Wireshark-bugs: [Wireshark-bugs] [Bug 5118] New: 1.2.10 is crashing in S1AP decoder
      
      
Date: Tue, 17 Aug 2010 13:30:38 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5118 Summary: 1.2.10 is crashing in S1AP decoder Product: Wireshark Version: 1.2.10 Platform: Other OS/Version: All Status: NEW Severity: Normal Priority: Low Component: Wireshark AssignedTo: wireshark-bugs@xxxxxxxxxxxxx ReportedBy: psfales@xxxxxxxxxxxxxxxxxx Build Information: (This is the official darwin/PPC binary download from wireshark.org) 2010-08-17 15:25:06.316 defaults[32987:10b] The domain/default pair of (kCFPreferencesAnyApplication, AppleAquaColorVariant) does not exist 2010-08-17 15:25:06.368 defaults[32988:10b] The domain/default pair of (kCFPreferencesAnyApplication, AppleHighlightColor) d oes not exist ./sync_osx_look.sh: line 40: gtkrc: Permission denied wireshark 1.2.10 (SVN Rev 33656) Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled with GTK+ 2.12.10, (32-bit) with GLib 2.16.6, with libpcap 0.9.5, with libz 1.2.3, without POSIX capabilities, with libpcre 7.8, with SMI 0.4.8, with c-ares 1.5.3, with Lua 5.1, with GnuTLS 2.6.2, with Gcrypt 1.4.3, with MIT Kerberos, without GeoIP, with PortAudio V19-devel (built Nov 14 2008), without AirPcap. Running on Darwin 9.8.0 (MacOS 10.5.8), with libpcap version 0.9.5, GnuTLS 2.6.2, Gcrypt 1.4.3. Built using gcc 4.0.1 (Apple Inc. build 5488). -- The attached .cap file crashes when read using wireshark (or tshark) 1.2.10. The problem did not occur with 1.2.9 or earlier. With tshark, you must use the "-V" option to demonstrate the problem but both wireshark and tshark crash at what appears to be the same point. Starting program: /opt/exp/expmake/build/wiresharksrc/build/wireshark/.libs/lt-tshark -V -r /tmp/bad-s1ap.cap [Thread debugging using libthread_db enabled] [New Thread 1024 (LWP 9472)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1024 (LWP 9472)] 0x405201b1 in col_append_fstr (cinfo=0x0, el=38, format=0x40f1f85b "%s ") at column-utils.c:375 375 for (i = cinfo->col_first[el]; i <= cinfo->col_last[el]; i++) { (gdb) bt #0 0x405201b1 in col_append_fstr (cinfo=0x0, el=38, format=0x40f1f85b "%s ") at column-utils.c:375 #1 0x40d0d330 in dissect_sctp_chunk (chunk_tvb=0x86446f0, pinfo=0x8756ff8, tree=0x8757a68, sctp_tree=0x1000, ha=0x0, useinfo=1) at packet-sctp.c:3537 #2 0x40d0da07 in dissect_sctp_chunks (tvb=0x86446b8, pinfo=0x8756ff8, tree=0x8757a68, sctp_item=0x87575e8, sctp_tree=0x87575e8, ha=0x0, encapsulated=0) at packet-sctp.c:3697 #3 0x40d0e35d in dissect_sctp_packet (tvb=0x86446b8, pinfo=0x8756ff8, tree=0x8757a68, encapsulated=4096) at packet-sctp.c:3850 #4 0x40d0e4f0 in dissect_sctp (tvb=0x86446b8, pinfo=0x8756ff8, tree=0x1000) at packet-sctp.c:3896 #5 0x4052e076 in call_dissector_through_handle (handle=0x841cfd8, tvb=0x86446b8, pinfo=0x8756ff8, tree=0x8757a68) at packet.c:409 #6 0x4052e1cc in call_dissector_work (handle=0x841cfd8, tvb=0x86446b8, pinfo_arg=0x8756ff8, tree=0x8757a68, add_proto_name=1) at packet.c:500 #7 0x4052ea19 in dissector_try_port_new (sub_dissectors=0x1000, port=132, tvb=0x1000, pinfo=0x8756ff8, tree=0x1000, add_proto_name=4096) at packet.c:886 #8 0x4052ea71 in dissector_try_port (sub_dissectors=0x1000, port=4096, tvb=0x1000, pinfo=0x1000, tree=0x1000) at packet.c:912 #9 0x40869189 in dissect_ip (tvb=0x8644680, pinfo=0x8756ff8, parent_tree=0x8757a68) at packet-ip.c:1767 #10 0x4052e076 in call_dissector_through_handle (handle=0x82a0738, tvb=0x8644680, pinfo=0x8756ff8, tree=0x8757a68) at packet.c:409 #11 0x4052e1cc in call_dissector_work (handle=0x82a0738, tvb=0x8644680, pinfo_arg=0x8756ff8, tree=0x8757a68, add_proto_name=1) at packet.c:500 #12 0x4052ea19 in dissector_try_port_new (sub_dissectors=0x1000, port=2048, tvb=0x1000, pinfo=0x8756ff8, tree=0x1000, add_proto_name=4096) at packet.c:886 #13 0x4052ea71 in dissector_try_port (sub_dissectors=0x1000, port=4096, tvb=0x1000, pinfo=0x1000, tree=0x1000) at packet.c:912 #14 0x4076adf4 in ethertype (etype=2048, tvb=0x8644648, offset_after_etype=14, pinfo=0x8756ff8, tree=0x8757a68, fh_tree=0x8757960, etype_id=4096, trailer_id=15811, fcs_len=-1) at packet-ethertype.c:242 #15 0x40767ef1 in dissect_eth_common (tvb=0x8644648, pinfo=0x8756ff8, parent_tree=0x8757a68, fcs_len=-1) at packet-eth.c:345 #16 0x40768393 in dissect_eth_maybefcs (tvb=0x1000, pinfo=0x0, tree=0x1000) at packet-eth.c:509 #17 0x4052e076 in call_dissector_through_handle (handle=0x81fc4a8, tvb=0x8644648, pinfo=0x8756ff8, tree=0x8757a68) at packet.c:409 #18 0x4052e1cc in call_dissector_work (handle=0x81fc4a8, tvb=0x8644648, pinfo_arg=0x8756ff8, tree=0x8757a68, add_proto_name=1) at packet.c:500 #19 0x4052ea19 in dissector_try_port_new (sub_dissectors=0x1000, port=1, tvb=0x1000, pinfo=0x8756ff8, tree=0x1000, add_proto_name=4096) at packet.c:886 #20 0x4052ea71 in dissector_try_port (sub_dissectors=0x1000, port=4096, tvb=0x1000, pinfo=0x1000, tree=0x1000) at packet.c:912 #21 0x407adc64 in dissect_frame (tvb=0x8644648, pinfo=0x8756ff8, parent_tree=0x8757a68) at packet-frame.c:328 #22 0x4052e076 in call_dissector_through_handle (handle=0x81ffb28, tvb=0x8644648, pinfo=0x8756ff8, tree=0x8757a68) at packet.c:409 #23 0x4052e1cc in call_dissector_work (handle=0x81ffb28, tvb=0x8644648, pinfo_arg=0x8756ff8, tree=0x8757a68, add_proto_name=1) at packet.c:500 #24 0x4052fdbc in call_dissector_only (handle=0x0, tvb=0x1000, pinfo=0x1000, tree=0x1000) at packet.c:1803 #25 0x4052fdfc in call_dissector (handle=0x1000, tvb=0x8644648, pinfo=0x8756ff8, tree=0x8757a68) at packet.c:1816 #26 0x4052de6e in dissect_packet (edt=0x8756ff0, pseudo_header=0x1000, pd=0x86f1ed0 "", fd=0xbffff680, cinfo=0x0) at packet.c:340 #27 0x40526d77 in epan_dissect_run (edt=0x1000, pseudo_header=0x1000, data=0x1000 <Address 0x1000 out of bounds>, fd=0x1000, cinfo=0x1000) at epan.c:168 #28 0x0806896f in process_packet (cf=0x80947e0, offset=4096, whdr=0x1000, pseudo_header=0x1000, pd=0x1000 <Address 0x1000 out of bounds>) at tshark.c:2466 #29 0x0806845f in load_cap_file (cf=0x80947e0, save_file=0x0, out_file_type=4096, max_packet_count=0, max_byte_count=0) at tshark.c:2257 #30 0x08067c0a in main (argc=4, argv=0x1) at tshark.c:1565 (gdb) -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
- Follow-Ups:
- [Wireshark-bugs] [Bug 5118] 1.2.10 is crashing in S1AP decoder
- From: bugzilla-daemon
 
- [Wireshark-bugs] [Bug 5118] 1.2.10 is crashing in S1AP decoder
- From: bugzilla-daemon
 
- [Wireshark-bugs] [Bug 5118] 1.2.10 is crashing in S1AP decoder
- From: bugzilla-daemon
 
 
- [Wireshark-bugs] [Bug 5118] 1.2.10 is crashing in S1AP decoder
- Prev by Date: [Wireshark-bugs] [Bug 5115] Restore <Ctrl>A and <Ctrl>X functionality to the filter textbox
- Next by Date: [Wireshark-bugs] [Bug 5118] 1.2.10 is crashing in S1AP decoder
- Previous by thread: [Wireshark-bugs] [Bug 5117] tcp_dissect_pdus: Possible bug related to appending to COL_INFO ?
- Next by thread: [Wireshark-bugs] [Bug 5118] 1.2.10 is crashing in S1AP decoder
- Index(es):
