Wireshark · Ethereal-dev: [ethereal-dev] Ethereal bug: Empty filter field causes SEGV

Ethereal-dev: [ethereal-dev] Ethereal bug: Empty filter field causes SEGV

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Santeri Paavolainen <santtu@xxxxxx>

Date: Wed, 29 Sep 1999 14:28:25 +0300 (EET DST)

System: Linux 2.2.10, GTK 1.2.3.
Ethereal version: 0.7.5
Reproducible: Yes

This bug happens with the following procedure:

1. Start ethereal
2. Choose "Capture", set filter "not ip", select ".. real time update",
   click "ok".
3. While capture is on, select Display->Colorize
4. Select "New" from the colorize dialog
5. Clear the "Filter" field (make it empty)

and crash. Trace and bug fix are simple:

Program received signal SIGSEGV, Segmentation fault.
0x805ddcc in dfilter_apply (dfcode=0x0, ptree=0x81a3640, pd=0x80e0d9c "")
    at dfilter.c:332
332             retval = dfilter_apply_node(dfcode->dftree, ptree, pd);
(gdb) bt
#0  0x805ddcc in dfilter_apply (dfcode=0x0, ptree=0x81a3640, pd=0x80e0d9c
"")
    at dfilter.c:332
#1  0x805ff35 in add_packet_to_packet_list (fdata=0x81a1c70, cf=0x80e0d20, 
    buf=0x81672d8 "") at file.c:525
#2  0x8060215 in wtap_dispatch_cb (user=0x80e0d20 "Øx\026\b\r", 
    phdr=0x816a7e4, offset=1181, buf=0x81672d8 "") at file.c:652
#3  0x808bb87 in wtap_loop (wth=0x816a7d0, count=1, 
    callback=0x80600e0 <wtap_dispatch_cb>, user=0x80e0d20 "Øx\026\b\r", 
    err=0xbffff594) at wtap.c:187
#4  0x805fa82 in cap_file_input_cb (data=0x80e0d20, source=12, 
    condition=GDK_INPUT_READ) at file.c:357
#5  0x4015f7a8 in gdk_io_invoke ()
#6  0x4018e568 in g_io_unix_dispatch ()
#7  0x4018fdf2 in g_main_dispatch ()
#8  0x4019045b in g_main_iterate ()
#9  0x40190611 in g_main_run ()
#10 0x400b5ddb in gtk_main ()
#11 0x809de17 in main (argc=1, argv=0xbffff834) at main.c:918
#12 0x40288cb3 in __libc_start_main (main=0x809ccf4 <main>, argc=1, 
    argv=0xbffff834, init=0x8055afc <_init>, fini=0x80aa91c <_fini>, 
    rtld_fini=0x4000a350 <_dl_fini>, stack_end=0xbffff82c)
    at ../sysdeps/generic/libc-start.c:78

Changing dfilter_apply to:

gboolean
dfilter_apply(dfilter *dfcode, proto_tree *ptree, const guint8* pd)
{
	gboolean retval;
	if (dfcode == NULL)
	    return FALSE;

	retval = dfilter_apply_node(dfcode->dftree, ptree, pd);
	return retval;
}

will fix the problem. 

Apparently this is caused when the dfilter_apply will try to apply dfcode,
which is NULL because of the clearing of the filter entry widget. Checking
for NULL dfcode will fix the bug.

-- 
santtu@xxxxxx                    I have become death, destroyer of the worlds.

Prev by Date: [ethereal-dev] Filtering "enumerated" fields symbolically
Next by Date: Re: [ethereal-dev] Ethereal bug: Empty filter field causes SEGV
Previous by thread: [ethereal-dev] Filtering "enumerated" fields symbolically
Next by thread: Re: [ethereal-dev] Ethereal bug: Empty filter field causes SEGV
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$