Wireshark-dev: Re: [Wireshark-dev] RFD: Limiting scope of ep_ memory
From: Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx>
Date: Mon, 22 Oct 2012 19:31:48 +0200
On Mon, Oct 22, 2012 at 12:33:59PM -0400, Evan Huus wrote:
> Perhaps ep_free_all() should be called in epan_dissect_cleanup() and
> epan_dissect_reset() instead of at the end of epan_dissect_run()?

Well it would fix bug #7892, but think about scenario:

1/ load capture file
2/ select some packet, assume for this packet pinfo->net_src.data is ep_ allocated
3/ scroll packet list
  a/ it will trigger packet dissection for unknown columns
  b/ after dissection epan_dissect_cleanup() gets called
4/ crash when cfile.edt->pi.net_src.data is accessed