Wireshark-bugs: [Wireshark-bugs] [Bug 7436] Single packet capture takes 10 CPU-seconds to decode
Date: Thu, 5 Jul 2012 13:05:17 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7436

Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |darkjames-ws@xxxxxxxxxxxx

--- Comment #7 from Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx> 2012-07-05 13:05:17 PDT ---
(In reply to comment #5)
> Is this right? In the sample, "0x6a617200" is "jar\000", i.e. the end of the
> filename in the OPEN request. However, your version does indeed take 2.4x
> longer to run (0xffffffff/0x6a617200). I don't understand how part of the
> filename is ending up as a loop counter.

Good point, when there's no tree then offset from some function is not properly
returned (like in dissect_nfs_open_claim4, dissect_nfs_openflag4).

There's actually no CREATE_SESSION in packet, so dissect_rpc_chanattrs4()
should not be called in first place.

Jeff, I'm going to fix it and close this bug
I can try to craft malformed packet with CREATE_SESSION and add to another bug
(like bug #3290?), it's fine for you?

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.