Ethereal-dev: Re: [Ethereal-dev] Tethereal Bug "Dissector bug, protocol HTTP..."

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: LEGO <luis.ontanon@xxxxxxxxx>
Date: Thu, 17 Mar 2005 16:53:07 +0100
It's my fault.

I did not check the return value of tvb_find_guint8() to be something usable.

In this case It was clearly not usable. 

What should I do when I dicover that the packet I'm dissecting is
clearly a malformed packet?

THROW(DissectorError) ?


Luis.

On Thu, 17 M
ar 2005 12:42:59 +0100, Hirsch, Christian <Christian.Hirsch@xxxxxxxxxxx> wrote:
> Hi together,
> 
> I tried to filter a precaptured ethereal-file with tethereal.
> My read filter string was "ip.addr == x.y.z.x or ip.addr == a.b.c.d".
> During the filtering process I got these messages.
> 
> Then Ethereal crashes.
> At the bottom of this e-mail you'll find a gdb backtrace.
> 
> My ethereal version is 0.10.10 and OS is Fedora Core 2.
> 
> Thanks in advance
> Christian
> 
> Tethereal-Error
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 188647: "Request URI" - "http.request.uri" invalid length: -5 (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 520938: "Request URI" - "http.request.uri" invalid length: -5 (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 626909: "Request URI" - "http.request.uri" invalid length: -5 (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 867761: "Request URI" - "http.request.uri" invalid length: -5 (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 893198: "Request URI" - "http.request.uri" invalid length: -1186
> (proto.c:2104
> )
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 1236375: "Request URI" - "http.request.uri" invalid length: -1318
> (proto.c:210
> 4)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 1245744: "Request URI" - "http.request.uri" invalid length: -1318
> (proto.c:210
> 4)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 1258269: "Request URI" - "http.request.uri" invalid length: -1318
> (proto.c:210
> 4)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 1267743: "Request URI" - "http.request.uri" invalid length: -1318
> (proto.c:210
> 4)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 1334931: "Request URI" - "http.request.uri" invalid length: -1323
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 1337718: "Request URI" - "http.request.uri" invalid length: -1323
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 1386913: "Request URI" - "http.request.uri" invalid length: -1323
> (proto.c:2104)
> Not decoded yet in packet : 1449803  [too long octet_string]
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 1450850: "Request Version" - "http.request.version" invalid length:
> -1357 (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 1606551: "Request Version" - "http.request.version" invalid length:
> -1357 (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2033333: "Request URI" - "http.request.uri" invalid length: -1333
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2054921: "Request URI" - "http.request.uri" invalid length: -1266
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2076597: "Request URI" - "http.request.uri" invalid length: -1333
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2079059: "Request URI" - "http.request.uri" invalid length: -1333
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2080884: "Request URI" - "http.request.uri" invalid length: -1186
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2111369: "Request URI" - "http.request.uri" invalid length: -1333
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2118186: "Request Version" - "http.request.version" invalid length:
> -1355 (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2163371: "Request URI" - "http.request.uri" invalid length: -1333
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2179128: "Request URI" - "http.request.uri" invalid length: -1333
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2229957: "Request URI" - "http.request.uri" invalid length: -1281
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2230699: "Request Version" - "http.request.version" invalid length:
> -1353 (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2252235: "Request URI" - "http.request.uri" invalid length: -1273
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2253680: "Request URI" - "http.request.uri" invalid length: -1273
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2253721: "Request URI" - "http.request.uri" invalid length: -1333
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2257616: "Request URI" - "http.request.uri" invalid length: -1333
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2289525: "Request URI" - "http.request.uri" invalid length: -1273
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2292661: "Request URI" - "http.request.uri" invalid length: -1273
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2301512: "Request URI" - "http.request.uri" invalid length: -1281
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2303208: "Request URI" - "http.request.uri" invalid length: -1281
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2307023: "Request URI" - "http.request.uri" invalid length: -1313
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2391526: "Request URI" - "http.request.uri" invalid length: -5
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2403377: "Request URI" - "http.request.uri" invalid length: -5
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2411511: "Request URI" - "http.request.uri" invalid length: -5
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2457948: "Request URI" - "http.request.uri" invalid length: -1334
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2507793: "Request Version" - "http.request.version" invalid length:
> -1357 (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2563032: "Request Version" - "http.request.version" invalid length: -14
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2572491: "Request URI" - "http.request.uri" invalid length: -1342
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2575400: "Request URI" - "http.request.uri" invalid length: -1342
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2575841: "Request Version" - "http.request.version" invalid length: -14
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2598830: "Request URI" - "http.request.uri" invalid length: -1356
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2671809: "Request URI" - "http.request.uri" invalid length: -1356
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2692656: "Request URI" - "http.request.uri" invalid length: -1356
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2695830: "Request URI" - "http.request.uri" invalid length: -1361
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2829260: "Request Version" - "http.request.version" invalid length:
> -1226 (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 2947084: "Request URI" - "http.request.uri" invalid length: -1361
> (proto.c:2104)
> 
> ** (process:11861): WARNING **: Dissector bug, protocol HTTP, in packet
> 3215557: "Request URI" - "http.request.uri" invalid length: -5
> (proto.c:2104)
> Speicherzugriffsfehler
> 
> Backtrace:
> 
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread -1084906752 (LWP 11861)]
> 0x001a7c45 in memcpy () from /lib/tls/libc.so.6
> (gdb) backtrace
> #0  0x001a7c45 in memcpy () from /lib/tls/libc.so.6
> #1  0x010e8bf3 in tvb_get_string (tvb=0x14d62464, offset=0, length=0) at
> tvbuff.c:1719
> #2  0x0128c445 in basic_request_dissector (tvb=0x14d62464,
> tree=0xbea9ac0, start=0)
>      at packet-http.c:969
> #3  0x0128c293 in dissect_http_message (tvb=0x14d62464, offset=0,
> pinfo=0x14c1c2f0,
>      tree=0xbea6958) at packet-http.c:582
> #4  0x0128d496 in dissect_http (tvb=0x14d62464, pinfo=0x14c1c2f0,
> tree=0xbea6958)
>      at packet-http.c:1680
> #5  0x010ce40f in call_dissector_through_handle (handle=0x961ce40,
> tvb=0x14d62464,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:370
> #6  0x010ce80e in call_dissector_work (handle=0x961ce40, tvb=0x14d62464,
> pinfo_arg=0xffffffff,
>      tree=0xbea6958) at packet.c:545
> #7  0x010cec42 in dissector_try_port (sub_dissectors=0x9694a08, port=80,
> tvb=0x14d62464,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:820
> #8  0x013f504e in decode_tcp_ports (tvb=0x14d62430, offset=20,
> pinfo=0x14c1c2f0,
>      tree=0xbea6958, src_port=1112, dst_port=1112) at packet-tcp.c:2549 #9  0x013f5161 in process_tcp_payload (tvb=0x14d62430, offset=20,
> pinfo=0x14c1c2f0,
>      tree=0xbea6958, tcp_tree=0xbea4858, src_port=1112, dst_port=80,
> seq=1, nxtseq=5,
>      is_tcp_segment=1) at packet-tcp.c:2573
> #10 0x013f52c6 in dissect_tcp_payload (tvb=0x14d62430, pinfo=0x14c1c2f0,
> offset=20, seq=1,
>      nxtseq=5, sport=1112, dport=0, tree=0x7fffffff, tcp_tree=0xbea4858)
> at packet-tcp.c:2653
> #11 0x013f5d74 in dissect_tcp (tvb=0x14d62430, pinfo=0x14c1c2f0,
> tree=0xbea6958)
>      at packet-tcp.c:3077
> #12 0x010ce40f in call_dissector_through_handle (handle=0x96b3370,
> tvb=0x14d62430,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:370
> #13 0x010ce80e in call_dissector_work (handle=0x96b3370, tvb=0x14d62430,
> pinfo_arg=0xffffffff,
>      tree=0xbea6958) at packet.c:545
> #14 0x010cec42 in dissector_try_port (sub_dissectors=0x9610d58, port=6,
> tvb=0x14d62430,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:820
> #15 0x012a7831 in dissect_ip (tvb=0x14d623fc, pinfo=0x14c1c2f0,
> tree=0xbea6958)
>      at packet-ip.c:1099
> #16 0x010ce40f in call_dissector_through_handle (handle=0x9610e78,
> tvb=0x14d623fc,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:370
> #17 0x010ce80e in call_dissector_work (handle=0x9610e78, tvb=0x14d623fc,
> pinfo_arg=0xffffffff,
>      tree=0xbea6958) at packet.c:545
> #18 0x010cfd14 in call_dissector (handle=0x9610e78, tvb=0x14d623fc,
> pinfo=0x14c1c2f0,
>      tree=0xbea6958) at packet.c:1686
> #19 0x01253b19 in dissect_gtp (tvb=0x14d623c8, pinfo=0x14c1c2f0,
> tree=0xbea6958)
>      at packet-gtp.c:4385
> #20 0x010ce40f in call_dissector_through_handle (handle=0x95f9410,
> tvb=0x14d623c8,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:370
> #21 0x010ce80e in call_dissector_work (handle=0x95f9410, tvb=0x14d623c8,
> pinfo_arg=0xffffffff,
>      tree=0xbea6958) at packet.c:545
> #22 0x010cec42 in dissector_try_port (sub_dissectors=0x9698100,
> port=2152, tvb=0x14d623c8,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:820
> #23 0x014020f6 in decode_udp_ports (tvb=0x14c6ec28, offset=349578184,
> pinfo=0x14c1c2f0,
>      tree=0xbea6958, uh_sport=2152, uh_dport=2152, uh_ulen=1520) at
> packet-udp.c:147
> #24 0x01402595 in dissect_udp (tvb=0x14c6ec28, pinfo=0x14c1c2f0,
> tree=0xbea6958)
>      at packet-udp.c:295
> #25 0x010ce40f in call_dissector_through_handle (handle=0x96b39c0,
> tvb=0x14c6ec28,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:370
> #26 0x010ce80e in call_dissector_work (handle=0x96b39c0, tvb=0x14c6ec28,
> pinfo_arg=0xffffffff,
>      tree=0xbea6958) at packet.c:545
> #27 0x010cec42 in dissector_try_port (sub_dissectors=0x9610d58, port=17,
> tvb=0x14c6ec28,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:820
> #28 0x012a7831 in dissect_ip (tvb=0x14c6ebf4, pinfo=0x14c1c2f0,
> tree=0xbea6958)
>      at packet-ip.c:1099
> #29 0x010ce40f in call_dissector_through_handle (handle=0x9610e78,
> tvb=0x14c6ebf4,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:370
> #30 0x010ce80e in call_dissector_work (handle=0x9610e78, tvb=0x14c6ebf4,
> pinfo_arg=0xffffffff,
>      tree=0xbea6958) at packet.c:545
> #31 0x010cec42 in dissector_try_port (sub_dissectors=0x95ecfd0,
> port=2048, tvb=0x14c6ebf4,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:820
> #32 0x011f0f02 in ethertype (etype=2048, tvb=0x14c6ebc0,
> offset_after_etype=14,
>      pinfo=0x14c1c2f0, tree=0xbea6958, fh_tree=0xbea6730, etype_id=4750,
> trailer_id=4752,
>      fcs_len=-1) at packet-ethertype.c:184
> #33 0x011eec80 in dissect_eth_common (tvb=0x14c6ebc0, pinfo=0x14c1c2f0,
> tree=0xbea6958,
>      fcs_len=-1) at packet-eth.c:300
> #34 0x011ef09e in dissect_eth_maybefcs (tvb=0x14c6ebc0, pinfo=0x0,
> tree=0xbea6958)
> ---Type <return> to continue, or q <return> to quit---
>      at packet-eth.c:395
> #35 0x010ce40f in call_dissector_through_handle (handle=0x96a6b60,
> tvb=0x14c6ebc0,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:370
> #36 0x010ce80e in call_dissector_work (handle=0x96a6b60, tvb=0x14c6ebc0,
> pinfo_arg=0xffffffff,
>      tree=0xbea6958) at packet.c:545
> #37 0x010cec42 in dissector_try_port (sub_dissectors=0x95ef060, port=1,
> tvb=0x14c6ebc0,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:820
> #38 0x0120b5e4 in dissect_frame (tvb=0x14c6ebc0, pinfo=0x14c1c2f0,
> tree=0xbea6958)
>      at packet-frame.c:189
> #39 0x010ce40f in call_dissector_through_handle (handle=0x95ef120,
> tvb=0x14c6ebc0,
>      pinfo=0x14c1c2f0, tree=0xbea6958) at packet.c:370
> #40 0x010ce80e in call_dissector_work (handle=0x95ef120, tvb=0x14c6ebc0,
> pinfo_arg=0xffffffff,
>      tree=0xbea6958) at packet.c:545
> #41 0x010cfd14 in call_dissector (handle=0x95ef120, tvb=0x14c6ebc0,
> pinfo=0x14c1c2f0,
>      tree=0xbea6958) at packet.c:1686
> #42 0x010ce3ae in dissect_packet (edt=0x14c1c2e8,
> pseudo_header=0xffffffff, pd=0x973d960 "\b",
>      fd=0xbfe95a40, cinfo=0x14c1c2f0) at packet.c:318
> #43 0x010cbc6f in epan_dissect_run (edt=0x14c1c2e8,
> pseudo_header=0x96f4e14,
>      data=0x973d960 "\b", fd=0xbfe95a40, cinfo=0x0) at epan.c:153 #44 0x0805b745 in process_packet (cf=0x80669c0, pdh=0x97121e0,
> offset=813281429,
>      whdr=0x96f4e00, pseudo_header=0x96f4e14, pd=0x973d960 "\b",
> err=0xbfe95ad8)
>      at tethereal.c:2368
> #45 0x0805b221 in load_cap_file (cf=0x80669c0,
>      save_file=0x96f1b20
> "/home/tracer/Files/Christian/ups/05031509_done_UPS", out_file_type=2)
>      at tethereal.c:2181
> #46 0x08059ee4 in main (argc=7, argv=0xbfe95d34) at tethereal.c:1370
> 
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
> 


-- 
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan