Ethereal-dev: Re: [Ethereal-dev] Buildbot crash output

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Fri, 10 Mar 2006 09:39:33 +0100 (CET)
Hi List,

This one seems odd. In record #4 the variable 'ap' (va_list) seems strange,
but the code there is simple and looks oke. The rest of the stackdump
seems to suggest that the strings referenced by the format string and
passed via 'ap' aren't oke. I can't reproduce this with SVN Rev 17556 on
Debian GNU/Linux anyway.

On another note. Shouldn't the dissector call dissect_snmp_error()
here since ret == ASN1_ERR_NOERROR.

Thanx,
Jaap


On Thu, 9 Mar 2006, Buildbot wrote:

> Problems have been found with the following capture file(s):
>
> http://www.ethereal.com/distribution/buildbot-builds/randpkt/editcap.441096b6.pcap
>
>
> Error information:
> Core was generated by `lt-tethereal'.
> Program terminated with signal 11, Segmentation fault.
> #0  0x2000000042b053e1 in strlen () from /lib/libc.so.5
> #0  0x2000000042b053e1 in strlen () from /lib/libc.so.5
> No symbol table info available.
> #1  0x2000000042afb5c0 in __vfprintf () from /lib/libc.so.5
> No symbol table info available.
> #2  0x2000000042a27bf0 in vsnprintf () from /lib/libc.so.5
> No symbol table info available.
> #3  0x20000000423a1d60 in g_vsnprintf ()
>    from /usr/local/lib/libglib-2.0.so.400
> No symbol table info available.
> #4  0x2000000040ac3ab0 in proto_tree_set_representation (
>     pi=0x200000000070c6a8,
>     format=0x2000000041902e58 "ERROR: Couldn't parse %s: %s",
>     ap=0x9fffffffffffcef8) at proto.c:2934
> 	fi = (field_info *) 0x200000000070c690
> #5  0x2000000040ab8bd0 in proto_tree_add_text (tree=0x200000000070a3f0,
>     tvb=0x20000000006a0938, start=21, length=0,
>     format=0x2000000041902e58 "ERROR: Couldn't parse %s: %s") at proto.c:677
> 	pi = (proto_item *) 0x200000000070a3f0
> #6  0x20000000413a9990 in dissect_snmp_parse_error (tvb=0x20000000006a0938,
>     offset=21, pinfo=0x20000000005adc10, tree=0x200000000070b140,
>     field_name=0x20000000419032b0 "message flags wrong length", ret=5954584)
>     at packet-snmp.c:697
> 	errstr = 0x45278298 <Address 0x45278298 out of bounds>
> .......