Wireshark-bugs: [Wireshark-bugs] [Bug 2777] New: Memory corruption in time_secs_to_str_buf() whe
Date: Wed, 6 Aug 2008 01:05:06 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2777

           Summary: Memory corruption in time_secs_to_str_buf() when
                    compiled with GCC 4.2.3
           Product: Wireshark
           Version: SVN
          Platform: All
               URL: http://www.wireshark.org/lists/wireshark-
                    dev/200808/msg00011.html
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Medium
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: avn@xxxxxxxxxxxxxxx


Created an attachment (id=2127)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2127)
Sample capture which triggers the bug

Build Information:
wireshark 1.0.99 (SVN Rev 25940)

Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.9, with GLib 2.16.4, with libpcap 0.9.8, with libz
1.2.3.3, without POSIX capabilities, without libpcre, without SMI, without
ADNS,
without Lua, without GnuTLS, without Gcrypt, without Kerberos, without
PortAudio, without AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.

Running on Linux 2.6.24-19-generic, with libpcap version 0.9.8.

Built using gcc 4.2.3 (Ubuntu 4.2.3-2ubuntu7).


--
With -O2 optimization, GCC 4.2.3 optimizes out the 2nd check in
time_secs_to_str_buf() function ("Unable to cope with..."). Without this check,
this function exceeds the supplied buffer boundaries when called from
time_secs_to_str() function. GCC considers this conditional as dead code due to
value range propagation from the 1st check.

See the referenced URL for details.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.