cpp:945] Adding 127.0.0.1/32 as IPv4 interface address for lo 09/Aug/2024 23:29:10 [Ntop.cpp:956] Adding 127.0.0.0/8 as IPv4 local network for lo 09/Aug/2024 23:29:10 [Ntop.cpp:3583] WARNING: Unable to parse network 127.0.0.0/8 or already defined: skipping it 09/Aug/2024 23:29:10 [Ntop.cpp:945] Adding 172.29.36.1/32 as IPv4 interface address for br-231dd8573e17 09/Aug/2024 23:29:10 [Ntop.cpp:956] Adding 172.29.36.0/22 as IPv4 local network for br-231dd8573e17 09/Aug/2024 23:29:10 [Ntop.cpp:945] Adding 172.29.48.1/32 as IPv4 interface address for br-288f3fd3b8e2 09/Aug/2024 23:29:10 [Ntop.cpp:956] Adding 172.29.48.0/22 as IPv4 local network for br-288f3fd3b8e2 09/Aug/2024 23:29:10 [Ntop.cpp:945] Adding 172.29.40.1/32 as IPv4 interface address for br-43eec5a2893e 09/Aug/2024 23:29:10 [Ntop.cpp:956] Adding 172.29.40.0/22 as IPv4 local network for br-43eec5a2893e 09/Aug/2024 23:29:10 [Ntop.cpp:981] Adding ::1/128 as IPv6 interface address for lo 09/Aug/2024 23:29:10 [Ntop.cpp:993] Adding ::1/128 as IPv6 local network for lo 09/Aug/2024 23:29:10 [PeriodicActivities.cpp:108] Started periodic activities loop... 09/Aug/2024 23:29:10 [startup.lua:38] Processing startup.lua: please hold on... 09/Aug/2024 23:29:10 [startup.lua:121] [lists_utils.lua:831] Refreshing category lists... 09/Aug/2024 23:29:10 [startup.lua:121] [lists_utils.lua:417] Updating list 'Abuse.ch URLhaus' [https://urlhaus.abuse.ch/downloads/hostfile/]... OK 09/Aug/2024 23:29:10 [startup.lua:121] [lists_utils.lua:417] Updating list 'Emerging Threats' [https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt]... OK 09/Aug/2024 23:29:10 [startup.lua:121] [lists_utils.lua:417] Updating list 'NoCoin Filter List' [https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt]... OK 09/Aug/2024 23:29:10 [startup.lua:121] [lists_utils.lua:417] Updating list 'SSLBL Botnet C2 IP Blacklist' [https://sslbl.abuse.ch/blacklist/sslipblacklist.txt]... OK 09/Aug/2024 23:29:11 [startup.lua:121] [lists_utils.lua:417] Updating list 'Stratosphere Lab' [https://mcfp.felk.cvut.cz/publicDatasets/CTU-AIPP-BlackList/Todays-Blacklists/AIP_historical_blacklist_prioritized_by_newest_attackers.csv]... OK 09/Aug/2024 23:29:11 [startup.lua:121] [lists_utils.lua:417] Updating list 'ThreatFox' [https://threatfox.abuse.ch/downloads/hostfile/]... OK 09/Aug/2024 23:29:11 [startup.lua:121] [lists_utils.lua:417] Updating list 'dshield 7 days' [https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/dshield_7d.netset]... OK 09/Aug/2024 23:29:11 [startup.lua:121] [lists_utils.lua:466] Failure loading host 'ip' category '100' in list 'Stratosphere Lab' 09/Aug/2024 23:29:11 [startup.lua:121] [lists_utils.lua:753] Category Lists (7592 hosts, 11944 IPs, 0 JA3) loaded in 0 sec 09/Aug/2024 23:29:11 [startup.lua:125] Initializing device polices... 09/Aug/2024 23:29:11 [startup.lua:141] Initializing alerts... 09/Aug/2024 23:29:11 [startup.lua:150] Initializing timeseries... 09/Aug/2024 23:29:11 [startup.lua:217] [blog_utils.lua:125] Fetching latest ntop blog posts... 09/Aug/2024 23:29:12 [startup.lua:242] Completed startup.lua 09/Aug/2024 23:29:12 [PeriodicActivities.cpp:167] Found 10 activities 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface lo [id: 1]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface eth3 [id: 2]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface eth2 [id: 3]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface eth0 [id: 4]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface eth1 [id: 5]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface br-231dd8573e17 [id: 6]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface br-288f3fd3b8e2 [id: 7]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface br-43eec5a2893e [id: 8]... *** buffer overflow detected ***: terminated /run.sh: line 3: 16 Aborted ntopng "$@" $NTOP_CONFIG
Docker compose command
version: '3.9'
services:
ntopng:
hostname: ntopng
image: ntop/ntopng:stable
container_name: ntopng
mem_limit: 4g
cpu_shares: 768
security_opt:
- no-new-privileges:true
restart: on-failure:5
volumes:
- '/share/ZFS20_DATA/docker/ntop-ng/config:/var/lib/ntopng'
network_mode: host
command: --community