Wireshark-bugs: [Wireshark-bugs] [Bug 7861] New: In Wireshark 1.8.x, code fails to check/test re
Date: Sun, 14 Oct 2012 10:29:06 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7861

           Summary: In Wireshark 1.8.x, code fails to check/test return
                    value from select()
           Product: Wireshark
           Version: 1.8.2
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Common utilities (libwsutil)
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: wp02855@xxxxxxxxx


Created attachment 9350
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=9350
Contains patch (diff -u) for addr_resolv.c in Wireshark 1.8.2

Build Information:
Build information below:

wireshark 1.8.2 (SVN Rev Unknown from unknown)

Copyright 1998-2012 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.22.1, with Cairo 1.10.2, with Pango 1.28.3, with
GLib 2.28.0, with libpcap, with libz 1.2.5, without POSIX capabilities, without
SMI, without c-ares, without ADNS, without Lua, without Python, with GnuTLS
2.8.6, with Gcrypt 1.4.6, with MIT Kerberos, without GeoIP, without PortAudio,
with AirPcap.

Running on Linux 2.6.37.6-0.7-desktop, with locale POSIX, with libpcap version
1.1.1, with libz 1.2.5, GnuTLS 2.8.6, Gcrypt 1.4.6, without AirPcap.

Built using gcc 4.5.1 20101208 [gcc-4_5-branch revision 167585].

--
In reviewing calls to select() in directory 'epan', file 'addr_resolv.c',
I found that in 3 cases, while select() is called, the return value is
not checked afterwards (in the case of failure, select() will return -1),
the patch below add the proper check for the return value from select(),
and prints a warning message to stderr via fprintf:

--- addr_resolv.c.orig  2012-10-13 13:50:29.020658440 -0700
+++ addr_resolv.c       2012-10-13 13:57:43.117532512 -0700
@@ -2510,7 +2510,10 @@
   FD_ZERO(&wfds);
   nfds = ares_fds(ghba_chan, &rfds, &wfds);
   if (nfds > 0) {
-    select(nfds, &rfds, &wfds, NULL, &tv);
+    if (select(nfds, &rfds, &wfds, NULL, &tv) == -1) { /* call to select()
failed */
+       fprintf(stderr, "Warning: call to select() failed, error is %s\n",
strerror(errno));
+       return nro;
+    }
     ares_process(ghba_chan, &rfds, &wfds);
   }

@@ -3197,7 +3200,10 @@
     nfds = ares_fds(ghbn_chan, &rfds, &wfds);
     if (nfds > 0) {
       tvp = ares_timeout(ghbn_chan, &tv, &tv);
-      select(nfds, &rfds, &wfds, NULL, tvp);
+      if (select(nfds, &rfds, &wfds, NULL, tvp) == -1) { /* call to select()
failed */
+       fprintf(stderr, "Warning: call to select() failed, error is %s\n",
strerror(errno));
+       return FALSE;
+      }
       ares_process(ghbn_chan, &rfds, &wfds);
     }
     ares_cancel(ghbn_chan);
@@ -3273,7 +3279,10 @@
   nfds = ares_fds(ghbn_chan, &rfds, &wfds);
   if (nfds > 0) {
     tvp = ares_timeout(ghbn_chan, &tv, &tv);
-    select(nfds, &rfds, &wfds, NULL, tvp);
+    if (select(nfds, &rfds, &wfds, NULL, tvp) == -1) { /* call to select()
failed */
+       fprintf(stderr, "Warning: call to select() failed, error is %s\n",
strerror(errno));
+       return FALSE;
+    }
     ares_process(ghbn_chan, &rfds, &wfds);
   }
   ares_cancel(ghbn_chan);

/* call to select() failed */
        fprintf(stderr, "Warning: call to select() failed, error is %s\n",
strerror(errno));
        return nro;
    }

In file 'capture_sync.c', a call to read() does not check
for a return value of -1 (which indicates failure), this
patch tests for this, and adds a warning message to
the code:

--- capture_sync.c.orig 2012-10-13 14:41:09.524965920 -0700
+++ capture_sync.c      2012-10-13 14:42:22.555683640 -0700
@@ -1523,6 +1523,10 @@
         /* we have a problem here, try to read some more bytes from the pipe
to debug where the problem really is */
         memcpy(msg, header, sizeof(header));
         newly = read(pipe_fd, &msg[sizeof(header)], len-sizeof(header));
+       if (newly < 0) { /* error */
+           g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_DEBUG,
+                 "read from pipe %d: error(%u): %s", pipe_fd, errno,
g_strerror(errno));
+       }
         *err_msg = g_strdup_printf("Unknown message from dumpcap, try to show
it as a string: %s",
                                    msg);
         return -1;

A 'make' of wireshark-1.8.2 produces a clean compile.

Bill Parker

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.