Wireshark · Ethereal-dev: [Ethereal-dev] [Bug report] Exporting in PDML causes various GLIB crashes

Ethereal-dev: [Ethereal-dev] [Bug report] Exporting in PDML causes various GLIB crashes

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Jeremy Jouglet" <jjouglet@xxxxxxxxxx>

Date: Wed, 24 Aug 2005 18:32:34 +0200

Hi list,

I think I have discovered a strange bug there. When I export in the PDML format with tethereal it crashes with the capture files included on the windows platform. I have included my preferences and no protocols are disabled. I am running ethereal revision  15517 on a Windows 2003. The export in other format are fine.

The extract enclosed crashes inside the print.c file, routine "proto_tree_write_node_pdml". It crashes on the Frame number 11 when printing the PPP IP Control Protocol subtree of the GTP message. To be more precise, the crash is caused inside the call proto_item_fill_label(fi, label_str); line 312. If I understood it well this call fills the label with the proto name with the function g_snprintf. This is this latter call that crashes.
Crash message : The instruction at "0x7c812009" referenced memory at "0x000000000". The memory could not be "read".

Inside proto.c I have tried to replace the call ret = g_snprintf(label_str, ITEM_LABEL_LENGTH,"%s", hfinfo->name); by 
ret = g_snprintf(label_str, ITEM_LABEL_LENGTH,"PPP IP Control Protocol"); It worked for this item but crashed on the next one.

I am stuck with this problem and I am ready to help. Summary of the other tests  :
- If you check "Enable transport name resolution" it does not crash.
- it does not crash if you remove for instance the first packet of the capture.
- the call to proto_item_fill_label are working pretty well until the frame 10, even on equivalent message (frame 8)

Please help !

-------------------------------------------------- 
>>>>>>>>>>>(Please Note New Email)<<<<<<<<<<<<<<<<
--------------------------------------------------
Jérémy JOUGLET
Nortel Networks - End to End Engineering - CTF32A2
Parc d'activité de Magny - Châteaufort
78928 Yvelines Cedex 9 France

Phone:        +33 169 55 7297 (ESN 574-7297)
Mobile:       +33 679 26 8884 (no ESN ) 
(NEW!!)>>> e-mail: jjouglet@xxxxxxxxxx <<<(NEW!!!)

 
 <<preferences>>

Attachment: GlibCrash.cap
Description: GlibCrash.cap

Attachment: preferences
Description: preferences

Prev by Date: [Ethereal-dev] Obtaining previous dissector information
Next by Date: Re: [Ethereal-dev] Re: Patch to prevent loop in flow analysis graph
Previous by thread: [Ethereal-dev] RE: Obtaining previous dissector information
Next by thread: [Ethereal-dev] Ethereal aborts if invalid filter specified for statistics
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$