Wireshark-bugs: [Wireshark-bugs] [Bug 1329] New: Large HTTP PDU crashes (loop) Wireshark?
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1329
Summary: Large HTTP PDU crashes (loop) Wireshark?
Product: Wireshark
Version: 0.99.4
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: jhg@xxxxxxxxxxxxxxx
Build Information:
Version 0.99.4 (SVN Rev 19757)
Copyright 1998-2006 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.6.9, with GLib 2.6.6, with WinPcap (version unknown), with
libz 1.2.3, with libpcre 6.4, with Net-SNMP 5.3.1, with ADNS, with Lua 5.1,
with
GnuTLS 1.5.1, with Gcrypt 1.2.3, with MIT Kerberos, with PortAudio <= V18, with
AirPcap.
Running on Windows XP Service Pack 2, build 2600, with WinPcap version 3.1
(packet.dll version 3, 1, 0, 27), based on libpcap version 0.9[.x], without
AirPcap.
Built using Microsoft Visual C++ 6.0 build 8804
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
I used wireshark to capture a large HTTP download (a large JPEG).
If I have "Reassemble HTTP bodies spanning multiple TCP segments"
turned on, I can reliably put Wireshark into a 100% CPU loop
with the following steps:
1) Find the "reassembled" PDU and click on it. In my case it's
packet 336. I get a progress dialog while Wireshark assembles
the complete 4 megabyte PDU, which takes 3-4 seconds. This works.
2) In the protocol decode window, click on the "Reassembled TCP
Segments" line or the "JPEG File Interchange Format" line.
3) The progress dialog appears again, goes to 100% complete and
then disappears as expected. However, the window under the
dialog does not repaint, and CPU utilization goes to 100%
and stays there.
4) After about 5 minutes the Wireshark window repaints, but CPU
is still pegged at 100% and Wireshark does not respond.
5) This pattern repeats. Wireshark runs at 100% for between 3
and 5 minutes, then repaints. Sometimes the progress dialog
reappears, does its thing and disappears but Wireshark still
doesn't respond.
I will attach the capture file needed to reproduce this.
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.