Wireshark-dev: Re: [Wireshark-dev] FW: DISSECTOR_ASSERT_NOT_REACHED in WLCCP decode...
From: Joerg Mayer <jmayer@xxxxxxxxx>
Date: Thu, 31 May 2007 16:20:45 +0200
On Wed, May 30, 2007 at 10:18:13PM +0200, Joerg Mayer wrote:
> On Wed, May 30, 2007 at 01:15:35PM -0700, Stephen Fisher wrote:
> > > So I'm looking at the value strings, and I'm wondering why we should 
> > > terminate them with {0, NULL} and what happens if one of the value 
> > > pairs needs to be {0, "a real string"} ?
> > 
> > You can still use 0, "a real string" as one of the entries.  You just 
> > need to have 0, NULL as the final entry.  If you don't, the code will 
> > keep reading past the end and run into random memory space looking for 
> > that 0, NULL entry.
> 
> And one of those overruns might actually cause the crash you were
> talking about.

I just found another 10 Minutes to actually test the code (with the
added {0, NULL} stuff).

Please replace all FT_UINT_BYTES by FT_BYTES (you've misunderstood the
meaning of _UINT_ in that type. That will get you further (up to some
failed assertion "(guint)hfindex < gpa_hfinfo.len, which means, that
you reference a non-existent hf_ element).

Ciao
  Joerg
-- 
Joerg Mayer                                           <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.