Wireshark · Ethereal-users: [ethereal-users] reproducable 0.7.6 core dump

[Jason Wright <peewee@xxxxxxxxxx>]

Howdy...

I'm running ethereal 0.7.6 under Solaris/Sparc - compiled under 2.6,
running under 2.7[1].  When I try and load a certain snoop capture file, I
get a core dump in _doprnt from /usr/lib/libc.so.1.  The only odd thing
about this capture file is that it contains packets with IP protocol 94,
which are generated by Firewall-1 SecuRemote encapsulation.  The IP header of
one such packet is:

IP:   ----- IP Header -----
IP:   
IP:   Version = 4
IP:   Header length = 20 bytes
IP:   Type of service = 0x00
IP:         xxx. .... = 0 (precedence)
IP:         ...0 .... = normal delay
IP:         .... 0... = normal throughput
IP:         .... .0.. = normal reliability
IP:   Total length = 431 bytes
IP:   Identification = 16919
IP:   Flags = 0x0
IP:         .0.. .... = may fragment
IP:         ..0. .... = last fragment
IP:   Fragment offset = 0 bytes
IP:   Time to live = 239 seconds/hops
IP:   Protocol = 94 ()
IP:   Header checksum = 4fb2
IP:   Source address = xxx.xxx.xxx.xx, xxx.xxx.xxx.xx
IP:   Destination address = xxx.xx.xx.xx, xxx.xx.xx.xx
IP:   No options
IP:   

It's dumping core in libc, so this might not be ethereal's fault.  However,
I have only Solaris systems at my disposal at the moment.

A gdb backtrace is attached and I will make the capture file available, if 
needed.  Thanks!

PeeWee

[1] I also get a core dump when running under 2.6.

-- 
email: peewee@xxxxxxxxxx - useless: http://www.scc.mi.org/peewee/ - efnet: Pwe
I have followed the rainbow's path to the end, only to discover that the elves
have a marketing department and want to sell me the gold  -Me, on the Bay Area

doom:~ ] gdb `which ethereal` core 
GNU gdb 19990928
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "sparc-sun-solaris2.7"...(no debugging symbols found)...
Core was generated by `ethereal'.
Program terminated with signal 11, Segmentation Fault.
Reading symbols from /apps/lib/libz.so...(no debugging symbols found)...done.
Reading symbols from /apps/lib/libgtk-1.2.so.0...(no debugging symbols found)...done.
Reading symbols from /apps/lib/libgdk-1.2.so.0...(no debugging symbols found)...done.
Reading symbols from /apps/lib/libgmodule-1.2.so.0...(no debugging symbols found)...done.
Reading symbols from /apps/lib/libglib-1.2.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/libdl.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/local/X11/lib/libXext.so.6.3...(no debugging symbols found)...done.
Reading symbols from /usr/local/X11/lib/libX11.so.6.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/libsocket.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/libnsl.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/libm.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/libc.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/libmp.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/platform/SUNW,Ultra-30/lib/libc_psr.so.1...(no debugging symbols found)...
done.
Reading symbols from /usr/lib/nss_files.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/nss_nis.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/nss_dns.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/libresolv.so.2...(no debugging symbols found)...done.
#0  0xfedfd3c4 in _doprnt () from /usr/lib/libc.so.1
(gdb) bt
#0  0xfedfd3c4 in _doprnt () from /usr/lib/libc.so.1
#1  0xfee0098c in snprintf () from /usr/lib/libc.so.1
#2  0x333d8 in val_to_str ()
#3  0x3260c in ipprotostr ()
#4  0x4b544 in dissect_ip ()
#5  0x2f7fc in ethertype ()
#6  0x467a0 in dissect_eth ()
#7  0x3305c in dissect_packet ()
#8  0x30874 in add_packet_to_packet_list ()
#9  0x30cc8 in wtap_dispatch_cb ()
#10 0x7e0b0 in wtap_loop ()
#11 0x2fd20 in read_cap_file ()
#12 0xa07c4 in file_open_ok_cb ()
#13 0xff254260 in gtk_marshal_NONE__NONE () from /apps/lib/libgtk-1.2.so.0
#14 0xff297c00 in gtk_handlers_run () from /apps/lib/libgtk-1.2.so.0
#15 0xff296ce0 in gtk_signal_real_emit () from /apps/lib/libgtk-1.2.so.0
#16 0xff29438c in gtk_signal_emit () from /apps/lib/libgtk-1.2.so.0
#17 0xff1cbe00 in gtk_button_clicked () from /apps/lib/libgtk-1.2.so.0
#18 0xff222f0c in gtk_file_selection_file_button () from /apps/lib/libgtk-1.2.so.0
#19 0xff254248 in gtk_marshal_NONE__INT_INT_POINTER () from /apps/lib/libgtk-1.2.so.0
#20 0xff297c00 in gtk_handlers_run () from /apps/lib/libgtk-1.2.so.0
#21 0xff296ce0 in gtk_signal_real_emit () from /apps/lib/libgtk-1.2.so.0
#22 0xff29438c in gtk_signal_emit () from /apps/lib/libgtk-1.2.so.0
#23 0x8ea44 in gtk_clist_button_press ()
#24 0xff253ff0 in gtk_marshal_BOOL__POINTER () from /apps/lib/libgtk-1.2.so.0
#25 0xff296d28 in gtk_signal_real_emit () from /apps/lib/libgtk-1.2.so.0
#26 0xff29438c in gtk_signal_emit () from /apps/lib/libgtk-1.2.so.0
#27 0xff2e353c in gtk_widget_event () from /apps/lib/libgtk-1.2.so.0
#28 0xff253400 in gtk_propagate_event () from /apps/lib/libgtk-1.2.so.0
#29 0xff252ae4 in gtk_main_do_event () from /apps/lib/libgtk-1.2.so.0
#30 0xff13e324 in gdk_event_dispatch () from /apps/lib/libgdk-1.2.so.0
#31 0xff0e75c0 in g_main_dispatch () from /apps/lib/libglib-1.2.so.0
#32 0xff0e7ec4 in g_main_iterate () from /apps/lib/libglib-1.2.so.0
#33 0xff0e87e4 in g_main_run () from /apps/lib/libglib-1.2.so.0
#34 0xff2522dc in gtk_main () from /apps/lib/libgtk-1.2.so.0
#35 0x9a1ec in main ()