Re: [gentoo-hardened] Security Level: high/server/workstation/virtualization - gentoo-hardened

From:	Alex Efros <powerman@××××××××.name>
To:	gentoo-hardened@l.g.o
Subject:	Re: [gentoo-hardened] Security Level: high/server/workstation/virtualization
Date:	Sat, 28 Jan 2012 01:51:28
Message-Id:	`20120128015022.GH5600@home.power`
In Reply to:	Re: [gentoo-hardened] Security Level: high/server/workstation/virtualization by pageexec@freemail.hu

1

Hi!

2

3

On Sat, Jan 28, 2012 at 01:48:01AM +0200, pageexec@××××××××.hu wrote:

4

> gosh i knew i'd forgot something:

5

6

btw, glibc with debug has merged :)

7

8

9

(gdb) run

10

Starting program: /usr/bin/dumpcap 

11

[Thread debugging using libthread_db enabled]

12

13

Program received signal SIGSEGV, Segmentation fault.

14

0xb749f152 in __readdir64 (dirp=0x0) at ../sysdeps/unix/readdir.c:45

15

45      ../sysdeps/unix/readdir.c: No such file or directory.

16

        in ../sysdeps/unix/readdir.c

17

(gdb) 

18

19

(gdb) thread apply all bt full

20

21

Thread 1 (Thread 0xb73f16c0 (LWP 19994)):

22

#0  0xb749f152 in __readdir64 (dirp=0x0) at ../sysdeps/unix/readdir.c:45

23

        dp = <optimized out>

24

        saved_errno = <optimized out>

25

#1  0xb759d7ea in scan_sys_class_net (devlistp=0xbfffe488, 

26

    errbuf=0xbfffe4dc "tun0: You don't have permission to capture on that device (socket: Operation not permitted)") at ./pcap-linux.c:1832

27

        sys_class_net_d = 0x0

28

        fd = 7

29

        ent = <optimized out>

30

        p = <optimized out>

31

        name = "\261\236N\267\314\341\377\277.\244[\267\364\342\377\277\334\344\377\277\000\000\000\000\314\341\377\277\377\000\000\000\001\200\255\373\334\344\377\277\334\344\377\277\334\344\377\277\334\344\377\277\067\345\377\277\333\345\377\277\334\344\377\277\333\345\377\277", '\000' <repeats 20 times>, "\030\023\000\000\004\000\000\000T\316U\267\000\000\000\000\000\000\000\000\331\274s\267\203\003(\003\230\202s\267\324\274s\267\000\000\000\000`\274\\\267\020\240s\267\220\210G\267\230\342\377\277\211EZ\267\020\240s\267\377\377\000\000\325\\H\267(pZ\267v\000\000\000\271\236S\267\304\241S\267\270\343U\267\000\311U\267\000\000\000\000\324\274s\267\203\003(\003`\274\\\267\020\240s\267\300\346U\267\320\020\000\000\200\343U\267T\316U\267\200\343U\267\324\274s\267\250\342\377\277\243\275G\267\330\342\377\277\203\003(\003`\274\\\267\020\240s\267\330\342\377\277ZIZ\267\020\240s\267\324\274s\267\330\342\377\277\330\235N\267\334\344\377\277\000\001\000\000\001\000\000\000\203\003(\003`\274\\\267\020\240s\267\070\343\377\277AKZ\267\020\240s\267\000\001\000\000\001\000\000\000\377\377\377\377.\244[\267\324\274s\267\370\237[\267\064\241s\267\000\000\000\000\000\000\000\000D\000\000\000\334\344\377\277T\316U\267\000\000\000\000\331bO\267\203\003(\003\020eO\267\354\343\377\277\034\263s\267`\274\\\267\000\000\000\000\324\274s\267\250\343\377\277\341MZ\267\324\274s\267D\000\000\000\364wG\267\000\000\000\000\334\344\377\277\005\000\000\000\214\325S\267\234\236S\267"...

32

        q = <optimized out>

33

        ifrflags = {ifr_ifrn = {

34

            ifrn_name = "T\316U\267l\342\377\277\334\344\377\277\270\342\377\277"}, ifr_ifru = {

35

            ifru_addr = {sa_family = 40625, 

36

---Type <return> to continue, or q <return> to quit---

37

              sa_data = "N\267l\342\377\277\334\344\377\277\270\342\377\277"}, ifru_dstaddr = {

38

              sa_family = 40625, sa_data = "N\267l\342\377\277\334\344\377\277\270\342\377\277"}, 

39

            ifru_broadaddr = {sa_family = 40625, 

40

              sa_data = "N\267l\342\377\277\334\344\377\277\270\342\377\277"}, ifru_netmask = {

41

              sa_family = 40625, sa_data = "N\267l\342\377\277\334\344\377\277\270\342\377\277"}, 

42

            ifru_hwaddr = {sa_family = 40625, 

43

              sa_data = "N\267l\342\377\277\334\344\377\277\270\342\377\277"}, 

44

            ifru_flags = -24911, ifru_ivalue = -1219584335, ifru_mtu = -1219584335, ifru_map = {

45

              mem_start = 3075382961, mem_end = 3221217900, base_addr = 58588, irq = 255 '\377', 

46

              dma = 191 '\277', port = 184 '\270'}, 

47

            ifru_slave = "\261\236N\267l\342\377\277\334\344\377\277\270\342\377\277", 

48

            ifru_newname = "\261\236N\267l\342\377\277\334\344\377\277\270\342\377\277", 

49

            ifru_data = 0xb74e9eb1, ifru_settings = {type = 3075382961, size = 3221217900, 

50

              ifs_ifsu = {raw_hdlc = 0xbfffe4dc, cisco = 0xbfffe4dc, fr = 0xbfffe4dc, 

51

                fr_pvc = 0xbfffe4dc, fr_pvc_info = 0xbfffe4dc, sync = 0xbfffe4dc, 

52

                te1 = 0xbfffe4dc}}}}

53

        ret = 1

54

#2  0xb75a0fff in pcap_platform_finddevs (alldevsp=0xbfffe488, 

55

    errbuf=0xbfffe4dc "tun0: You don't have permission to capture on that device (socket: Operation not permitted)") at ./pcap-linux.c:2081

56

        ret = <optimized out>

57

#3  0xb75a3232 in pcap_findalldevs (alldevsp=0xbfffe4d8, 

58

    errbuf=0xbfffe4dc "tun0: You don't have permission to capture on that device (socket: Operation not permitted)") at ./fad-getad.c:275

59

        devlist = 0x0

60

        ifap = 0xb773b328

61

        ifa = 0x0

62

        addr = <optimized out>

63

        netmask = <optimized out>

64

        broadaddr = <optimized out>

65

        dstaddr = <optimized out>

66

---Type <return> to continue, or q <return> to quit---

67

        addr_size = <optimized out>

68

        broadaddr_size = <optimized out>

69

        dstaddr_size = <optimized out>

70

        ret = 0

71

        p = <optimized out>

72

        q = <optimized out>

73

#4  0xb772b69d in get_interface_list_findalldevs (err=0xbfffe6a8, err_str=0xbfffe6a4)

74

    at capture-pcap-util.c:174

75

        il = 0x0

76

        alldevs = 0xb773829c

77

        dev = <optimized out>

78

        if_info = <optimized out>

79

        errbuf = "tun0: You don't have permission to capture on that device (socket: Operation not permitted)\000\000\000m\267\342Yc\267P\211s\267\000\211s\267\017\000\000\000\335\255a\267\001\000\000\000\f\000\000\000S\216S\267B\314V\267<On\267\000\223G\267\230\345\377\277\066 n\267\001\000\000\000\001\000G_\022\000\000\000\004\000\000\000\060\211s\267\001\000\000\000\002\000\000\000 \000\000\000\002\000\000\000\001\000\000\000\335\237S\267\\4c\267\306\237S\267\000\000G_\271\236S\267\304\241S\267\270\343U\267\020\000\000\000\020\000\000\000\000\000\000\000\200\343U\267\001\000\000\000\260\343U\267T\316U\267\200\343U\267\061Ts\267"...

80

#5  0xb77299c0 in get_interface_list (err=0xbfffe6a8, err_str=0xbfffe6a4)

81

    at capture-pcap-util-unix.c:110

82

No locals.

83

#6  0xb772f9d2 in capture_interface_list (err=0xbfffe6a8, err_str=0xbfffe6a4) at dumpcap.c:797

84

No locals.

85

#7  0xb772b345 in capture_opts_trim_iface (capture_opts=0xb7737060, capture_device=0x0)

86

    at capture_opts.c:770

87

        if_list = <optimized out>

88

        if_info = <optimized out>

89

        err = <optimized out>

90

        err_str = <optimized out>

91

        options = {name = 0x0, descr = 0x0, cfilter = 0x0, snaplen = -1219105568, linktype = 0, 

92

---Type <return> to continue, or q <return> to quit---

93

          promisc_mode = -1219113388, buffer_size = -1073747388, monitor_mode = -1073748280}

94

#8  0xb77306cd in main (argc=<optimized out>, argv=<optimized out>) at dumpcap.c:3850

95

        opt = <optimized out>

96

        arg_error = 0

97

        action = {__sigaction_handler = {sa_handler = 0xb772d392 <capture_cleanup_handler>, 

98

            sa_sigaction = 0xb772d392 <capture_cleanup_handler>}, sa_mask = {__val = {

99

              0 <repeats 32 times>}}, sa_flags = 0, sa_restorer = 0}

100

        oldaction = {__sigaction_handler = {sa_handler = 0, sa_sigaction = 0}, sa_mask = {__val = {

101

              0, 0, 5, 1598488576, 7, 52953987, 14, 1598488577, 16, 3077434544, 0, 1, 3221218808, 

102

              3076736414, 8, 0, 4, 52953987, 3077796856, 3077434544, 3221218856, 52953987, 

103

              3077435808, 3077434544, 3221218856, 3077434544, 3077435808, 1, 3221218856, 

104

              3076845160, 3075859328, 3077787740}}, sa_flags = 0, sa_restorer = 0xac8c8380}

105

        start_capture = 1

106

        stats_known = 0

107

        stats = {ps_recv = 0, ps_drop = 0, ps_ifdrop = 0}

108

        list_interfaces = 0

109

        list_link_layer_types = 0

110

        print_bpf_code = 0

111

        machine_readable = 0

112

        print_statistics = 0

113

        status = <optimized out>

114

        run_once_args = 0

115

        i = <optimized out>

116

(gdb)

117

118

(gdb) x/16i $pc

119

=> 0xb749f152 <__readdir64+54>: cmpxchg %ecx,0x4(%esi)

120

   0xb749f156 <__readdir64+58>: jne    0xb749f1dc <_L_lock_22>

121

   0xb749f15c <__readdir64+64>: mov    0x10(%esi),%eax

122

   0xb749f15f <__readdir64+67>: lea    0x18(%esi),%edi

123

   0xb749f162 <__readdir64+70>: jmp    0xb749f17d <__readdir64+97>

124

   0xb749f164 <__readdir64+72>: lea    (%edi,%eax,1),%edx

125

   0xb749f167 <__readdir64+75>: movzwl 0x10(%edx),%ecx

126

   0xb749f16b <__readdir64+79>: add    %ecx,%eax

127

   0xb749f16d <__readdir64+81>: mov    %eax,0x10(%esi)

128

   0xb749f170 <__readdir64+84>: mov    0x8(%edx),%ecx

129

   0xb749f173 <__readdir64+87>: mov    %ecx,0x14(%esi)

130

   0xb749f176 <__readdir64+90>: mov    0x4(%edx),%ecx

131

   0xb749f179 <__readdir64+93>: or     (%edx),%ecx

132

   0xb749f17b <__readdir64+95>: jne    0xb749f1b1 <__readdir64+149>

133

   0xb749f17d <__readdir64+97>: cmp    0xc(%esi),%eax

134

   0xb749f180 <__readdir64+100>:        jb     0xb749f164 <__readdir64+72>

135

(gdb) 

136

137

(gdb) x/16x $sp

138

0xbfffe128:     0x00000000      0xb75cbc60      0xbfffe4dc      0xbfffe488

139

0xbfffe138:     0xbfffe3c8      0xb759d7ea      0x00000000      0x00000002

140

0xbfffe148:     0x00000000      0xb75cbc60      0x00000000      0xb75b985c

141

0xbfffe158:     0xbfffe178      0x03280383      0xbfffe488      0xbfffe4dc

142

(gdb) 

143

144

(gdb) info reg

145

eax            0x0      0

146

ecx            0x1      1

147

edx            0x0      0

148

ebx            0xb755ce54       -1219113388

149

esp            0xbfffe128       0xbfffe128

150

ebp            0xbfffe138       0xbfffe138

151

esi            0x0      0

152

edi            0xbfffe488       -1073748856

153

eip            0xb749f152       0xb749f152 <__readdir64+54>

154

eflags         0x10246  [ PF ZF IF RF ]

155

cs             0x73     115

156

ss             0x7b     123

157

ds             0x7b     123

158

es             0x7b     123

159

fs             0x0      0

160

gs             0x33     51

161

162

(gdb) x/8x $esi

163

0x0:    Cannot access memory at address 0x0

164

(gdb)

165

166

--

167

			WBR, Alex.

Gentoo Archives: gentoo-hardened

Replies

1	Hi!
2
3	On Sat, Jan 28, 2012 at 01:48:01AM +0200, pageexec@××××××××.hu wrote:
4	> gosh i knew i'd forgot something:
5
6	btw, glibc with debug has merged :)
7
8
9	(gdb) run
10	Starting program: /usr/bin/dumpcap
11	[Thread debugging using libthread_db enabled]
12
13	Program received signal SIGSEGV, Segmentation fault.
14	0xb749f152 in __readdir64 (dirp=0x0) at ../sysdeps/unix/readdir.c:45
15	45 ../sysdeps/unix/readdir.c: No such file or directory.
16	in ../sysdeps/unix/readdir.c
17	(gdb)
18
19	(gdb) thread apply all bt full
20
21	Thread 1 (Thread 0xb73f16c0 (LWP 19994)):
22	#0 0xb749f152 in __readdir64 (dirp=0x0) at ../sysdeps/unix/readdir.c:45
23	dp = <optimized out>
24	saved_errno = <optimized out>
25	#1 0xb759d7ea in scan_sys_class_net (devlistp=0xbfffe488,
26	errbuf=0xbfffe4dc "tun0: You don't have permission to capture on that device (socket: Operation not permitted)") at ./pcap-linux.c:1832
27	sys_class_net_d = 0x0
28	fd = 7
29	ent = <optimized out>
30	p = <optimized out>
31	name = "\261\236N\267\314\341\377\277.\244[\267\364\342\377\277\334\344\377\277\000\000\000\000\314\341\377\277\377\000\000\000\001\200\255\373\334\344\377\277\334\344\377\277\334\344\377\277\334\344\377\277\067\345\377\277\333\345\377\277\334\344\377\277\333\345\377\277", '\000' <repeats 20 times>, "\030\023\000\000\004\000\000\000T\316U\267\000\000\000\000\000\000\000\000\331\274s\267\203\003(\003\230\202s\267\324\274s\267\000\000\000\000`\274\\\267\020\240s\267\220\210G\267\230\342\377\277\211EZ\267\020\240s\267\377\377\000\000\325\\H\267(pZ\267v\000\000\000\271\236S\267\304\241S\267\270\343U\267\000\311U\267\000\000\000\000\324\274s\267\203\003(\003`\274\\\267\020\240s\267\300\346U\267\320\020\000\000\200\343U\267T\316U\267\200\343U\267\324\274s\267\250\342\377\277\243\275G\267\330\342\377\277\203\003(\003`\274\\\267\020\240s\267\330\342\377\277ZIZ\267\020\240s\267\324\274s\267\330\342\377\277\330\235N\267\334\344\377\277\000\001\000\000\001\000\000\000\203\003(\003`\274\\\267\020\240s\267\070\343\377\277AKZ\267\020\240s\267\000\001\000\000\001\000\000\000\377\377\377\377.\244[\267\324\274s\267\370\237[\267\064\241s\267\000\000\000\000\000\000\000\000D\000\000\000\334\344\377\277T\316U\267\000\000\000\000\331bO\267\203\003(\003\020eO\267\354\343\377\277\034\263s\267`\274\\\267\000\000\000\000\324\274s\267\250\343\377\277\341MZ\267\324\274s\267D\000\000\000\364wG\267\000\000\000\000\334\344\377\277\005\000\000\000\214\325S\267\234\236S\267"...
32	q = <optimized out>
33	ifrflags = {ifr_ifrn = {
34	ifrn_name = "T\316U\267l\342\377\277\334\344\377\277\270\342\377\277"}, ifr_ifru = {
35	ifru_addr = {sa_family = 40625,
36	---Type <return> to continue, or q <return> to quit---
37	sa_data = "N\267l\342\377\277\334\344\377\277\270\342\377\277"}, ifru_dstaddr = {
38	sa_family = 40625, sa_data = "N\267l\342\377\277\334\344\377\277\270\342\377\277"},
39	ifru_broadaddr = {sa_family = 40625,
40	sa_data = "N\267l\342\377\277\334\344\377\277\270\342\377\277"}, ifru_netmask = {
41	sa_family = 40625, sa_data = "N\267l\342\377\277\334\344\377\277\270\342\377\277"},
42	ifru_hwaddr = {sa_family = 40625,
43	sa_data = "N\267l\342\377\277\334\344\377\277\270\342\377\277"},
44	ifru_flags = -24911, ifru_ivalue = -1219584335, ifru_mtu = -1219584335, ifru_map = {
45	mem_start = 3075382961, mem_end = 3221217900, base_addr = 58588, irq = 255 '\377',
46	dma = 191 '\277', port = 184 '\270'},
47	ifru_slave = "\261\236N\267l\342\377\277\334\344\377\277\270\342\377\277",
48	ifru_newname = "\261\236N\267l\342\377\277\334\344\377\277\270\342\377\277",
49	ifru_data = 0xb74e9eb1, ifru_settings = {type = 3075382961, size = 3221217900,
50	ifs_ifsu = {raw_hdlc = 0xbfffe4dc, cisco = 0xbfffe4dc, fr = 0xbfffe4dc,
51	fr_pvc = 0xbfffe4dc, fr_pvc_info = 0xbfffe4dc, sync = 0xbfffe4dc,
52	te1 = 0xbfffe4dc}}}}
53	ret = 1
54	#2 0xb75a0fff in pcap_platform_finddevs (alldevsp=0xbfffe488,
55	errbuf=0xbfffe4dc "tun0: You don't have permission to capture on that device (socket: Operation not permitted)") at ./pcap-linux.c:2081
56	ret = <optimized out>
57	#3 0xb75a3232 in pcap_findalldevs (alldevsp=0xbfffe4d8,
58	errbuf=0xbfffe4dc "tun0: You don't have permission to capture on that device (socket: Operation not permitted)") at ./fad-getad.c:275
59	devlist = 0x0
60	ifap = 0xb773b328
61	ifa = 0x0
62	addr = <optimized out>
63	netmask = <optimized out>
64	broadaddr = <optimized out>
65	dstaddr = <optimized out>
66	---Type <return> to continue, or q <return> to quit---
67	addr_size = <optimized out>
68	broadaddr_size = <optimized out>
69	dstaddr_size = <optimized out>
70	ret = 0
71	p = <optimized out>
72	q = <optimized out>
73	#4 0xb772b69d in get_interface_list_findalldevs (err=0xbfffe6a8, err_str=0xbfffe6a4)
74	at capture-pcap-util.c:174
75	il = 0x0
76	alldevs = 0xb773829c
77	dev = <optimized out>
78	if_info = <optimized out>
79	errbuf = "tun0: You don't have permission to capture on that device (socket: Operation not permitted)\000\000\000m\267\342Yc\267P\211s\267\000\211s\267\017\000\000\000\335\255a\267\001\000\000\000\f\000\000\000S\216S\267B\314V\267<On\267\000\223G\267\230\345\377\277\066 n\267\001\000\000\000\001\000G_\022\000\000\000\004\000\000\000\060\211s\267\001\000\000\000\002\000\000\000 \000\000\000\002\000\000\000\001\000\000\000\335\237S\267\\4c\267\306\237S\267\000\000G_\271\236S\267\304\241S\267\270\343U\267\020\000\000\000\020\000\000\000\000\000\000\000\200\343U\267\001\000\000\000\260\343U\267T\316U\267\200\343U\267\061Ts\267"...
80	#5 0xb77299c0 in get_interface_list (err=0xbfffe6a8, err_str=0xbfffe6a4)
81	at capture-pcap-util-unix.c:110
82	No locals.
83	#6 0xb772f9d2 in capture_interface_list (err=0xbfffe6a8, err_str=0xbfffe6a4) at dumpcap.c:797
84	No locals.
85	#7 0xb772b345 in capture_opts_trim_iface (capture_opts=0xb7737060, capture_device=0x0)
86	at capture_opts.c:770
87	if_list = <optimized out>
88	if_info = <optimized out>
89	err = <optimized out>
90	err_str = <optimized out>
91	options = {name = 0x0, descr = 0x0, cfilter = 0x0, snaplen = -1219105568, linktype = 0,
92	---Type <return> to continue, or q <return> to quit---
93	promisc_mode = -1219113388, buffer_size = -1073747388, monitor_mode = -1073748280}
94	#8 0xb77306cd in main (argc=<optimized out>, argv=<optimized out>) at dumpcap.c:3850
95	opt = <optimized out>
96	arg_error = 0
97	action = {__sigaction_handler = {sa_handler = 0xb772d392 <capture_cleanup_handler>,
98	sa_sigaction = 0xb772d392 <capture_cleanup_handler>}, sa_mask = {__val = {
99	0 <repeats 32 times>}}, sa_flags = 0, sa_restorer = 0}
100	oldaction = {__sigaction_handler = {sa_handler = 0, sa_sigaction = 0}, sa_mask = {__val = {
101	0, 0, 5, 1598488576, 7, 52953987, 14, 1598488577, 16, 3077434544, 0, 1, 3221218808,
102	3076736414, 8, 0, 4, 52953987, 3077796856, 3077434544, 3221218856, 52953987,
103	3077435808, 3077434544, 3221218856, 3077434544, 3077435808, 1, 3221218856,
104	3076845160, 3075859328, 3077787740}}, sa_flags = 0, sa_restorer = 0xac8c8380}
105	start_capture = 1
106	stats_known = 0
107	stats = {ps_recv = 0, ps_drop = 0, ps_ifdrop = 0}
108	list_interfaces = 0
109	list_link_layer_types = 0
110	print_bpf_code = 0
111	machine_readable = 0
112	print_statistics = 0
113	status = <optimized out>
114	run_once_args = 0
115	i = <optimized out>
116	(gdb)
117
118	(gdb) x/16i $pc
119	=> 0xb749f152 <__readdir64+54>: cmpxchg %ecx,0x4(%esi)
120	0xb749f156 <__readdir64+58>: jne 0xb749f1dc <_L_lock_22>
121	0xb749f15c <__readdir64+64>: mov 0x10(%esi),%eax
122	0xb749f15f <__readdir64+67>: lea 0x18(%esi),%edi
123	0xb749f162 <__readdir64+70>: jmp 0xb749f17d <__readdir64+97>
124	0xb749f164 <__readdir64+72>: lea (%edi,%eax,1),%edx
125	0xb749f167 <__readdir64+75>: movzwl 0x10(%edx),%ecx
126	0xb749f16b <__readdir64+79>: add %ecx,%eax
127	0xb749f16d <__readdir64+81>: mov %eax,0x10(%esi)
128	0xb749f170 <__readdir64+84>: mov 0x8(%edx),%ecx
129	0xb749f173 <__readdir64+87>: mov %ecx,0x14(%esi)
130	0xb749f176 <__readdir64+90>: mov 0x4(%edx),%ecx
131	0xb749f179 <__readdir64+93>: or (%edx),%ecx
132	0xb749f17b <__readdir64+95>: jne 0xb749f1b1 <__readdir64+149>
133	0xb749f17d <__readdir64+97>: cmp 0xc(%esi),%eax
134	0xb749f180 <__readdir64+100>: jb 0xb749f164 <__readdir64+72>
135	(gdb)
136
137	(gdb) x/16x $sp
138	0xbfffe128: 0x00000000 0xb75cbc60 0xbfffe4dc 0xbfffe488
139	0xbfffe138: 0xbfffe3c8 0xb759d7ea 0x00000000 0x00000002
140	0xbfffe148: 0x00000000 0xb75cbc60 0x00000000 0xb75b985c
141	0xbfffe158: 0xbfffe178 0x03280383 0xbfffe488 0xbfffe4dc
142	(gdb)
143
144	(gdb) info reg
145	eax 0x0 0
146	ecx 0x1 1
147	edx 0x0 0
148	ebx 0xb755ce54 -1219113388
149	esp 0xbfffe128 0xbfffe128
150	ebp 0xbfffe138 0xbfffe138
151	esi 0x0 0
152	edi 0xbfffe488 -1073748856
153	eip 0xb749f152 0xb749f152 <__readdir64+54>
154	eflags 0x10246 [ PF ZF IF RF ]
155	cs 0x73 115
156	ss 0x7b 123
157	ds 0x7b 123
158	es 0x7b 123
159	fs 0x0 0
160	gs 0x33 51
161
162	(gdb) x/8x $esi
163	0x0: Cannot access memory at address 0x0
164	(gdb)
165
166	--
167	WBR, Alex.