Wireshark-bugs: [Wireshark-bugs] [Bug 3010] New: ate dissector bug with Gogs: proto.c.2085: fail
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3010
Summary: ate dissector bug with Gogs: proto.c.2085: failed
assertion "(guint)hfindex < gpa_hfinfo.len"
Product: Wireshark
Version: 1.0.4
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: Major
Priority: Medium
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: joel.studtmann@xxxxxxxxxx
Build Information:
Version 1.0.4 (SVN Rev 26501)
Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.12.8, with GLib 2.14.6, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8,
with ADNS, with Lua 5.1, with GnuTLS 2.3.8, with Gcrypt 1.4.1, with MIT
Kerberos, with PortAudio V19-devel, with AirPcap.
Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0.2
(packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, without
AirPcap.
Built using Microsoft Visual C++ 6.0 build 8804
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
For the short version, I’m getting the following error when I attempt to use
a Gog in the configuration file:
[Dissector bug, protocol MATE: proto.c:2085: failed assertion "(guint)hfindex <
gpa_hfinfo.len"]
A google for similar error hinted to a problem in the dissector itself when an
array is out of bounds, but C++ is not my forte. The configuration file is
extremely simple, and I get the dissector error only with the Gog stanza in
place:
Pdu rp_pdu Proto a11 Transport ip {
Extract addr From ip.addr;
Extract type From a11.type;
Extract life From a11.life;
Extract msid From a11.ext.msid;
Extract grekey From a11.ext.key;
Extract pdsn From a11.haaddr;
Extract ident From a11.ident;
};
Gop rp_signal On rp_pdu Match (addr, addr, msid, ident) {
Start (type = 1);
Stop (type = 3);
};
Gog call {
Member rp_signal (msid);
Expiration 1800;
};
Done;
Here’s what I’ve run through in the past few days:
As I needed to re-install Wireshark to enable MATE anyway, I downloaded 1.0.4,
and noted the release notes that MATE crashes were fixed in 1.0.4.
Worked through the examples / config syntax, built some PDUs, fixed the grammar
errors (dang capitalization of From, semicolons, et cetra), and was excited to
see it work
Attempted to configure a Gog, and watched the Dissector error above scroll
through the screen. Assumed it was a configuration error, so tweaked the
syntax… removed attributes.. changed keys… loosened restrictions on
Gops…all to no avail. Wireshark always gave a dissector error with Gog
stanza was enabled.
After a good night’s sleep, remembered that 1.0.4 had changes to fix some
bugs in 1.0.3.. so installed that instead. 1.0.3 kinda worked… sometimes.
Some files wouldn’t open, while copies of those files (or filtered versions
of the original files, would.. or wouldn’t) Rebooted. Some worked, some
didn’t. Some files wouldn’t open with double-click, but would if wireshark
was opened first.
When it did open, I didn’t get a dissector error, but individual legs of the
Gop weren’t included into Gog; figured out default timer of 2 seconds was
creating new Gog, so figured out how to do that. (BTW: the Expiration can’t
be the first part of the Gog, but works as last line.)
1.0.3 continued to crash more often than not, so I downloaded latest Visual C++
runtime, and tried 1.0.4 again. Crashes stopped, but I get a dissector error
on every PDU again when it attempts to do a Gog.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.