Hi,
On the binary search thing: this is useful if you have a capture with a single
offending packet in it. Then split the capture in two (using editcap) and test
both halves. One of them breaks Wireshark, so repeat with that one, until you
have a small capture (ideally a single packet) which causes the crash. Then
drill down into that packet, checking the code path through your dissector and
see what goes wrong.
Thanx,
Jaap
siri m wrote:
Hi Jaap/Ronnie,
Yes, I have access to the custom plugin code. I am using totalview to
attach to wireshark (trying to follow similar procedure as discussed in
http://www.wireshark.org/lists/wireshark-users/200808/msg00024.html for
XP), however, totalview is unable to find debugging symbols in wireshark
that I installed from yum repository.
Should we re-compile wireshark using some debug flag, can you please let
me know what the procedure is? The backtrace that I am getting after it
core dumps is not showing any code specific to the custom
plugin..(However, the custom plugin binary has the debug symbols...):
Jaap, About the second option, to do a (binary) search for the offending
packet in a capture -- can you please elaborate on how to achieve this?
Thanks a lot for your suggestions,
On Mon, Sep 15, 2008 at 11:01 PM, ronnie sahlberg
<ronniesahlberg@xxxxxxxxx <mailto:ronniesahlberg@xxxxxxxxx>> wrote:
Do you have access to the source code?
If you do not, it may be "difficult".
On Tue, Sep 16, 2008 at 10:59 AM, siri m <svu004@xxxxxxxxx
<mailto:svu004@xxxxxxxxx>> wrote:
> Hi,
>
>
>
> Can someone give a brief summary of how to debug custom written
external
> plugins for wireshark on linux (using kdbg or gdb)? Any
suggestions would be
> helpful to debug an invalid frees that glibc is complaining in
the custom
> plugin that was written long back by someone?
>
>
>
> Thanks,
>
