Ethereal-dev: Re: [Ethereal-dev] Ethereal crash when dissect H450 message

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Ronnie Sahlberg" <ronnie_sahlberg@xxxxxxxxxxxxxx>
Date: Mon, 16 Feb 2004 21:23:33 +1100
sure.
do you have an example capture file?  you can send it to me and i will look
at it.


----- Original Message ----- 
From: "Zhao, Allen Weitao (Allen)"
Sent: Monday, February 16, 2004 9:20 PM
Subject: [Ethereal-dev] Ethereal crash when dissect H450 message


List,

I am new to this list. Currently, my ethereal crashed during dissectting
H245 message.  The ethereal used is ver0.10.0C windows build.   I have also
tried the code on 2/13/2004 on RedHat Linux 8.0, it is same.

Following is the trace:

** ERROR **: file proto.c: line 1681 (proto_tree_add_uint): should not be
reached
aborting...

Program received signal SIGABRT, Aborted.
0x400ffae1 in __kill () from /lib/i686/libc.so.6
(gdb) where
#0  0x400ffae1 in __kill () from /lib/i686/libc.so.6
#1  0x400ff8ba in raise (sig=6) at ../sysdeps/posix/raise.c:27
#2  0x40101062 in abort () at ../sysdeps/generic/abort.c:88
#3  0x4009a09c in g_logv () at eval.c:41
#4  0x4009a147 in g_log () at eval.c:41
#5  0x82fcac3 in proto_tree_add_uint (tree=0x883b390, hfindex=5763,
    tvb=0x883b6d4, start=0, length=1, value=1) at proto.c:1681
#6  0x82003d8 in dissect_per_constrained_integer (tvb=0x883b6d4, offset=0,
    pinfo=0x883aa58, tree=0x883b390, hf_index=5763, min=0, max=1,
    value=0xbfffdbd0, item=0xbfffdbd4, has_extension=0) at packet-per.c:811
#7  0x8200a6d in dissect_per_choice (tvb=0x883b6d4, offset=0,
pinfo=0x883aa58,
    tree=0x883af58, hf_index=5763, ett_index=3086, choice=0x866b100,
    name=0x844f952 "DummyRes", value=0x0) at packet-per.c:975
#8  0x816c825 in dissect_h4502_DummyRes (tvb=0x883b6d4, offset=0,
    pinfo=0x883aa58, tree=0x883af58) at packet-h450.c:747
#9  0x816c8ac in dissect_h4501_ReturnResult_result (tvb=0x883b6a0,
offset=72,
    pinfo=0x883aa58, tree=0x883af58) at packet-h450.c:771
#10 0x8200d95 in dissect_per_sequence (tvb=0x883b6a0, offset=48,
    pinfo=0x883aa58, parent_tree=0x8884020, hf_index=5766, ett_index=3069,
    sequence=0x866b4a0) at packet-per.c:1183
#11 0x816c93e in dissect_h4501_result (tvb=0x883b6a0, offset=48,
    pinfo=0x883aa58, tree=0x8884020) at packet-h450.c:794
#12 0x8200d95 in dissect_per_sequence (tvb=0x883b6a0, offset=18,
    pinfo=0x883aa58, parent_tree=0x883ad60, hf_index=5767, ett_index=3070,
---Type <return> to continue, or q <return> to quit---q
sequeQuit
) at packet-per.c:1183
#13 0x816c97e in dissect_h4501_ReturnResult (tvb=0x883b6a0, offset=18,
    pinfo=0x883aa58, tree=0x883ad60) at packet-h450.c:809
#14 0x8200ac9 in dissect_per_choice (tvb=0x883b6a0, offset=16,
    pinfo=0x883aa58, tree=0x8884530, hf_index=5778, ett_index=3075,
    choice=0x866b640, name=0x844ff08 "ROS", value=0x0) at packet-per.c:992
#15 0x816cbe5 in dissect_h4501_ROS (tvb=0x883b6a0, offset=16,
pinfo=0x883aa58,
    tree=0x8884530) at packet-h450.c:1026
#16 0x81ff6b2 in dissect_per_sequence_of_helper (tvb=0x883b6a0, offset=16,
    pinfo=0x883aa58, tree=0x883b3f0, func=0x816cbb0 <dissect_h4501_ROS>,
    length=1) at packet-per.c:222
#17 0x81ff778 in dissect_per_sequence_of (tvb=0x883b6a0, offset=4,
    pinfo=0x883aa58, parent_tree=0x883b210, hf_index=5779, ett_index=3076,
    func=0x816cbb0 <dissect_h4501_ROS>) at packet-per.c:250
#18 0x816cc1e in dissect_h4501_rosApdus (tvb=0x883b6a0, offset=4,
    pinfo=0x883aa58, tree=0x883b210) at packet-h450.c:1034
#19 0x8200ac9 in dissect_per_choice (tvb=0x883b6a0, offset=3,
pinfo=0x883aa58,
    tree=0x883b450, hf_index=5780, ett_index=3077, choice=0x866b6a0,
    name=0x844ff28 "ServiceApdus", value=0x0) at packet-per.c:992
#20 0x816cc65 in dissect_h4501_ServiceApdus (tvb=0x883b6a0, offset=3,
    pinfo=0x883aa58, tree=0x883b450) at packet-h450.c:1051
#21 0x8200d95 in dissect_per_sequence (tvb=0x883b6a0, offset=0,
    pinfo=0x883aa58, parent_tree=0x883aec8, hf_index=5729, ett_index=3058,
    sequence=0x866b6c0) at packet-per.c:1183
---Type <return> to continue, or q <return> to quit---
#22 0x816cccd in dissect_h4501 (tvb=0x883b6a0, pinfo=0x883aa58,
tree=0x883b300)
    at packet-h450.c:1075
#23 0x82f947c in call_dissector_through_handle (handle=0x8760af8,
    tvb=0x883b6a0, pinfo=0x883aa58, tree=0x883b300) at packet.c:363
#24 0x82f97e5 in call_dissector_work (handle=0x8760af8, tvb=0x883b6a0,
    pinfo=0x883aa58, tree=0x883b300) at packet.c:513
#25 0x82faa9e in call_dissector (handle=0x8760af8, tvb=0x883b6a0,
    pinfo=0x883aa58, tree=0x883b300) at packet.c:1596
#26 0x815c774 in dissect_h225_h4501SupplementaryService_item (tvb=0x883b66c,
    offset=264, pinfo=0x883aa58, tree=0x883b300) at packet-h225.c:7875
#27 0x81ff6b2 in dissect_per_sequence_of_helper (tvb=0x883b66c, offset=264,
    pinfo=0x883aa58, tree=0x8884218,
    func=0x815c710 <dissect_h225_h4501SupplementaryService_item>, length=1)
    at packet-per.c:222
#28 0x81ff778 in dissect_per_sequence_of (tvb=0x883b66c, offset=256,
    pinfo=0x883aa58, parent_tree=0x883af40, hf_index=4719, ett_index=2556,
    func=0x815c710 <dissect_h225_h4501SupplementaryService_item>)
    at packet-per.c:250
#29 0x815c7bd in dissect_h225_h4501SupplementaryService (tvb=0x883b66c,
    offset=256, pinfo=0x883aa58, tree=0x883af40) at packet-h225.c:7883