Ethereal-dev: [Ethereal-dev] tethereal-0.10.5 + PDML parsing

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Bram Shirani <bram@xxxxxxxxxxxx>
Date: Mon, 12 Jul 2004 09:21:13 -0700
Greetings,

I posted this message to the ethereal-users list on Friday, without any
hits. Apologies for the repost, however, I think this list is a little more
suitable for my question. The original message is below, however, an
addendum from more testing follows here:

When I run the command 'tethereal -Tpdml -r dumpfile > pdml.dmp' I exit
with the error:

Unhandled exception ("XCEPT_GROUP_ETHEREAL", group=1, code=1)

However, when I run 'tethereal -Tpdml -r dumpfile not dlsw > pdml.dmp' I
exit with: 
  
tethereal in malloc(): error: allocation failed

The original post to ethereal-users assumes that I am using the 'not dlsw'
option on the command line, which satisifies my needs.

[..original email..]

Long time ethereal user, first time subscriber. I have been playing around
with ethereal's output to PDML feature as of late, and seem to be very good
at making ethereal fall down and go boom.

I read a mailing list post to ethereal-users list around 6 months ago where
a user was
using the PDML output option and causing thethereal to core. I seem to be
experiencing the same problem.

I am running ethereal-0.10.5, which is many versions more current than the
version the previous person was having problems with.

I am still debugging in an effort to find the problem, but I figured I would
check here to see if there were any known issues with using tethereal and
PDML that I am not aware of. Some very brief debugging information for you:

I am running thethereal as:

tethereal -T pdml -r dumpfile not dlsw > pdml.dmp

Though I am still in early stages of testing, I believe the dlsw protocal
causes tethereal to core dump as well. If I run that command without the
'not
dlsw' I crash much quicker.

It exists with:

tethereal in malloc(): error: allocation failed
Abort (core dumped)

A quick look in gdb shows:

(gdb) bt
#0  0x28c7bdcf in kill () from /lib/libc.so.5
#1  0x28c70878 in raise () from /lib/libc.so.5
#2  0x28ce8f82 in abort () from /lib/libc.so.5
#3  0x281ea75a in unhandled_catcher () at except.c:213
#4  0x281ea705 in do_throw (except=0xbfbfe360) at except.c:205
#5  0x281ea93a in except_throw (except_group=0, except_code=0, msg=0x0) at
except.c:269
#6  0x281fb52d in ensure_contiguous (tvb=0x0, offset=0, length=0) at
tvbuff.c:857
#7  0x281fbaaf in tvb_get_ptr (tvb=0x0, offset=0, length=0) at tvbuff.c:1016
#8  0x285f04af in get_field_data (src_list=0xbb146c8, fi=0x82166b4) at
../print.c:190
#9  0x285f083a in print_field_hex_value (pdata=0xbfbfe8a0, fi=0x82166b4) at
../print.c:298
#10 0x285f0a1d in proto_tree_print_node_pdml (node=0x83168b8,
data=0xbfbfe8a0) at ../print.c:342
#11 0x281ef2df in proto_tree_children_foreach (tree=0x81b60f0,
func=0x285f08a0 <proto_tree_print_node_pdml>, data=0xbfbfe8a0) at
proto.c:390
#12 0x285f0dea in proto_tree_print_node_pdml (node=0x81b60f0,
data=0xbfbfe8a0) at ../print.c:452
#13 0x281ef2df in proto_tree_children_foreach (tree=0xb8bd258,
func=0x285f08a0 <proto_tree_print_node_pdml>, data=0xbfbfe8a0) at
proto.c:390
#14 0x285f0dea in proto_tree_print_node_pdml (node=0xb8bd258,
data=0xbfbfe8a0) at ../print.c:452
#15 0x281ef2df in proto_tree_children_foreach (tree=0x81b68b8,
func=0x285f08a0 <proto_tree_print_node_pdml>, data=0xbfbfe8a0) at
proto.c:390
#16 0x285f0251 in proto_tree_print (print_args=0x6, edt=0x8183c00,
fh=0x28cf6f78) at ../print.c:123
#17 0x0805a21a in print_packet (cf=0x8064de0, edt=0x8183c00) at
tethereal.c:2642
#18 0x0805a045 in process_packet (cf=0x8064de0, pdh=0x0, offset=0,
whdr=0x8183918, pseudo_header=0x818392c, pd=0x8213000 "", err=0x0) at
tethereal.c:2563
#19 0x08059ad7 in load_cap_file (cf=0x8064de0, out_file_type=0) at
tethereal.c:2334
#20 0x080588f9 in main (argc=5, argv=0xbfbfed04) at tethereal.c:1538
#21 0x0804c982 in _start ()

Is anyone else experiencing any issues with the PDML output? I'm currently
running:

tethereal 0.10.5
Compiled with GLib 1.2.10, with libpcap 0.7+multidlt, with libz 1.1.4,
with libpcre 4.4, with Net-SNMP 5.1, with ADNS.
Running with libpcap (version unknown) on FreeBSD 5.2.1-RELEASE.

I will keep you posted with any new developments... Thank you for any issues
I'm unaware of.

Bram Shirani
bram@xxxxxxxxxxxx