Ethereal-dev: Re: [ethereal-dev] Big tcpdump file makes Ethereal core dump

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <gharris@xxxxxxxxxxxx>
Date: Fri, 26 Nov 1999 13:22:40 -0800
> Is this Okay?

Yes.  Thanks.

The stack trace looks like the one we've seen in the other core dumps
Gilbert mentioned:

> ... We've had a report of another core dump caused
> while processing SMB traces... this might be the same.

as it has "strchr()" at the top, and "dissect_transact_smb()" below it:

> #0  0x402d5223 in strchr ()
> (gdb) backtrace
> #0  0x402d5223 in strchr ()
> #1  0x81c4735 in ?? ()
> #2  0x80a51fd in dissect_transact_smb (pd=0x81c46b8 "\003", offset=126, 
>     fd=0x831f408, parent=0x0, tree=0x0, si={tid = 0, uid = 7238, mid = 8, 
>       pid = 57344, conversation = 0x8321520, request_val = 0x8322530}, 
>     max_data=7, SMB_offset=61, errcode=0, dirn=1) at packet-smb.c:9445
> #3  0x80a75f4 in dissect_smb (pd=0x81c46b8 "\003", offset=93, fd=0x831f408, 
>     tree=0x0, max_data=7) at packet-smb.c:11174

	...

A fix has been checked into the CVS tree for Ethereal, so the next
release should have the fix.  We provide anonymous CVS access to the CVS
tree:

	http://ethereal.zing.org/development.html#anoncvs

so you could get the current CVS version and build that - it should be
able to read those captures without crashing (or, at least, without
crashing in that fashion on those types of packets).